Solved

Outlook 2007 RPC over HTTP Not Working

Posted on 2016-08-24
8
79 Views
1 Endorsement
Last Modified: 2016-09-11
Hello,

We have 2 other PCs set up with RPC over HTTP running Outlook 2007, which are working fine.  However, there is one that keeps getting the error "The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action." when the username and password are entered.

I followed the same steps I did on the other 2 PCs that are working fine.  There is no encryption.

Thank you for your help.
1
Comment
Question by:JParra72
8 Comments
 
LVL 16

Expert Comment

by:Ivan
ID: 41769457
Hi,

that 3rd computer is same as 2 other, domain joined or not? On same network, same DNS settings?

Regards,
Ivan.
0
 

Author Comment

by:JParra72
ID: 41769458
All 3 PCs are outside of the domain.  Meaning, they are offsite not in our office.  That's why they need to use RPC over HTTP.

Thanks!
0
 
LVL 7

Expert Comment

by:Scobber
ID: 41770437
I thought owa mandates the use of ssl for rpc over http

If be looking at certificate trust.

FYI the computers being outside the domain is no excuse for a poorly implemented exchange server.
When configured correctly outlook does not care if the machine is joined to the domain or not. It makes no difference
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:JParra72
ID: 41770505
Why would it work on one PC and not on the other?  If it works on one PC then everything should be ok, right?  On the PC with the issue, the security certificate is installed.  I verified this using certmgr.msc,  it is installed in the "Trusted Root Certification Authority" folder.

When I was setting up the profile manually, in the connection tab, the checkbox regarding encryption is unchecked because that is the way the others are set up and working.

Thanks
0
 
LVL 7

Expert Comment

by:Scobber
ID: 41770519
You should have settings on your rpc endpoint matching your client
Typically your authentication should be set to basic and the proxy settings set to SSL you can turn off certificate verification etc...

Open the proxy address in IE
do you get a certificate error?
Does the iis server serve a page??

You might have to check the advanced tab in the ie settings, go to security, and check your ciphers

SSL 2 / 3 have vulnerabilities and should not be used inside of testing so enable them along with tls 1,1.1,1.2. Restart and test your outlook client

If that works you need to fix your cipher suites and disable ssl on your server while keeping Tls enabled

Http://www.ssllabs.com is a good resource for testing the strength of your ssl implementation


As far as your certificates go are they CA issued? Or self signed?
Are they public CA or Enterprise CA
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 41770549
"it is installed in the "Trusted Root Certification Authority" folder."

That sounds like you are using an internally issued certificate or the self signed certificate generated by Exchange, as there should be nothing to install on the clients.

Outlook Anywhere is not supported with the self signed certificate generated by Exchange 2007 and higher.
Furthermore, if you are using Exchange 2007 you should check that Autodiscover is working correctly.

If you aren't using a trusted SSL certificate, I suggest that you deploy one.
0
 

Author Comment

by:JParra72
ID: 41787926
The server is Exchange 2003
0
 
LVL 7

Accepted Solution

by:
Scobber earned 500 total points
ID: 41789140
Shouldn't matter, open internet information services and check the auth settings on your virtual directories.

Usually it will be either basic or ntlm

Basic forces SSL ntlm does not

Don't use digest

How's your patches going? At some point Windows won't trust 1024 bit SSL and this needs to be fixed

Anther potential problem is deprecation of security ciphers
https://community.qualys.com/thread/14251

For example

If SSL 3 has been disabled on the client due to its weakness and your server wants SSL 3 clients won't connect

These are the pains of using out of support software
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you irritated by repeating emails issue in Microsoft Outlook 2016 after recent update ?  Lets’ see how to resolve and prevent duplicate emails in the Outlook 2016 using some simple techniques.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video discusses moving either the default database or any database to a new volume.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question