JParra72
asked on
Outlook 2007 RPC over HTTP Not Working
Hello,
We have 2 other PCs set up with RPC over HTTP running Outlook 2007, which are working fine. However, there is one that keeps getting the error "The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action." when the username and password are entered.
I followed the same steps I did on the other 2 PCs that are working fine. There is no encryption.
Thank you for your help.
We have 2 other PCs set up with RPC over HTTP running Outlook 2007, which are working fine. However, there is one that keeps getting the error "The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action." when the username and password are entered.
I followed the same steps I did on the other 2 PCs that are working fine. There is no encryption.
Thank you for your help.
ASKER
All 3 PCs are outside of the domain. Meaning, they are offsite not in our office. That's why they need to use RPC over HTTP.
Thanks!
Thanks!
I thought owa mandates the use of ssl for rpc over http
If be looking at certificate trust.
FYI the computers being outside the domain is no excuse for a poorly implemented exchange server.
When configured correctly outlook does not care if the machine is joined to the domain or not. It makes no difference
If be looking at certificate trust.
FYI the computers being outside the domain is no excuse for a poorly implemented exchange server.
When configured correctly outlook does not care if the machine is joined to the domain or not. It makes no difference
ASKER
Why would it work on one PC and not on the other? If it works on one PC then everything should be ok, right? On the PC with the issue, the security certificate is installed. I verified this using certmgr.msc, it is installed in the "Trusted Root Certification Authority" folder.
When I was setting up the profile manually, in the connection tab, the checkbox regarding encryption is unchecked because that is the way the others are set up and working.
Thanks
When I was setting up the profile manually, in the connection tab, the checkbox regarding encryption is unchecked because that is the way the others are set up and working.
Thanks
You should have settings on your rpc endpoint matching your client
Typically your authentication should be set to basic and the proxy settings set to SSL you can turn off certificate verification etc...
Open the proxy address in IE
do you get a certificate error?
Does the iis server serve a page??
You might have to check the advanced tab in the ie settings, go to security, and check your ciphers
SSL 2 / 3 have vulnerabilities and should not be used inside of testing so enable them along with tls 1,1.1,1.2. Restart and test your outlook client
If that works you need to fix your cipher suites and disable ssl on your server while keeping Tls enabled
Http://www.ssllabs.com is a good resource for testing the strength of your ssl implementation
As far as your certificates go are they CA issued? Or self signed?
Are they public CA or Enterprise CA
Typically your authentication should be set to basic and the proxy settings set to SSL you can turn off certificate verification etc...
Open the proxy address in IE
do you get a certificate error?
Does the iis server serve a page??
You might have to check the advanced tab in the ie settings, go to security, and check your ciphers
SSL 2 / 3 have vulnerabilities and should not be used inside of testing so enable them along with tls 1,1.1,1.2. Restart and test your outlook client
If that works you need to fix your cipher suites and disable ssl on your server while keeping Tls enabled
Http://www.ssllabs.com is a good resource for testing the strength of your ssl implementation
As far as your certificates go are they CA issued? Or self signed?
Are they public CA or Enterprise CA
"it is installed in the "Trusted Root Certification Authority" folder."
That sounds like you are using an internally issued certificate or the self signed certificate generated by Exchange, as there should be nothing to install on the clients.
Outlook Anywhere is not supported with the self signed certificate generated by Exchange 2007 and higher.
Furthermore, if you are using Exchange 2007 you should check that Autodiscover is working correctly.
If you aren't using a trusted SSL certificate, I suggest that you deploy one.
That sounds like you are using an internally issued certificate or the self signed certificate generated by Exchange, as there should be nothing to install on the clients.
Outlook Anywhere is not supported with the self signed certificate generated by Exchange 2007 and higher.
Furthermore, if you are using Exchange 2007 you should check that Autodiscover is working correctly.
If you aren't using a trusted SSL certificate, I suggest that you deploy one.
ASKER
The server is Exchange 2003
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
that 3rd computer is same as 2 other, domain joined or not? On same network, same DNS settings?
Regards,
Ivan.