Cant configure outlook 2010 with exchange 2013

Hi All
I am in the process of deploying exchange 2013. I have used your videos to learn about exchange 2013.

I have a vm environment in which i have 2 2012 DC's and 2 exchange servers. one is 2010 and the other is 2013.

My challenge is that i am unable to connect via outlook on exchange server 2013 itself. It first said there is no default gateway so i followed experts exchange suggestion to change registry which didnt help.

When i try to configure outlook Auto account setup is able to find my username with email address. After this i click next and i get a security certficate error indicating the name on the security certificate is invalid or does not match the name of the site. i click yes to proceed. After this it gives me the following

"The action cannot be completed. The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action"

If i click ok, i get a sid like number @mydomain.com. clicking ok results in logon to server with a cross sign. thus i am unable to proceed any further

Requesting assistance on this please. Thanks in advance for your assistance.



The suggestion from expert exchange was as follows
Click Start, click Run, type regedit in the Open box, and then click OK.
Locate and then click the following subkey:
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\RPC
On the Edit menu, point to New, and then click DWORD Value.
Type DefConnectOpts, and then press ENTER.
Right-click DefConnectOpts, and then click Modify.
In the Value data box, type 0, and then click OK.
Exit Registry Editor.
Member_2_6474242Senior Systems AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

WiReDWolfCommented:
Outlook 2010 is compatible with Exchange 2013.  That's not a problem.

You've given a fair bit of information, but one question that first came to mind is - why two exchange servers and how are they aware of one another?  Are the exchange servers on the same domain?  

Your core issue seems to be with Autodiscover.  When you're setting up the account in Outlook, the client is going to search the mail domain for an Exchange server.  The Autodiscover process is to query a series of possible domain connections (autodiscover.domain.com for example) looking for an Exchange server then looking for a matching username/account, validating credentials, then sending the mail configuration for that account back to Outlook.

If it's breaking for you, with your scenario of 2 exchange servers, there could be a lot of things going on.  The first thing I would do is check the Autodiscover configuration using an online tool from Microsoft:

http://www.testexchangeconnectivity.com/

Try both ActiveSync and ActiveSync Autodiscover.

Another simple test is to see if OWA is working and if it's working on BOTH Exchange servers for that account.  Autodiscover may be finding the account but then directing the client to the wrong Exchange server.
0
WiReDWolfCommented:
By the way, if this is a production environment you should be installing a valid certificate to both Exchange servers.  Self-Signed certificates are generally rejected by clients and can make setting something like this up a total nightmare.  Do you have a valid certificate for your 2010 Exchange instance?
0
IvanSystem EngineerCommented:
Hi,

when doing Exchange 2010 to 2013 migration, you should:

1. Deploy (usually) same certificate, and attach it to same services in Exchange 2013. At least IIS
    Log into EMC - Servers - Certificates - edit - services ..select.  Select IIS. If required select SMTP/POP3/IMAP4
    Restart IIS cmd> iisreset /noforce

2. Either disable autodiscover, so that it does not pull your clients to Exchange 2013, until it has valid certificate, and after you have it, reconfigure it to use same name as old exchange. If you don't, then all clients, even those who are on 2010 could get certificate warning  during outlook start up.

To disable it on 2013:
[PS] C:\> Set-ClientAccessServer -Identity “2013srv_name” -AutoDiscoverServiceInternalUri $NULL
To enable it after you have certificate:
[PS] C:\>Set-ClientAccessService –identity 2013srv_name -autodiscoverserviceinternaluri "https://mail.spriggan.in.rs/autodiscover/autodiscover.xml

3. Reconfigure DNS settings so that autodiscover and Outlook Anywhere point to 2013 and not 2010 server. Exchange 2013 can proxy or redirect traffic to Exchange 2010, but 2010 cannot do it to 2013, so that is why all traffic should point to new server.

4. Reconfigure Outlook Anywhere on 2010. Make sure Outlook Anywhere on Exchange 2010 is configured to support NTLM authentication.
If it is set for Basic, configure it with Basic+NTLM

To check settings:
[PS] C:\>Get-ExchangeServer | Where {$_.AdminDisplayVersion -like "*14.*" -and $_.IsClientAccessServer} | Get-OutlookAnywhere | fl servername,externalhostname,*auth*
To reconfigure, if it is not set up as it should be:
[PS] C:\>Get-ExchangeServer | Where {$_.AdminDisplayVersion -like "*14.*" -and $_.IsClientAccessServer} | %{Set-OutlookAnywhere "$_\RPC (Default Web Site)" -IISAuthenticationMethods Basic,NTLM}

After you have done all this, then start Outlook, and try to connect to 2013 with user who has been created on new server.

Regards,
Ivan.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Member_2_6474242Senior Systems AdministratorAuthor Commented:
Hi WiReDWolf

question why two exchange servers and how are they aware of one another? How can i find this out. Please note this is in test environment. Both exchange servers are on the same domain. I dont have access to internet on my vm environment as it includes a dumb switch connected to 2 of my dcs, one exchange 2010 and one exchange 2013 server

OWA is working fine without any issues
0
Member_2_6474242Senior Systems AdministratorAuthor Commented:
Hi Ivan

I will try the things you have stated. All my users mailbox have been migrated to exchange 2013.
0
Member_2_6474242Senior Systems AdministratorAuthor Commented:
Hi WiReDWolf

OK after checking i can confirm it does not work on exchange 2010 but it does work on exchange 2013 for owa. If i put in the exchange 2010 url the form comes up to login. when i login it tells me to use the following link to open this mailbox with the best performance and it states the public domain url as that is what i stated for owa. It does work when i login
0
Member_2_6474242Senior Systems AdministratorAuthor Commented:
Hi Ivan

Upon trying first step i get an error when i try to import the exchange certificate to exchange 2013. Error: The imported certificate file for the server s failed to access for the following reason: Access to the path "servername\share" is denied
 Deploy (usually) same certificate, and attach it to same services in Exchange 2013. At least IIS
    Log into EMC - Servers - Certificates - edit - services ..select.  Select IIS. If required select SMTP/POP3/IMAP4
    Restart IIS cmd> iisreset /noforce

I have a disabled autodiscover
 Set-ClientAccessServer -Identity “2013srv_name” -AutoDiscoverServiceInternalUri $NULL


3. All traffice goes to exchange 2013
 Reconfigure DNS settings so that autodiscover and Outlook Anywhere point to 2013 and not 2010 server. Exchange 2013 can proxy or redirect traffic to Exchange 2010, but 2010 cannot do it to 2013, so that is why all traffic should point to new server.

4. Used the following
[PS] C:\>Get-ExchangeServer | Where {$_.AdminDisplayVersion -like "*14.*" -and $_.IsClientAccessServer} | %{Set-OutlookAnywhere "$_\RPC (Default Web Site)" -IISAuthenticationMethods Basic,NTLM}

How can i fix the import error
0
WiReDWolfCommented:
Starting with Exchange 2013 you do have to import your certificate from a network share.  Even if that share is on the same box as Exchange, the certificate must be imported from a network share (\\servername\share\cert.cer).  With 2010 you didn't have to do that, you could import the certificate from the local file system.  I have no idea why Microsoft did that.  You only need read access to the share to import the certificate.

If this is a test environment and you don't need two exchange servers, get rid of the 2010.  If you've already migrated all the mailboxes and Public Folders, decommission the older Exchange instance and remove it from Active Directory properly.  There's plenty of online documentation to help you do that.

I'm not really understanding how your VM environment doesn't have internet because of dumb switches connected to 2 DC's.  Or how you plan to test your exchange setup...

You should add DNS A records to your domain
autodiscover.exchangeserver.com
exchange.exchangeserver.com

In your test environment you should make sure your workstations only use DNS from your DC's.  In a production environment it's the same, actually.
0
Member_2_6474242Senior Systems AdministratorAuthor Commented:
The file that i have is type security certificate and the extension is .crt Should this be ok?

I am in the process of decommissioning exchange 2010

I'm not really understanding how your VM environment doesn't have internet because of dumb switches connected to 2 DC's.  Or how you plan to test your exchange setup...
OK for above i am in vm environment with a dumb switch connected to 2 dcs, exchange2010 and exchange2013 server
Do i need internet access to test it, please confirm

i have already added
You should add DNS A records to your domain
autodiscover.exchangeserver.com
exchange.exchangeserver.com
0
Member_2_6474242Senior Systems AdministratorAuthor Commented:
i had tried to go to servername/certsrv. i get the error the directory or file specified does not exist on the web server. i have tried with http as well as https error code 0x80070002. the virtual directory does not exist on the server

How can i solve this?
0
Member_2_6474242Senior Systems AdministratorAuthor Commented:
I am going to format and reinstall the server
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
WiReDWolfCommented:
Sorry, but it's hard to figure out what you're doing in your lab/test environment.  There are a lot of moving parts with AD and Exchange.  For a test environment I'm not even sure why you'd need a signed certificate - the default self-signed certificate would do.  It's especially odd that you would not have internet access to any of it.

I think starting over is a good idea, and not installing 2 different versions of Exchange is also a good idea.  Get your AD environment working, then on a separate server install Exchange 2013.  

As long as you are starting over, and you aren't connected to the internet, I'd also suggest using a proper FQDN for your AD environment.  One mistake I have seen is where admins set the local domain to "domain" without an extension.  Since 2015 you cannot get certificates for .loc or .local, only publicly recognized domain roots such as .com, .net, etc., so if there's no chance of a domain name conflict, use a legitimate domain.  Saves having to run split DNS and messing around with certificates and virtual directories with the wrong name.

By the way - it's not that hard to delete and recreate the Exchange virtual directories, but when migrating between exchange servers the AD environment wants to know which one to use, from which server, which is why it's important (and simpler) to remove/decommission the older Exchange instance.

Good luck!
0
Member_2_6474242Senior Systems AdministratorAuthor Commented:
solutions did not work out
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Virtualization

From novice to tech pro — start learning today.