Outlook Anywhere does not work
Hi Guys,
I've configure Outlook Anywhere several times in my lab.
This is my lab:
DC: dc2007.contoso.com windows server 2008 sp2, with CA 10.0.0.1 IPV6 diabled
exchange: exchange2007.contoso.com windows 2008 SP2, exchange 2007 SP2 with CAS,HUB,MAILBOX 10.0.0.2 IPV6 diabled
XP: XP SP2 with office 2007 sp2
I followed with white paper: exchange 2007 autodiscover service
http://technet.microsoft.com/en-us/library/bb332063.aspx
Scenario 1: How to Use a Certificate That Supports Multiple DNS Names
1,create a certificate request:
New-ExchangeCertificate -GenerateRequest -DomainName exchange2007.contoso.com, autodiscover.contoso.com -PrivateKeyExportable:$True -Path c:\certreq.txt
2: import the certificate and enable it
Import-ExchangeCertificate -Path <full path to cert file> | Enable-ExchangeCertificate -Services "IIS,SMTP,POP,IMAP"
3,remove the self-sign certificate
4,enable the Outlook Anywhere with basic auth and external host name is exchange2007.contoso.com in EMC and restart the exchange server
5,log on to server, check the configuration.
Test-outlookwebservices seems no error(I haven't configure external url):
Id : 1003
Type : Information
Message : About to test AutoDiscover with the e-mail address steve.XXX @ contoso
.com.Id : 1007
Type : Information
Message : Testing server exchange2007.contoso.com with the published name https://exchange20007.
contoso.com/EWS/Exchange.asmx & .Id : 1019
Type : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
URL on this object is https://exchange20007.contoso.com/Autodiscover/Autodisc
over.xml.Id : 1006
Type : Information
Message : The Autodiscover service was contacted at https://exchange2007.contoso.com/Au
todiscover/Autodiscover.xml.Id : 1016
Type : Success
Message : [EXCH]-Successfully contacted the AS service at https://exchange2007.contoso.
com/EWS/Exchange.asmx. The elapsed time was 140 milliseconds.Id : 1015
Type : Success
Message : [EXCH]-Successfully contacted the OAB service at https://exchange2007.contoso
.com/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.Id : 1014
Type : Success
Message : [EXCH]-Successfully contacted the UM service at https://exchange2007.contoso.
com/UnifiedMessaging/Service.asmx. The elapsed time was 40 millisecon
ds.Id : 1016
Type : Information
Message : [EXPR]-The AS is not configured for this user.Id : 1015
Type : Information
Message : [EXPR]-The OAB is not configured for this user.Id : 1014
Type : Information
Message : [EXPR]-The UM is not configured for this user.Id : 1017
Type : Success
Message : [EXPR]-Successfully contacted the RPC/HTTP service at https://exchange2007.co
ntoso.com/Rpc. The elapsed time was 20 milliseconds.Id : 1006
Type : Success
Message : The Autodiscover service was tested successfully.
6, I don't know it is necessary to configurate the DNS record because I host my web on Default web site , but I set one cname record:
autodiscover Alias(cname) exchange2007.contoso.com(10.0.0.2)
And I find the contoso.com is point to DC's IP(10.0.0.1) by default.
I can ping contoso.com and autodiscover.contoso.com successful from client
Could you tell me the right DNS settings of two different web host(at default web site and single site)?
7,open outlook in client.It can be finished the configuration with autodiscover service. And I send a test mail to myself and success.
8,But when I change the setting in Exchange Proxy settings with choose the " on fast networks,...",
close the outlook and reopen it and enter password . I check the connection status, I find the Directory conn is TCP/IP, and mail is https.
I think this is not correct. Did I make a wrong test?
Thanks in advance.- Edited byyoyo.frank Saturday, November 07, 2009 1:31 PM
- Edited byyoyo.frank Saturday, November 07, 2009 3:44 PM
- Edited byyoyo.frank Sunday, November 08, 2009 6:25 AM
All Replies
- To me it looks like , you have almost done the correct configuration. Are you doing AutoDiscover or doing Manual configuration of the OL (by checking the option Manually configure the setting or additional server types) ??
also normally "on fast networs..................." , should not be checked. As the name suggests (rpc over https), it willl always try to connect to exchange on http.
For a complete test try https://www.testexchangeconnectivity.com/ and also Test autoE-MAil configuration from the outlook icon.
Raj - Thanx Raj.The client is domain-joined computer. And outlook use autodiscover to get settings.
When I use "Test Email Autoconfiguration". I check the response seems correct.(Two Protocol: Exchange RPC and Exchange HTTP)
Sorry I cannot test in https://www.testexchangeconnectivity.com/ because this is a test lab.
I choose on fast networks... , because I just want to test the Outlook Anywhere can work whether or not.
When I choose this and client is in LAN, the connection status is :
Server name Type conn
dc2007.contoso.com Directory TCP/IP
exchange2007.contoso.com Mail HTTPS
I believe the right connection to Directory should also be HTTPS.
In order to test in the external network, i change the client IP address in external network, and I add an Windows server 2003 to act as an router.
disable the connection from client to DC, enable the connection from the client to Exchange server.
I also add 3 record of hosts file in client computer:
exchange2007.contoso.com, contoso.com, autodiscover.contoso.com to point to Exchange server IP (10.0.0.2)
After I open the outlook, enter the password, check the connection status:
Server name Type conn
exchange2007.contoso.com Directory TCP/IP
exchange2007.contoso.com Mail HTTPS
I use "Test Email Autoconfiguration" again, and It is done without error.
So I make another test, I delete the outlook profile and want to test the autodiscover.
I open the outlook, enter the name of profile, outlook cannot find the name and mail E-mail address, so I manually enter the name and mail address and password, click the Next, the Outlook show the error: An encrypted connection to your mail server is not available. click next...
I think maybe this is a certificate problem , so I request a new certificate, add another domain name in it.
-DomainName exchange2007.contoso.com,contoso.com,autodiscover.contoso.com
Still the same error. An encrypted connection to your mail server is not available.
Thanks. - the best testing for outlook any where can be donw only from external machines (not the domain joined ones). You need to test from internet.
Raj - Thanks Raj.
I add another client(xp sp2 with office 2007 sp2), and this one is not domain joined. The IP of the client is also in External Network(10.0.1.2/24).
Because I have added a windows server act as a router, maybe I can regard the client as internet one.
I downed the root CA and installed it.
add record in client's hosts file.
I open the outlook, enter the name,mail address,password, click next,
But after "search for ***.***@contoso.com server setting", It prompt to let me enter the password again, and I enter the password,
there is an error: The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action"
And It stop at "log on to server".
I search this error on Internet,but I can find nothing helpful information.
Thanks again. - Just check from here with manual confiuration of outlook and see if that can do a check name for you. If yes, then probabaly autodiscover and availability service is not working as expected.
Raj Hi Raj,
Yes. After I click the OK when "The connection to Microsoft Exchange is unavailable", there is a "Microsoft Exchange" with General Tab prompted.
Microsoft exchange server is "exchange2007.contoso.com", Mailbox is "=SMTP:exadmin@contoso.com",I click the "check name",
There is an error: "The name cannot be resolved.The connection to Microsoft Exchange is unavailable.Outlook must be online or connected to complete this action"
By the way, I test the RpcPing, and success.
Thanks.Can you check if the SMTP address is properly stamped for the user with whom you are doing the testing. Looks like the request reached the exchange server and then some how it was not authticated. Also check if the OL is not in offline mode.
Raj- Hi,
I use the contoso\exadmin to test . This account is organization admin.
When I try to open Https://contoso.com/autodiscover/autodiscover.xml in the client, and enter the user name: contoso\exadmin and password.
There is an error code: 600 and invalid request.
I think this is excepted behavior.
When I enter https://exchange2007.contoso.com/rpc and https://exchange2007.contoso.com/rpc/rpcproxy.dll,
after enter the usename and password, a blank web page with no error. The status bar show "Done".
Thanks. Hi Frank,
Based on your description, the Outlook Client is able to connect to Exchange Information Store through RPC over HTTPs. Nevertheless, the Outlook client is not able to connect to Directory Service through RPC over HTTPs.
Firstly, please let me know whether you have performed following steps in following article to disable IPv6:
Outlook Anywhere Client Connectivity Issue Because of TCP/IPv6
http://technet.microsoft.com/en-us/library/cc671176.aspx
Note: Please refer to section “To disable TCP/IPv6 in a single-server topology where the Client Access server role is running on the same Exchange server as the Mailbox server role”
Mike Shen
TechNet Subscriber Support in forum
If you have any feedback on our support, please contact tngfb @ microsoft.com
~~~~~~~~~~~~~~~~
- Hi Mike,
Thanks for your reply.
I have read this article ago. But the note of article said: If you have installed Update Rollup 4 for Exchange Server 2007 Service Pack 1 or a later version, do not follow the procedure that is described in this topic.
I installed the Exchange 2007 SP2. So I just disabled the IPv6 in network connections.
Do you want me to follow the article?
Thanks. Hi Frank,
Yes, I still suggest you perform the steps in the article to modify host file in order to disable IPv6.
If the issue persists, would you please let me know whether you have run following commands on the Exchange server to test Outlook Anywhere connection issue:
The port 6001 is listened by the Information Store Service:
RpcPing –t ncacn_http –s ExchangeMBXServer –o RpcProxy=RpcProxyServer –P “user,domain,password” –I “user,domain,password” –H 1 –F 3 –a connect –u 10 –v 3 –e 6001
The port 6002 is listened by DS Referral service
RpcPing –t ncacn_http –s ExchangeMBXServer –o RpcProxy=RpcProxyServer –P “user,domain,password” –I “user,domain,password” –H 1 –F 3 –a connect –u 10 –v 3 –e 6002
The port 6004 is listened by DS Proxy Service
RpcPing –t ncacn_http –s ExchangeMBXServer –o RpcProxy=RpcProxyServer –P “user,domain,password” –I “user,domain,password” –H 1 –F 3 –a connect –u 10 –v 3 –e 6004
Mike
Thanks,- Hi Mike,
I run the three command first. The 1st and 2nd run successful, but the 3rd one runs with error "Exception 1722".
So I follow the article to change the hosts file ,then run the command again with success. After that, when I choose the "on fast netword..." in outlook
which is domain connected & domain joined,and reopen the outlook, It works!!! Show all "HTTPS"! I am so happy! I spend about one month on it!
I just don't understand why Microsoft not update the TechNet article timely(it suits to SP2 too).
And I move the computer to External network, after add a record "10.0.0.2 exchange2007.contoso.com ", It works also.
After that,I add another domain-disjoined client to the internal network. It works also.
But, could you advice me how do I set the DNS for domain-disconnected & domain-disjoined computer, I change a lot in host file,
like 10.0.0.2 contoso.com,[10.0.0.2 autodiscover.contoso.com],10.0.0.2 exchange2007.contoso.com.
But I cannot connect to exchange at all. Error "The connection to Microsoft Exchange is unavailable" as I said before.
And if I delete the entry 10.0.0.2 contoso.com ,the error"An encrypted connection to your mail server is not available", and also not prompt to let me enter the username and password.
And you could tell me the settings on DNS server is better.
DNS server record now is :
contoso.com 10.0.0.1
dc2007.contoso.com 10.0.0.1
exchange2007.contoso.com 10.0.0.2
autodiscover.contoso.com 10.0.0.2
Thanks again.
