none
Exchange 2k7 outlook anywhere will not function. RRS feed

  • Question

  • Exchange 2007 on a virtual box win 2003 r2 enterprise 64 bit.

    I can get a client machine that is on our network to gain acces to exchange with outlook 2007, but when they go home it will just keep prompting for user creditials.

    Ran remote Connectivity analyzer and that test failed

    Testing HTTP Authentication Methods for URL https://server.domain/rpc/rpcproxy.dll.
      The HTTP authentication test failed.
     
    Additional Details
     

    Exception details:
    Message: The underlying connection was closed: The connection was closed unexpectedly.
    Type: System.Net.WebException
    Stack trace:
    at System.Net.HttpWebRequest.GetResponse()
    at Microsoft.Exchange.Tools.ExRca.Extensions.RcaHttpRequest.GetResponse()

    all other phase of the test passed including certificates.

    I am new to this forum and also to exchange any guidance would be greatfull.

    Tuesday, August 16, 2011 7:13 PM

Answers

  • Hello,

     

    Based on the error message you provided, it seems there are incoorect settings on the RPC Virtual Directory. Try checking the following points:

     

    1. Disable anonymous authentication on RPC virtual directory.

    2. Run the following command to set the CertPrincipalName to NONE

     

    Set-OutlookProvider EXPR  -CertPrincipalName NONE

     

    After that, try accessing the RPCproxy VD from IE:

     

    https://proxyservername/rpc/rpcproxy.dll

     

    Check for the IIS log to see the detailed error code:

     

    [Check the IIS log]

    ==============

    One the Exchange Client Access Server, locate the folder “c:\inetpub\logs\logfiles\W3SVC1” (If the IIS log is not enabled, please enable it and try to reproduce this issue.)

     

    Thanks,

    Simon

    Thursday, August 18, 2011 9:39 AM
    Moderator

All replies

  • Do you have a reverse proxy and have you published OA?
    Tuesday, August 16, 2011 7:31 PM
  • OA is enabled with an external host name and I did add a redirect for those who forgot to type https: but i added that to wwwroot for the exchange server. Can this cause an issue??
    Tuesday, August 16, 2011 7:45 PM
  • what types of authentication do you have checked for rpc virtual directory ?
    Tuesday, August 16, 2011 7:52 PM
  • Im not sure. Can you give me directions on where to go to check.

    Tuesday, August 16, 2011 8:09 PM
  • Open IIS and navigate to RPC and click on authentication and see what authentication is checked - basic, integrated. Do you have anonymous enbled?
    Tuesday, August 16, 2011 8:14 PM
  • there are two. RPC is set to enable anonymous access and basic authentication.

    RpcWithCert nothing is set.

    Tuesday, August 16, 2011 8:21 PM
  • Uncheck anonymous and restart IIS then test the exchange connectivity with ERCA
    Tuesday, August 16, 2011 8:38 PM
  • erca passed now but outside outlook users still cant get connected.
    Tuesday, August 16, 2011 8:57 PM
  • Any errors that user is getting when accessing OA externally?

    Do you have a reverse proxy you are using to publish OA like ISA or TMG? If so what is the configuration?

    Please post what is IIS configuration for RPC?

    Run the following get-OutlookAnywhere | fl and post it.

    Wednesday, August 17, 2011 2:58 PM
  • no errors just ask them for creditials over and over.

    no proxy. 

    not sure what you want to know on IIS config for RPC?? Sorry for my lack of knowledge.

     

    get-OutlookAnywhere | fl:

     

    ServerName : MAIL2

    SSLOffloading : False

    ExternalHostname : mail.pittsburgisd.net

    ClientAuthenticationMethod : Basic

    IISAuthenticationMethods : {Basic}

    MetabasePath : IIS://MAIL2.pittsburgisd.net/W3SVC/1/ROOT/Rpc

    Path : C:\WINDOWS\System32\RpcProxy

    ExtendedProtectionTokenChecking : None

    ExtendedProtectionFlags : {}

    ExtendedProtectionSPNList : {}

    Server : MAIL2

    AdminDisplayName :

    ExchangeVersion : 0.1 (8.0.535.0)

    Name : Rpc (Default Web Site)

    DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocol s,CN=MAIL2,CN=Servers,CN=Exchange Administrat ive Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Pittsburg ISD,CN=Microsoft Exchang e,CN=Services,CN=Configuration,DC=pittsburgis d,DC=net

    Identity : MAIL2\Rpc (Default Web Site)

    Guid : 487a2b86-6511-462d-9260-faa677a7482f

    ObjectCategory : pittsburgisd.net/Configuration/Schema/ms-Exch -Rpc-Http-Virtual-Directory

    ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVi rtualDirectory}

    WhenChanged : 8/16/2011 4:59:07 PM

    WhenCreated : 8/15/2011 3:35:51 PM OriginatingServer :

    e-mail.pittsburgisd.net

    IsValid : True

    Wednesday, August 17, 2011 4:24 PM
  • If you don't want prompts then you need to configure windows integrated and NTLM authentication. This works only if the users workstation is part of domain.

    see http://exchangeserverpro.com/how-to-configure-exchange-server-2010-outlook-anywhere

    Wednesday, August 17, 2011 4:50 PM
  • I fine with it prompting you for a username and password but it will not ever open a connection with the exchange server when they are outside the network. I want non domain users to be able to access the server also.
    Wednesday, August 17, 2011 5:02 PM
  • Hello,

     

    Based on the error message you provided, it seems there are incoorect settings on the RPC Virtual Directory. Try checking the following points:

     

    1. Disable anonymous authentication on RPC virtual directory.

    2. Run the following command to set the CertPrincipalName to NONE

     

    Set-OutlookProvider EXPR  -CertPrincipalName NONE

     

    After that, try accessing the RPCproxy VD from IE:

     

    https://proxyservername/rpc/rpcproxy.dll

     

    Check for the IIS log to see the detailed error code:

     

    [Check the IIS log]

    ==============

    One the Exchange Client Access Server, locate the folder “c:\inetpub\logs\logfiles\W3SVC1” (If the IIS log is not enabled, please enable it and try to reproduce this issue.)

     

    Thanks,

    Simon

    Thursday, August 18, 2011 9:39 AM
    Moderator
  • This solved the problem it just took about 15 minutes to trickle down I guess.

    Thanks to all for your time and help.

    Thursday, August 18, 2011 3:59 PM