locked
Outlook connection issues with Exchange 2010 mailboxes because of the RPC encryption requirement RRS feed

  • Question

  • I get this message:

    The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

    I found the following solution but, I an not an expert and don't understand it. Can someone explain in simple steps how to do it?

    Thanks!

    To resolve this problem, use one of the following methods.

    Note If you are using one of the automated methods (Group Policy or a .prf file), make sure that you fully test the method before you deploy it on a large scale.

    • Method 1: Disable the encryption requirement on all CAS servers

     

    Microsoft strongly recommends you leave the encryption requirement enabled on your server, and to utilize one of the other methods listed in this article. Method 1 is only provided in this article for situations where you cannot immediately deploy the necessary RPC encryption settings on your Outlook clients. If you utilize Method 1 to allow Outlook clients to connect without RPC encryption, please re-enable the RPC encryption requirement on your CAS servers as quickly as possible to maintain the highest level of client-to-server communication.

     

    To disable the required encryption between Outlook and Exchange, follow these steps:

    1. On the server that is running Exchange 2010, run the following command in the Exchange Management Shell:

      Set-RpcClientAccess –Server Exchange_server_name –EncryptionRequired $False

      Note The Exchange_server_name placeholder represents the name of an Exchange Server 2010-based server that has the Client Access Server role.

      You must run this cmdlet for all Exchange 2010 Client Access servers.
    2. Rerun this command for each Exchange 2010-based server that has the Client Access Server role.
    3. After your Outlook clients are updated with the setting to enable encrypted RPC communication with Exchange (see steps provided below), you can re-enable the RPC encryption requirement on your Exchange 2010 servers that have the Client Access Server role.

      To re-enable the RPC encryption requirement on your Exchange 2010-based servers that have the Client Access Server role, run the following command in the Exchange Management Shell:
      Set-RpcClientAccess –Server Exchange_server_name –EncryptionRequired $True

      Note The Exchange_server_name placeholder represents the name of an Exchange 2010-based server that has the Client Access Server role.

      This cmdlet must be run for all Exchange 2010 Client Access servers.
    Saturday, July 10, 2010 5:45 PM

Answers

  • So it sounds like you have pick the method to disable RPC Encryption on the server side instead of the client side (Method 1).  The instructions that you quoted are right on.  So how many CAS servers to you have in your organization?  Basically on each CAS server, open up the EMS (Exchange Management Shell) and run the following command:

    Set-RPCClientAccess -Server "ExchangeServerName" -EncryptionRequired $False

    "ExchangeServerName" is the actual name of your Exchange server (this can be the NETBios name).  That is it, just run that command against each CAS server that you have (just change the "ExchangeServerName" for every CAS server).

    After you run the command on the server, the Outlook client error will go away and will be able to connect.

    Don't worry about #3 in the list if you plan on staying on Outlook 2003.  If you upgrade everyone to Outlook 2007 or 2010, then you can run #3.

    Let me know if this is not clear.


    Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com
    • Proposed as answer by TWHarrington Saturday, July 10, 2010 6:08 PM
    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Saturday, July 10, 2010 6:07 PM
  • Hi,

     

    Have you take a look at method2 in this KB: http://support.microsoft.com/kb/2006508 ?

     

    If you're an end user, please try this suggestion.

     

    Thanks,

     

    Elvis

     

    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Friday, July 16, 2010 9:33 AM
  • Pennymay19,

                       this issue is occurr if you use Outlook 2003 clients, because it haven´t enabled encryption by default. Enabling encryption on all Outlook 2003 clients fixes this issue.

    I recommend you that don´t disable encryption on Exchange CAS side (Microsoft recomendation). Whit Outlook 2007 or 2010 this is not a problem because it have enabled encryption by default.

    http://support.microsoft.com/kb/2006508/en

    http://www.howexchangeworks.com/2009/09/cant-connect-outlook-2003-to-exchange.html

    Regards,

    Leonardo Artese

    MCSE - MCTS: Exchange 2007 - MCITP: EMA 2010 - MCITP: EA

     

    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Friday, July 16, 2010 1:04 PM
  • Explained in detail here

    http://www.howexchangeworks.com/2009/09/cant-connect-outlook-2003-to-exchange.html


    Rajith Enchiparambil | http://www.howexchangeworks.com |
    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Friday, July 16, 2010 1:09 PM

All replies

  • So it sounds like you have pick the method to disable RPC Encryption on the server side instead of the client side (Method 1).  The instructions that you quoted are right on.  So how many CAS servers to you have in your organization?  Basically on each CAS server, open up the EMS (Exchange Management Shell) and run the following command:

    Set-RPCClientAccess -Server "ExchangeServerName" -EncryptionRequired $False

    "ExchangeServerName" is the actual name of your Exchange server (this can be the NETBios name).  That is it, just run that command against each CAS server that you have (just change the "ExchangeServerName" for every CAS server).

    After you run the command on the server, the Outlook client error will go away and will be able to connect.

    Don't worry about #3 in the list if you plan on staying on Outlook 2003.  If you upgrade everyone to Outlook 2007 or 2010, then you can run #3.

    Let me know if this is not clear.


    Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com
    • Proposed as answer by TWHarrington Saturday, July 10, 2010 6:08 PM
    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Saturday, July 10, 2010 6:07 PM
  • Hi,

     

    Have you take a look at method2 in this KB: http://support.microsoft.com/kb/2006508 ?

     

    If you're an end user, please try this suggestion.

     

    Thanks,

     

    Elvis

     

    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Friday, July 16, 2010 9:33 AM
  • Pennymay19,

                       this issue is occurr if you use Outlook 2003 clients, because it haven´t enabled encryption by default. Enabling encryption on all Outlook 2003 clients fixes this issue.

    I recommend you that don´t disable encryption on Exchange CAS side (Microsoft recomendation). Whit Outlook 2007 or 2010 this is not a problem because it have enabled encryption by default.

    http://support.microsoft.com/kb/2006508/en

    http://www.howexchangeworks.com/2009/09/cant-connect-outlook-2003-to-exchange.html

    Regards,

    Leonardo Artese

    MCSE - MCTS: Exchange 2007 - MCITP: EMA 2010 - MCITP: EA

     

    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Friday, July 16, 2010 1:04 PM
  • Explained in detail here

    http://www.howexchangeworks.com/2009/09/cant-connect-outlook-2003-to-exchange.html


    Rajith Enchiparambil | http://www.howexchangeworks.com |
    • Marked as answer by Elvis Wei Thursday, July 22, 2010 8:57 AM
    Friday, July 16, 2010 1:09 PM