locked
Off network users not able to connect via outlook. RRS feed

  • Question

  • Currently using Exchange 2010 on a 2008 R2 box. 

    Email is working great for users on the local network and their blackberry/iphone they use that connects via their cell phone providers. 

    When users take their laptops home or to a public wifi, outlook complains that it can't connect to the exchange server. 

     

    The Local Address of the server is ex-server.oldcompanynamepriortome.org and the FQDN is exchange.newcompanyname.com

    All of the other devices (blackberry, iphones) use the FQDN but outlook is using the local address to connect to the server.

     

    How do you suggest I resolve this issue? Should I add a couple entries the the host file on the local machines? Is there settings I can adjust on the exchange server to change how the address resolves? Thank you very much for your time and input. 

    Tuesday, November 8, 2011 1:18 PM

Answers

  • Hi Techie,

    A client may use one of the two methods to find the AutoDiscover service and connect with Exchange server. Depending on the client type and whether or not you are logged into a domain, it will use either or both of the following:

    1.        Service Connection Point: An object in AD for each CAS server and contains the exact URL to the AutoDiscover service.

    2.        DNS: The client uses a set list of URLs based on your email address.

    In your situation, you want to configure outlook outside your organization so you need to enable outlook anywhere to connect Autodiscover service. You can refer to the below steps:

    1.        Install a valid public SSL Certificate on the Exchange server 2010

    2.        Install RPC over HTTP Proxy component from Server Manager, which you can refer to the link http://technet.microsoft.com/en-us/library/dd776122.aspx

    3.        Enable Outlook Anywhere using Enable-OutlookAnywhere command. Configure external URLs using Set-WebServicesDirectory and Set-OABVirtualDirectory commands

    4.        Ensure AutoDiscover is available on the internet and DNS is configured properly so clients can find AutoDiscover.<domain>.com

    For more, you can refer to the following articles:

    Enable Outlook Anywhere

    Set-WebServicesVirtualDirectory

    Set-OABVirtualDirectory

    If you encounter any difficulties, please let us know.

    Thanks


    Sophia Xu
    • Proposed as answer by Sophia Xu Thursday, November 10, 2011 2:27 AM
    • Unproposed as answer by Techie33 Thursday, November 17, 2011 10:12 PM
    • Marked as answer by Sophia Xu Tuesday, November 22, 2011 1:33 AM
    Thursday, November 10, 2011 2:27 AM
  • If it resolves autodiscover.companyname.com then it's fine.

    Configure your Outlook client - http://office.microsoft.com/en-us/outlook-help/use-outlook-anywhere-to-connect-to-your-exchange-server-without-vpn-HP010102444.aspx


    Sukh
    • Marked as answer by Sophia Xu Tuesday, November 22, 2011 1:33 AM
    Friday, November 18, 2011 2:31 PM
  • For the proxy address, would that be companyname.com or autodiscover.companyname.com?

     

    Thanks very much for your help!


    Hi,
    The proxy address should be the one you have configured for Outlook Anywhere.
    Get-OutlookAnywhere | fl Identity,ExternalHostname

    If Autodiscover is working correctly, then the Outlook profile would be configured with right setting automatically, if the client is using Outlook 2007/2010 that is.


    Martina Miskovic - http://www.nic2012.com/
    • Marked as answer by Sophia Xu Tuesday, November 22, 2011 1:33 AM
    Saturday, November 19, 2011 10:56 AM

All replies

  • Outlook cannot communicate over the Internet unless you have configured Outlook Anywhere to tunnel communication inside HTTPS packets. Take a look at this: http://technet.microsoft.com/en-us/library/bb123741.aspx

    Also be aware the Outlook must be configured to use Outlook Anywhere. It does not by default.

    If you do have Outlook Anywhere configured, look in the Outlook Anywhere configuration properties on the CAS server to verify that the name being used is the external name rather than the internal name.

     


    Byron Wright (http://byronwright.blogspot.com)
    Tuesday, November 8, 2011 4:06 PM
  • Hi Techie,

    A client may use one of the two methods to find the AutoDiscover service and connect with Exchange server. Depending on the client type and whether or not you are logged into a domain, it will use either or both of the following:

    1.        Service Connection Point: An object in AD for each CAS server and contains the exact URL to the AutoDiscover service.

    2.        DNS: The client uses a set list of URLs based on your email address.

    In your situation, you want to configure outlook outside your organization so you need to enable outlook anywhere to connect Autodiscover service. You can refer to the below steps:

    1.        Install a valid public SSL Certificate on the Exchange server 2010

    2.        Install RPC over HTTP Proxy component from Server Manager, which you can refer to the link http://technet.microsoft.com/en-us/library/dd776122.aspx

    3.        Enable Outlook Anywhere using Enable-OutlookAnywhere command. Configure external URLs using Set-WebServicesDirectory and Set-OABVirtualDirectory commands

    4.        Ensure AutoDiscover is available on the internet and DNS is configured properly so clients can find AutoDiscover.<domain>.com

    For more, you can refer to the following articles:

    Enable Outlook Anywhere

    Set-WebServicesVirtualDirectory

    Set-OABVirtualDirectory

    If you encounter any difficulties, please let us know.

    Thanks


    Sophia Xu
    • Proposed as answer by Sophia Xu Thursday, November 10, 2011 2:27 AM
    • Unproposed as answer by Techie33 Thursday, November 17, 2011 10:12 PM
    • Marked as answer by Sophia Xu Tuesday, November 22, 2011 1:33 AM
    Thursday, November 10, 2011 2:27 AM
  • Sophia, 

     

    Thanks for your response. I'm having a couple issues...

    I installed a new valid public SSL cert on the exchange server 2010. RPC over HTTP proxy was already installed. Outlook anywhere was already enabled. And I can go to autodiscover.companyname.com and reach the OWA site after altering the DNS.

     

    When I attempt to test thru testexchangeconnectivity.com  it successfully finds the correct ip for autodiscover.companyname.com but fails at this point

    Testing TCP port 443 on host autodiscover.companyname.com to ensure it's listening and open. 

    The specified port is either blocked, not listening, or not producing the expected response. 

     

    I'm not sure how to troubleshoot this and move forward. Any insight would be appreciated. Thank you very much!

    Thursday, November 17, 2011 10:12 PM
  • Is 443 open on your firewall to your Exchange server?
    Sukh
    Thursday, November 17, 2011 10:23 PM
  • I found the rule on the firewall that was causing the issue. Now i'm getting this error message 

    Validating the certificate name. Certificate name validation failed. 

    Friday, November 18, 2011 1:45 PM
  • What names do you have on yuor certificate?

    Get-ExchangeCertificate | fl


    Sukh
    Friday, November 18, 2011 1:54 PM
  • After looking at the Cert, I forgot to update godaddy to append the .companyname.com into the name.

     

    Now the test completes but should I be concerned that the test gives a warning that it can't resolve to companyname.com/autodiscover... but the second attempt to autodiscover.companyname.com works?

     

    Additionally I have a remote user currently that im trying to get this to work for. If I shut off his VPN is there anythign special I need to complete to get his email working with exchange anywhere?

     

     

    Thanks for your help. 

     

    Friday, November 18, 2011 2:26 PM
  • If it resolves autodiscover.companyname.com then it's fine.

    Configure your Outlook client - http://office.microsoft.com/en-us/outlook-help/use-outlook-anywhere-to-connect-to-your-exchange-server-without-vpn-HP010102444.aspx


    Sukh
    • Marked as answer by Sophia Xu Tuesday, November 22, 2011 1:33 AM
    Friday, November 18, 2011 2:31 PM
  • For the proxy address, would that be companyname.com or autodiscover.companyname.com?

     

    Thanks very much for your help!

    Friday, November 18, 2011 4:42 PM
  • should be what you have on your external DNS A records.  For e.g mail.mycompany.com

    What you use to connect via OWA externally.


    Sukh
    Friday, November 18, 2011 4:48 PM
  • For the proxy address, would that be companyname.com or autodiscover.companyname.com?

     

    Thanks very much for your help!


    Hi,
    The proxy address should be the one you have configured for Outlook Anywhere.
    Get-OutlookAnywhere | fl Identity,ExternalHostname

    If Autodiscover is working correctly, then the Outlook profile would be configured with right setting automatically, if the client is using Outlook 2007/2010 that is.


    Martina Miskovic - http://www.nic2012.com/
    • Marked as answer by Sophia Xu Tuesday, November 22, 2011 1:33 AM
    Saturday, November 19, 2011 10:56 AM