We have exchange 2007 running and I am attempting to connect to it with Outlook 2007.I am able to connect through the OWA, we have POP3 and IMAP access up and running, the only thing I can't do is connect through the outlook anywhere. From everything I've read its supposed to be extremely simple.Just enable it, go to outlook and connect, thats pretty much the extent of what I can find for support.Here is our setup:The mail server is at pluto.mydomain.local We can connect successfully to pluto.mydomain.local/owa.The pop at pluto.mydomain.local is also functioning.I Have installed the RPC Proxy service.My network firewall allow connections to pluto.mydomain.local on port 443Certificate im using on your exchange server, from internal enterprise CAWhen i'm testing connection by rpc ping tool by command:rpcping -t ncacn_http -s pluto.mydomain.local -o RpcProxy=pluto.mydomain.local -P "administrator,mydomain.local,*" -I "administrator,mydomain.local,*" -H 1 -F 3 -v 3 -B msstdluto.mydomain.local -e 6001 -u 10 -a connectException 1722 (0x000006BA)Number of records is: 3ProcessID is 8580System Time is: 11/27/2008 5:6:47:234Generating component is 14Status is 1722Detection location is 1398Flags is 0NumberOfParameters is 2Long val: 4Long val: 1722ProcessID is 8580System Time is: 11/27/2008 5:6:47:234Generating component is 13Status is 1722Detection location is 1422Flags is 0NumberOfParameters is 1Long val: 503ProcessID is 8580System Time is: 11/27/2008 5:6:47:234Generating component is 13Status is 503Detection location is 1419Flags is 0NumberOfParameters is 1Unicode string: Service UnavailableSo what can i do, to get working Outlook Anywhere ?

Have you actually enabled Outlook Anywhere on the CAS server role using the management console or management shell?

Yes, i'v enabled it on CAS server by command:[PS] C:\>Enable-OutlookAnywhere -Server pluto.mydomain.local -SSLOffloadingfalse -ExternalHostname pluto.mydomain.local -ClientAuthenticationMethod basic -IISAuthenticationMethods basic

Try running the Test-OutlookWebServices cmdlet.

[PS] C:\>Test-OutlookWebServices | flId : 1003Type : InformationMessage : About to test AutoDiscover with the e-mail address YKudza@mydomain.extId : 1007Type : InformationMessage : Testing server pluto.mydomain.local with the published name https://pluto.mydomain.local/EWS/Exchange.asmx & ht tps://exch.mydomain.ext/EWS/Exchange.asmx.Id : 1019Type : InformationMessage : Found a valid AutoDiscover service connection point. The AutoDiscover URL on this object is https://pluto.my domain.local/autodiscover/autodiscover.xml.Id : 1013Type : ErrorMessage : When contacting https://pluto.mydomain.local/autodiscover/autodiscover.xml received the error The remote serve r returned an error: (503) Server Unavailable.Id : 1006Type : ErrorMessage : The Autodiscover service could not be contacted.[PS] C:\>But same time when im setting up new client's Outlook, it's get full configuration by autodiscover service

In IIS Manager on your CAS server, under Application Pools, check that the MSExchangeAutodiscoverAppPool is running and not stopped.

It's running.We have consolidated topology so all exchange roles(UM, CAS, HUB, MAILBOX) consolidated on the 1 server

I tend to have the most trouble when consolidating exchange roles on a single server. Normally, it is the certificate. On the same computer as your Outlook anywhere client,usingOWA, are there any certificate warnings or errors? If so, Outlook anywhere is unlikely to work. Joseph Durnal

Hi, Since the error indicate that Autodiscover cannot be contacted. Please try to delete the Autodiscover and EWS Virtual Directories via Exchange Management Shell with the cmdlt below: Note: Please make back up on IIS metabase in case unexpected error would occur. For how to create a metabase backup by using IIS 6.0 in Windows Server 2003,you can refer to the article below: http://support.microsoft.com/kb/324277 Remove-AutodiscoverVirtualDirectory New-AutodiscoverVirtualDirectory Remove-WebServicesVirtualDirectory New-WebServicesVirtualDirectory After that please check the RPC virtual directory and then check the issue.1. Logon Exchange server and open Exchange Management Console2. Change the 'Client authentication method' of Outlook Anywhere from "Basic Authentication" to "NTLM Authentication"3. Open "Internet Information Services(IIS)Manager"4. Expand to "Sites"---->"Default Web Site"5. Select /rpc virtual directory and switch to "Features View"6. Double click "Authentication" and make sure "Basic Authentication" and "Windows Authentication" are enabled.7. Running cmdlet to set the PrincipalName for EXPR section,Set-OutlookProvider expr -CertPrincipalName:"msstd: Enternalhostname "8. Restart service "Microsoft Exchange Host service" and running command "IISRESET /noforce" If the problem still persists, we need to check the configuration on certificate and outlook anywhere. Please run cmdlt below and post the output here. get-exchangecertificate | fl * Get-OutlookAnywhere -Server servername | fl * Best regards, Xiu

I followed all steps in your instruction but problem still exist. Here is "Get-ExchangeCertificate | fl " output:[PS] C:\>Get-ExchangeCertificate | flAccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessR ule, System.Security.AccessControl.CryptoKeyAccessRule}CertificateDomains : {pluto, pluto.mydomain.local}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=plutoNotAfter : 5/27/2009 3:37:34 PMNotBefore : 5/27/2008 3:37:34 PMPublicKeySize : 2048RootCAType : NoneSerialNumber : 9F06E618E16EB9BB451007C23AF78550Services : IMAP, POP, UM, SMTPStatus : ValidSubject : CN=plutoThumbprint : 1F27EFC2AAF48A346D9102A358158771877CD8B1AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessR ule, System.Security.AccessControl.CryptoKeyAccessRule}CertificateDomains : {pluto.mydomain.local}HasPrivateKey : TrueIsSelfSigned : FalseIssuer : CN=mars, DC=MYDOMAIN, DC=localNotAfter : 5/5/2010 1:41:48 PMNotBefore : 5/5/2008 1:41:48 PMPublicKeySize : 1024RootCAType : EnterpriseSerialNumber : 156DFECE00000000000CServices : IMAP, POP, UM, IIS, SMTPStatus : ValidSubject : CN=pluto.mydomain.local, OU=PLUTO, O=MYDOMAIN, L=Somecity, S=CZ, C=CZThumbprint : 493FD751EC96131361D9ADB26E75511EDD198C97AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessR ule}CertificateDomains : {pluto}HasPrivateKey : TrueIsSelfSigned : FalseIssuer : CN=mars, DC=MYDOMAIN, DC=localNotAfter : 4/29/2010 4:05:16 PMNotBefore : 4/29/2008 4:05:16 PMPublicKeySize : 2048RootCAType : EnterpriseSerialNumber : 48945F9F00000000000AServices : NoneStatus : ValidSubject : CN=plutoThumbprint : 360C1826E3AD4613ADF1E54EF191A8DA16C69761AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessR ule, System.Security.AccessControl.CryptoKeyAccessRule}CertificateDomains : {pluto, pluto.mydomain.local}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=plutoNotAfter : 2/28/2009 11:45:06 AMNotBefore : 2/28/2008 11:45:06 AMPublicKeySize : 2048RootCAType : RegistrySerialNumber : DFB915F07E24D6874BD0CA4142E5A496Services : IMAP, POP, UM, SMTPStatus : ValidSubject : CN=plutoThumbprint : 4E0C1709A87CE166322E77BD9F49F716676163F9[PS] C:\>Here is "Get-OutlookAnywhere -server pluto | fl" output:[PS] C:\>Get-OutlookAnywhere -server pluto | flServerName : plutoSSLOffloading : FalseExternalHostname : pluto.mydomain.localClientAuthenticationMethod : NtlmIISAuthenticationMethods : {Ntlm}MetabasePath : IIS://pluto.mydomain.local/W3SVC/1/ROOT/RpcPath : C:\WINDOWS\System32\RpcProxyServer : plutoAdminDisplayName :ExchangeVersion : 0.1 (8.0.535.0)Name : Rpc (Default Web Site)DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=pluto,CN=Servers,CN=Exchange Administrat ive Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=MYDOMAIN,CN=Microsoft Exchange,CN=S ervices,CN=Configuration,DC=MYDOMAIN,DC=localIdentity : pluto\Rpc (Default Web Site)Guid : a8169f06-d5ff-441b-89c0-c626f780c426ObjectCategory : mydomain.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-DirectoryObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}WhenChanged : 12/3/2008 3:17:57 PMWhenCreated : 11/26/2008 4:27:42 PMOriginatingServer : mercury.mydomain.localIsValid : True[PS] C:\>

Hi, 1. First, please ensure that if all the Exchange related services has been started. You can check services against standard status listing in the article below: Exchange Server 2007 Roles and the RelatedServices 2. Then please check Vaildport settings from registry. 1) Click start Run 2) Regedit - this will open the registry editor 3) HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy 4) Notice the Dword called Enabled set to 1 5) There is a String value called "ValidPorts" Microsoft Exchange Information Store service: 6001referral service of DSProxy: 6002proxy service of DSProxy: 6004Active Directory (if the global catalog server and Exchange Server are on the same server): 6004 3. Test the RPC proxy server, IIS connection to the RPC application through your Internet browser. Type https://ProxyServerFQDN/rpc and then check with the information in the article below: How to Verify RPC Virtual Directory Configuration http://technet.microsoft.com/en-us/library/bb124175(EXCHG.65).aspx 4. Please use rpcping with -E both on CAS server and client. We need to verify if the RPC Proxy server is available. Besides, Id like to gather more background information for this issue. 1. What is the symptom of the issue? When open outlook, it always ask for password? Please try to configure outlook anywhere inside the network.( How to Create an Outlook Profile for Users to Use with RPC over HTTP, Use Outlook Anywhere to connect to your Exchange server without VPN) and then test E-mail AutoConfiguration. 2. What is the version of the Operation System for Exchange Server 2007?If it is a Windows Server 2008 based one,then please check if IPV6 has been enabled.( Outlook Anywhere Client Connectivity Issue Because of TCP/IPv6, How does Outlook Anywhere work (and not work)) More related information to share with you: Troubleshooting RPC over HTTP Communications http://technet.microsoft.com/en-us/library/bb124649(EXCHG.65).aspx How to use the RPC Ping utility to troubleshoot connectivity issues with the Exchange over the Internet feature in Outlook 2007 and in Outlook 2003 http://support.microsoft.com/kb/831051 Best regards, Xiu

[PS] C:\>Test-ServiceHealthRole RequiredServicesRunning ServicesRunning ServicesNotRunning---- ----------------------- --------------- ------------------Mailbox True IISAdmin MSExchangeADTopology MSExchangeIS MSExchangeMailboxAssis tants MSExchangeMailSubmissi on MSExchangeRepl MSExchangeSA MSExchangeSearch MSExchangeServiceHost MSExchangeTransportLog Search MSFTESQL-Exchange W3SvcClient Access True IISAdmin MSExchangeADTopology MSExchangeFDS MSExchangeIMAP4 MSExchangePOP3 MSExchangeServiceHost W3SvcUnified Messa True MSExchangeADTopologyging MSExchangeFDS MSExchangeUM MSSpeechServiceHub Transport True MSExchangeADTopology MSExchangeEdgeSync MSExchangeTransport MSExchangeTransportLog Search[PS] C:\>Here is Vaildport settings from registry:PLUTO:6001-6002;PLUTO:6004;pluto..mydomain.local:6001-6002;pluto.mydomain.local:6004Operating system is Windows 2003 x64 R2 Sp2 Standart Edition.>What is the symptom of the issue? When open outlook, it always ask for password?Symptom of the issue is when opening outlook, im pressing "Control key" then right click on Outlook icon in tray, and selecting "Connection state/status(?)".So i can see what type of connection outlook is using. It is TCP/IP connection, not HTTPSRPCping test results:"rpcping -t ncacn_http -s pluto.mydomain.local -o RpcProxy=pluto.mydomain.local -P "administrator,mydomain.local,*" -I "administrator,mydomain.local,*" -H 2 -u 10 -a connect -F 3 -v 3 -E -R none"RPCPing v2.12. Copyright (C) Microsoft Corporation, 2002OS Version is: 5.1, Service Pack 2Enter password for server:Enter password for RPC/HTTP proxy:RPCPinging proxy server pluto.mydomain.local with Echo Request PacketSending ping to serverError 12044 returned in the WinHttpReceiveResponse.Ping failed.Also part of logfiles from IIS on exchange server:HTTP Status 413, Request Entity Too Large:2008-12-04 09:20:30 W3SVC1 192.168.60.11 GET /rpc/ - 443 - 192.168.60.52 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+MRA+5.2+(build+02349)) 401 2 21480742542008-12-04 09:20:30 W3SVC1 192.168.60.11 GET /OAB/a0fa736b-3c32-4bff-9f2e-084b5186feb3/oab.xml - 80 - 192.168.60.201 Microsoft+BITS/6.6 206 0 02008-12-04 09:20:33 W3SVC1 192.168.60.11 GET /rpc/ - 443 mydomain\man 192.168.60.52 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+MRA+5.2+(build+02349)) 401 3 52008-12-04 09:20:33 W3SVC1 192.168.60.11 GET /rpc/ - 443 mydomain\man 192.168.60.52 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+MRA+5.2+(build+02349)) 401 3 52008-12-04 09:20:33 W3SVC1 192.168.60.11 GET /rpc/ - 443 mydomain\man 192.168.60.52 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+MRA+5.2+(build+02349)) 401 3 52008-12-04 09:20:34 W3SVC1 192.168.60.11 GET /favicon.ico - 443 - 192.168.60.52 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+MRA+5.2+(build+02349)) 404 0 22008-12-04 09:20:53 W3SVC1 192.168.60.11 RPC_IN_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6002 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:53 W3SVC1 192.168.60.11 RPC_OUT_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6002 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:55 W3SVC1 192.168.60.11 RPC_IN_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6001 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:55 W3SVC1 192.168.60.11 RPC_OUT_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6001 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_IN_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6001 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_OUT_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6001 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_IN_DATA /rpc/rpcproxy.dll mercury.mydomain.local:6004 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_OUT_DATA /rpc/rpcproxy.dll mercury.mydomain.local:6004 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_IN_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6002 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_OUT_DATA /rpc/rpcproxy.dll pluto.mydomain.local:6002 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_IN_DATA /rpc/rpcproxy.dll mercury.mydomain.local:6004 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_OUT_DATA /rpc/rpcproxy.dll mercury.mydomain.local:6004 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_IN_DATA /rpc/rpcproxy.dll mercury.mydomain.local:6004 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:20:58 W3SVC1 192.168.60.11 RPC_OUT_DATA /rpc/rpcproxy.dll mercury.mydomain.local:6004 443 - 192.168.60.52 MSRPC 413 0 02008-12-04 09:21:00 W3SVC1 192.168.60.11 POST /autodiscover/autodiscover.xml - 443 - 192.168.60.52 Microsoft+Office/12.0+(Windows+NT+5.1;+Microsoft+Office+Outlook+12.0.6020;+Pro) 401 2 64

Hi, Please check if you have checked Ignore client certificates under Client certificates when you check Require secure channel (SSL). Enabling Client Certificates in IIS 6.0 (IIS 6.0) http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/096519f4-3079-4571-9d28-8e5d286c5ab9.mspx?mfr=true Regards, Xiu

Xiu, checkbox set on Accept client certificates Here is screenshot

Sorry, a typo is in my last post. I have edited it. Error 12044 returned in the WinHttpReceiveResponse,this happened becauseIIS is trying to check for client certificate. Checking with the screenshot, you may need to check "Ignore client certificate". Regards, Xiu

Ok, i'v checked "Ignore client certificate", but when i'm restarting IIS by "iisreset /noforce" command, IIS restore "Accept client certificate" checkbox automaticaly.

Hi, Please check IIS metabase with Metabase Explorer. We may need to check if AccessSSL flag has been generated in \LM\W3SVC\1\ROOT\RPC, if yes, then please delete it. Note: Please follow the steps in the article below to make backup for metabase before you to modify it. How To Create a Metabase Backup by Using IIS 6.0 in Windows Server 2003 AccessSSLFlags Metabase Property (IIS 6.0) http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/1ceec4ee-1776-47cf-9060-0bd573376566.mspx?mfr=true Besides, please check if Accept Client Certificate has been checked for default web site. IIS Metabase Explorer can be found in IIS 6.0 Resource Kit Tools. IIS 6.0 Resource Kit Tools http://support.microsoft.com/default.aspx/kb/840671 Hope it helps. Xiu

Hi Guys. I had similar problems with my outlook anywhere setup. Ijust got off the phone with MS tech support. 3 Hours later we had the fix. Here are the main points that resolved this issue. On our PDC & BDC: - We added the 'NSPI interface protocol sequences' registry key[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters] and rebooted On our exchange server: - We added another registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters Value Name: MaxWorkItems Data Type: REG_DWORD Value data: 8192 (decimal) - Ran IISRESET and restarted the System Attendant service. - Now, the username resolves while configuring a profile and Outlook connects on HTTPS without errors. This MaxWorkItems key seems to be the one that fixed the issue. Hope it helps for anyone else who may be having this issue. Colin