Outlook 2010/2013 can not connect to Exchange 2013 in a coexistence scenario with Exchange 2010

Hi all,

i have very big problems and no one solution found in the internet help me.

Environment:

Root Domain: "germany.local" hosted on 2 sites (1 DC in Munich, 1 DC in Frankfurt)
 - The 4 new exchange servers (2 on every site) (everyone with Mailbox and Access Roles) installed in this Root Domain.
 - SSL Certificates are created with Enterprise CA on the Root Domain for each Exchange 2013 server.

Child Domains: "muc.germany.local" (site Munich) and "ffo.germany.local" (site Frankfurt).
 - on every site in the child domains located the Exchange 2010 Servers (2 CAS in Array and 2 Mailbox servers on each site)

All our Users are managed and hosted in the child Domains.

I installed the new exchange 2013 servers in the root, because we need to have the feasibillity to failover mailboxes to the other site for our BCP Planning.

After i installed Exchange 2010 SP3, Exchange 2013 + CU1 it looks all very fine.

I created a test account on "muc.germany.local" and created a mailbox on a new exchange 2013 server on munich site.
 - OWA works!
 - ECP works!

- But Outlook 2010 (last SP) and Outlook 2013 wont connect if i setup the new created user Profile in the outlook wizzard.

- totaly confused in the username resolution on outlook wizzard take my exchange 2010 cas array servername.

i dont know why!!! Please help me.

Additional Infos:

Exchange Certificates hold DNS entries:
- autodiscover.germany.local
- SERVERNAME (the NetBios name)
- servername.germany.local
- germany.local

Our Exchange Servers are not connected / reachable from the internet for clients.
For sending / recieving Mails (to/from outside) we using E-Mail Gateways configured as smarthosts on our exchange servers.

Every Site have an own ip range.

Please help me please!

Thanks a lot!!!

July 31st, 2013 9:42am

Hello,

Do you mean your user name resolution is cas array name? If so, I recommend you configure outlook exchange account automatically to check the result.

When you configure outlook exchange account manually, if your mailbox is on exchange 2013, your server name is your mailbox guid@ the primary smtp address of the user.

If you have any feedback on our support, please click here

Free Windows Admin Tool Kit Click here and download it now
July 31st, 2013 10:22pm

Hi,

in Outlook 2010 on first start, the wizzard connects to an old CAS Server and i dont know why.
it showas after wizzard "default email folder could not open. before sync tolders with .ost you have an connection with your exchange profile".

in Outlook 2013 on first start, the wizzard fill in the guid@smtpaddress but dont connect.

Regards

August 1st, 2013 2:19am

Hello,

I recommend you to check your mailbox on exchange 2010 or exchange 2013.

If your mailbox is located in exchange 2013, I recommend you check the scp value.

Publishing with Service Connection Points

http://msdn.microsoft.com/en-us/library/ms677638.aspx

If the value is incorrect, you can use set-clientaccessserver to change the autodiscoverserviceinternaluri

Set-ClientAccessServer

http://technet.microsoft.com/zh-cn/library/bb125157(v=exchg.150).aspx

When you configure outlook 2013 exchange account, I recommend you post the detailed information that you can't connect the server.

If you have any feedback on our support, please click here

Free Windows Admin Tool Kit Click here and download it now
August 1st, 2013 3:22am

Hi,

i dont understand how i can find the scp.

On my Outlook 2013 startup wizzard, i let configure all automaticly. At the Step for Automatic account setup, it resolves the Name and Mail-address successfull. On the next Page for automatic search of E-Mail Serversettings the certificate of a exchange 2010 cas server pops up. Not from the exchange 2013 homeserver of that user. I click on trust the certificate and all 3 Points were checked (Network Connection..., Search for settings of User..., and login to server. Then on finish outlook starts bot dont connect. 1st Error message: "The Microsoft Exchange Administrator changed something that requires a restart of outlook." I click OK. Then i get the 2nd Error Message: Outlook cant start. Outlook window cant opened. This Foldergroup cant opened.... You have to connect with exchange bevore sync..."

Regards

August 1st, 2013 4:04am

i ran the command "Get-OutlookAnywhere | fl > c:\any.txt" for connection infos of my 4 new exchange 2013 servers.

Output:

RunspaceId                         : ed7fc81c-2b10-4905-bb90-dfa082425eaa
ServerName                         : MUCMXN04
SSLOffloading                      : True
ExternalHostname                   : 
InternalHostname                   : mucmxn04.germany.local
ExternalClientAuthenticationMethod : Negotiate
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods           : {Basic, Ntlm, Negotiate}
XropUrl                            : 
ExternalClientsRequireSsl          : False
InternalClientsRequireSsl          : False
MetabasePath                       : IIS://MUCMXN04.germany.local/W3SVC/1/ROOT/Rpc
Path                               : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
ExtendedProtectionTokenChecking    : None
ExtendedProtectionFlags            : {}
ExtendedProtectionSPNList          : {}
AdminDisplayVersion                : Version 15.0 (Build 620.29)
Server                             : MUCMXN04
AdminDisplayName                   : 
ExchangeVersion                    : 0.20 (15.0.0.0)
Name                               : Rpc (Default Web Site)
DistinguishedName                  : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=MUCMXN04,CN=Servers,CN=Exchange 
                                     Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=My Company,CN=Microsoft 
                                     Exchange,CN=Services,CN=Configuration,DC=germany,DC=local
Identity                           : MUCMXN04\Rpc (Default Web Site)
Guid                               : 6a564e04-f841-4c32-9159-7a3951708dce
ObjectCategory                     : germany.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Direc
                                     tory
ObjectClass                        : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged                        : 01.07.2013 10:10:05
WhenCreated                        : 01.07.2013 10:09:45
WhenChangedUTC                     : 01.07.2013 08:10:05
WhenCreatedUTC                     : 01.07.2013 08:09:45
OrganizationId                     : 
OriginatingServer                  : MUCDC002.muc.germany.local
IsValid                            : True
ObjectState                        : Changed

RunspaceId                         : ed7fc81c-2b10-4905-bb90-dfa082425eaa
ServerName                         : FFOMXN03
SSLOffloading                      : True
ExternalHostname                   : 
InternalHostname                   : ffomxn03.germany.local
ExternalClientAuthenticationMethod : Negotiate
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods           : {Basic, Ntlm, Negotiate}
XropUrl                            : 
ExternalClientsRequireSsl          : False
InternalClientsRequireSsl          : False
MetabasePath                       : IIS://FFOMXN03.germany.local/W3SVC/1/ROOT/Rpc
Path                               : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
ExtendedProtectionTokenChecking    : None
ExtendedProtectionFlags            : {}
ExtendedProtectionSPNList          : {}
AdminDisplayVersion                : Version 15.0 (Build 620.29)
Server                             : FFOMXN03
AdminDisplayName                   : 
ExchangeVersion                    : 0.20 (15.0.0.0)
Name                               : Rpc (Default Web Site)
DistinguishedName                  : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=FFOMXN03,CN=Servers,CN=Exchange 
                                     Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=My Company,CN=Microsoft 
                                     Exchange,CN=Services,CN=Configuration,DC=germany,DC=local
Identity                           : FFOMXN03\Rpc (Default Web Site)
Guid                               : d674c5e8-de23-4cde-a8e0-7ccbfff959f3
ObjectCategory                     : germany.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Direc
                                     tory
ObjectClass                        : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged                        : 26.07.2013 09:08:03
WhenCreated                        : 26.07.2013 09:03:59
WhenChangedUTC                     : 26.07.2013 07:08:03
WhenCreatedUTC                     : 26.07.2013 07:03:59
OrganizationId                     : 
OriginatingServer                  : MUCDC002.muc.germany.local
IsValid                            : True
ObjectState                        : Changed

RunspaceId                         : ed7fc81c-2b10-4905-bb90-dfa082425eaa
ServerName                         : FFOMXN04
SSLOffloading                      : True
ExternalHostname                   : 
InternalHostname                   : ffomxn04.germany.local
ExternalClientAuthenticationMethod : Negotiate
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods           : {Basic, Ntlm, Negotiate}
XropUrl                            : 
ExternalClientsRequireSsl          : False
InternalClientsRequireSsl          : False
MetabasePath                       : IIS://FFOMXN04.germany.local/W3SVC/1/ROOT/Rpc
Path                               : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
ExtendedProtectionTokenChecking    : None
ExtendedProtectionFlags            : {}
ExtendedProtectionSPNList          : {}
AdminDisplayVersion                : Version 15.0 (Build 620.29)
Server                             : FFOMXN04
AdminDisplayName                   : 
ExchangeVersion                    : 0.20 (15.0.0.0)
Name                               : Rpc (Default Web Site)
DistinguishedName                  : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=FFOMXN04,CN=Servers,CN=Exchange 
                                     Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=My Company,CN=Microsoft 
                                     Exchange,CN=Services,CN=Configuration,DC=germany,DC=local
Identity                           : FFOMXN04\Rpc (Default Web Site)
Guid                               : 2fe36557-d498-4e60-9722-a863f61620fb
ObjectCategory                     : germany.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Direc
                                     tory
ObjectClass                        : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged                        : 26.07.2013 11:38:10
WhenCreated                        : 26.07.2013 11:34:01
WhenChangedUTC                     : 26.07.2013 09:38:10
WhenCreatedUTC                     : 26.07.2013 09:34:01
OrganizationId                     : 
OriginatingServer                  : MUCDC002.muc.germany.local
IsValid                            : True
ObjectState                        : Changed

RunspaceId                         : ed7fc81c-2b10-4905-bb90-dfa082425eaa
ServerName                         : MUCMXN03
SSLOffloading                      : True
ExternalHostname                   : 
InternalHostname                   : mucmxn03.germany.local
ExternalClientAuthenticationMethod : Ntlm
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods           : {Ntlm}
XropUrl                            : 
ExternalClientsRequireSsl          : False
InternalClientsRequireSsl          : True
MetabasePath                       : IIS://MUCMXN03.germany.local/W3SVC/1/ROOT/Rpc
Path                               : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
ExtendedProtectionTokenChecking    : None
ExtendedProtectionFlags            : {}
ExtendedProtectionSPNList          : {}
AdminDisplayVersion                : Version 15.0 (Build 620.29)
Server                             : MUCMXN03
AdminDisplayName                   : 
ExchangeVersion                    : 0.20 (15.0.0.0)
Name                               : Rpc (Default Web Site)
DistinguishedName                  : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=MUCMXN03,CN=Servers,CN=Exchange 
                                     Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=My Company,CN=Microsoft 
                                     Exchange,CN=Services,CN=Configuration,DC=germany,DC=local
Identity                           : MUCMXN03\Rpc (Default Web Site)
Guid                               : 5297a01e-07a8-4bdc-9eea-f205c6b57f72
ObjectCategory                     : germany.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Direc
                                     tory
ObjectClass                        : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged                        : 31.07.2013 11:47:09
WhenCreated                        : 29.07.2013 16:28:35
WhenChangedUTC                     : 31.07.2013 09:47:09
WhenCreatedUTC                     : 29.07.2013 14:28:35
OrganizationId                     : 
OriginatingServer                  : MUCDC002.muc.germany.local
IsValid                            : True
ObjectState                        : Changed

Free Windows Admin Tool Kit Click here and download it now
August 1st, 2013 4:14am

Here a small visio about my environment.

Exchange Servers in germany.local are my new Exchange 2013 servers.

Exchange Servers in daughter Domains are my Exchange 2010 servers.

August 1st, 2013 4:59am

OK.

I created now an User with Mailbox in the root Domain. And log on to a computer in the root domain, Outlook will connect sucessfully!!!

Should i create a security group what allow my child domain users to connect to my new exchange servers?

- But how do i configure this security group?

Free Windows Admin Tool Kit Click here and download it now
August 1st, 2013 5:42am

Hello,

Your domain users' mailboxes must be exchange 2013, your outlook can connect to new exchange server.

Here are some similar threads for your reference.

http://social.technet.microsoft.com/Forums/exchange/en-US/9bebb154-217d-48ed-a698-18ed493728d6/not-able-to-add-users-from-child-domain-xyzabccom-to-existing-exchange-2010-server-in-the-root

http://social.technet.microsoft.com/Forums/exchange/en-US/8511100d-5f72-4b18-aca4-308580286b98/trying-to-use-root-domain-exchange-2010-server-with-from-a-child-domain

Besides, I reocmmend you check "Require ssl" and set the ExternalClientAuthenticationMethod "Basic authentication".

If you access your mailbox by outlook anywhere, you should use SAN certificate that must be issued by a CA that the client trusts.

Here is the article for your reference.

SSL Certificates for Exchange Server 2013

http://exchangeserverpro.com/exchange-server-2013-ssl-certificates/

If you have any feedback on our support, please click here

August 2nd, 2013 11:29pm

Hello,

my usermailboxes of the test useres are hosted on the exchange 2013 servers.

SSL Certificates for the ex2013 servers were created by my enterprise ca in the root. this certificates are rolled out to every client.

And for "Besides, I reocmmend you check "Require ssl" and set the ExternalClientAuthenticationMethod "Basic authentication"."

You mean the RPC in the IIS?

For RPC in the IIS there is require SSL unchecked and Client Cert is on ignore. But this settings were default. I dont changed anything on the IIS.

Thanks a lot!

Free Windows Admin Tool Kit Click here and download it now
August 3rd, 2013 5:24am

Hello,

Normally, there is needed to check "require ssl".

Please verify whether you configure HTTP redirection.

Please post the error when you check "require ssl".

If you have any feedback on our support, please click here

August 3rd, 2013 5:39am

I checked the IIS settings. I changed nothing.

The SSL settings for "Default Web Site" are Require SSL (checked) and Client certificates is on ignore.

The SSL settings for the Virtual Directory "Rpc" is no Require SSL (unchecked) and Client certificates is on ignore.

So now it works and i dont know why...

Free Windows Admin Tool Kit Click here and download it now
August 3rd, 2013 6:25am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics