action cannot be completed.The connection to Microsoft Exchange is unavailable
I have the warning below
"action cannot be completed.The connection to Microsoft Exchange is unavailable..."
my setup:
I configure the Outlook anywhere in my exchange 2007 SP1 already. Outlook anywhere works fine internally
I configure correctly on my owa certificate and no security warning issue.
I open port from 6001-6004 in router broadband and I telnet the port and it respons.
As I configure outlook client using ADSL broadband, the credential is asked and the warning above is appeared.
I made a trial & error. I configured the profile for outlook inside the network so that it resolved. and It resolved successfully in Internal network.
Then, I tried ADSL broadband outside my internal network, and open my outlook 2007 client and the funny things the connection is established after asking the credential.
How that happened? the weird thing is that the server name and name of user can't be resolved when create the new profile outside the network. I have to do resolved name and servername and configure outlook anywhere inside the network first. then, after
that, the outlook work fine if we use the outlook at home.
I couldn't find the answer...help me please where i do wrong.
Aliyani Sabrey
November 11th, 2010 8:08am
Your configuration is flawed.
You do not have to open any other port other than port 443 for Outlook Anywhere support. Close the additional ports.
Any reason why you haven't updated to at least Exchange 2007 SP2, preferably SP3?
Is your SSL certificate a commercial one or the self signed one created during setup? If the latter, then that isn't supported.
If the former, is it a unified communications certificate or a standard single name certificate?
How do you know that Outlook Anywhere works internally? Most people presume that it does, but in actual fact it does not, because Outlook will attempt to use TCP/IP first.
Hold down CTRL while right clicking on the Outlook icon in the system tray and choose Connection Status. That will show you how Outlook is connecting. If it is says TCP/IP then it is not using Outlook Anywhere.
Run a test account through the Microsoft test site at
http://exrca.com/ . See what that comes back with.
Simon.Simon Butler, Exchange MVP
Blog |
Exchange Resources
Free Windows Admin Tool Kit Click here and download it now
November 11th, 2010 10:31am
On Thu, 11 Nov 2010 13:04:34 +0000, Aliyani Sabrey wrote:
[ snip ]
>I open port from 6001-6004 in router broadband and I telnet the port and it respons.
Don't do that. The RPC is encapsulated in HTTPS. The router should
only see port 443 traffic.
>As I configure outlook client using ADSL broadband, the credential is asked and the warning above is appeared.
>
>I made a trial & error. I configured the profile for outlook inside the network so that it resolved. and It resolved successfully in Internal network.
>
>Then, I tried ADSL broadband outside my internal network, and open my outlook 2007 client and the funny things the connection is established after asking the credential.
>
>How that happened? the weird thing is that the server name and name of user can't be resolved when create the new profile outside the network. I have to do resolved name and servername and configure outlook anywhere inside the network first. then, after
that, the outlook work fine if we use the outlook at home.
It sounds like AutoDiscover isn't working over your external
connection. It might be a DNS problem.
>I couldn't find the answer...help me please where i do wrong.
Start here:
http://testoutlookconnectivity.com
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
November 11th, 2010 11:11am
Thank you for kind reply.
Rich Matheisen, how do we know the autodiscover isn't working over external? can you guide me how to change..
I check that the AutodiscoverServiceInternalUri point to -?
https://mycomp.domain.local/autodiscover/autodiscover.xml
I check at http://www.testexchangeconnectivity.com, my autodiscover failed.
The SSL certificate failed one or more certificate validation checks.
Test Steps
Validating the certificate name.
Certificate name validation failed.
Aliyani Sabrey
Free Windows Admin Tool Kit Click here and download it now
November 11th, 2010 6:11pm
On Thu, 11 Nov 2010 23:07:02 +0000, Aliyani Sabrey wrote:
>Rich Matheisen, how do we know the autodiscover isn't working over external?
I don't know that, but it's what I suspect.
>can you guide me how to change..
Without knowing what's not right it's hard to tell you what to
correct. Start with these links:
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx
http://www.exchange-genie.com/2007/07/exchange-2007-autodiscover-service-part-1/
http://technet.microsoft.com/en-us/library/bb232838(EXCHG.80).aspx
http://msexchangeteam.com/archive/2007/04/30/438249.aspx
>I check that the AutodiscoverServiceInternalUri point to -? https://mycomp.domain.local/autodiscover/autodiscover.xml
>
>I check at http://www.testexchangeconnectivity.com, my autodiscover failed.
>
>
> The SSL certificate failed one or more certificate validation checks.
> Test Steps
> Validating the certificate name.
> Certificate name validation failed.
So you're using a certificate generated by one of your own Certificate
Authorities, or a certificate that's self-signed by the Exchange
server? If that's so, get a certificate from a public CA.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
November 11th, 2010 7:47pm
Thank for once again.. I already figure out. I think I have to change the Autodiscover which I follow the URL below:
http://support.microsoft.com/?kbid=940726
The outlook anywhere works now with "https" connectivity. I already closed the port I open which is 6001-6004 where I followed the configuration of exchange 2003 previously that I assumed the same with both 2003 and 2007.
however, once the outlook to copy the mailbox to local mailbox, there is security warning on certificate of autodiscover certificate does not match with principal name of certificates. I didn't know what else I missed.
Aliyani Sabrey
Free Windows Admin Tool Kit Click here and download it now
November 11th, 2010 8:20pm
On Fri, 12 Nov 2010 01:15:32 +0000, Aliyani Sabrey wrote:
>
>
>Thank for once again.. I already figure out. I think I have to change the Autodiscover which I follow the URL below:
>
>http://support.microsoft.com/?kbid=940726
>
>
>
>The outlook anywhere works now with "https" connectivity. I already closed the port I open which is 6001-6004 where I followed the configuration of exchange 2003 previously that I assumed the same with both 2003 and 2007.
>
>however, once the outlook to copy the mailbox to local mailbox, there is security warning on certificate of autodiscover certificate does not match with principal name of certificates. I didn't know what else I missed.
If you're only using one certificate you can try the SRV record in DNS
approach. The information is in the autodiscover whitepaper.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
November 11th, 2010 10:44pm
If you're only using one certificate you can try the SRV record in DNS
approach. The information is in the autodiscover whitepaper
can you tell me how? and what's the link (URL)?
Aliyani Sabrey
Free Windows Admin Tool Kit Click here and download it now
November 12th, 2010 1:05am
On Fri, 12 Nov 2010 06:01:07 +0000, Aliyani Sabrey wrote:
>>If you're only using one certificate you can try the SRV record in DNS approach. The information is in the autodiscover whitepaper
>can you tell me how? and what's the link (URL)?
The references were in my previous reply to you.
---
Rich Matheisen
MCSE+I, Exchange MVP
--- Rich Matheisen MCSE+I, Exchange MVP
November 12th, 2010 10:45pm