Outlook over HTTP with SBS 2003
|
From: Lesa H. on 23 Jun 2010 14:15 I'm pulling my hair out over this. I have a client with a SBS 2003 server. We have a self-signed certificate on the server and I am able to access e-mail via the address https://customerdomain.dyndnsaddress.com/exchange. I have installed the certificate on my computer and no longer get the certificate warning when I go to either /exchange or /remote. I have followed the instructions to get this working to the letter on both Outlook and the SBS server. When I ran the CEICW, it said it was successful. I have port 443 open hence the access to RWW. Two odd things I noticed when setting this up. Normally when you run the CEICW, the next time you run it, you see the settings from the previous run but I don't see that in this case. I didn't really worry about this because stranger things have happened. The other thing that is odd is that I don't see the instructions for setting up Outlook via the Internet. In the past when I've run the CEICW and allowed this, there is a new link on the right side that explains how to set it up. That makes me concerned that something is not working with the CEICW even though it says it's successful (and by the way, when I run it there are no events in the logs at the SBS server that would indicate a problem). When I run the tests at https://www.testexchangeconnectivity.com I get green checks across the board except for an error message about the Certificate Trust "The certificate chain did not end in a trusted root." which I understand from research is normal when you have a self signed certificate. I'm trying to configure this from behind my SBS server for testing, but I don't think that would be causing a problem. I've done this with other clients and it worked like a champ. What I would like to know is does anyone have a list of things that get changed when you run the CEICW to allow Outlook via HTTP and the associated settings so I can verify that it actually worked. In addition, if anyone has suggestions that may help, I would appreciate the assistance. I know I can get a regular certificate and it may be OK, but this is a temporary configuration and I'm going to change the FQDN soon and don't want to purchase one for such a short time. Thanks in advance! Lesa
From: "Robbin Meng [MSFT]" on 28 Jun 2010 05:16 Hi Lesa, Thanks for your post. If the Exchange Remote Connectivity Analyzer(RCA) tool test passed and your Outlook client works fine for RPC over HTTP within your domain LAN network, I think both the Exchange server and Outlook profile is correctly configured. Regarding other thoughts, In addition to Exchange RCA, please notice the below recommended best practices to avoid certificate related issues: " Make sure that the occurrences shows the correct name. Even if your local Active Directory domain is "domain.local," you can still generate a Windows Certification Authority certificate for "webmail.domain.com" by following the wizard in Internet Information Services (IIS) Manager. " Make sure that the root certificate exists in the "Trusted Root Certification Authorities" folder on the local computer. The server certificate does not necessarily have to be imported to the computer, but the computer must trust the root authority. Those computers that are part of an Active Directory domain should always trust the root certificate, but home computers and computers that are not part of the corporate Active Directory forest could just as easily use RPC over HTTPS. " Make sure that network administrators renew the certificate before it expires. 1. Configure an email profile for Outlook 2003 clients to use RPC over HTTP. For detailed steps, see "How to Create an Outlook Profile for Users to Use with RPC over HTTP." http://technet.microsoft.com/en-us/exchange/aa996069(EXCHG.65).aspx 2. Test RPC virtual directory configuration from your Windows client. For detailed steps, see "How to Verify RPC Virtual Directory Configuration." http://technet.microsoft.com/en-us/exchange/bb124175(EXCHG.65).aspx More information: How to Deploy RPC over HTTP for the First Time in Small Business Server 2003 (Standard or Premium) http://technet.microsoft.com/en-us/exchange/bb123622.aspx You cannot use Outlook 2003 to connect to an Exchange 2003 server by using RPC over HTTPS http://support.microsoft.com/kb/979177 Hope this helps. Sincerely, Robbin Meng Microsoft Online Newsgroup Support ================================================================== This posting is provided "AS IS" with no warranties, and confers no rights. ==================================================================
From: Lesa H. on 7 Jul 2010 09:05 For anyone else who might be searching for this same problem, I found the issue was that the CEICW wasn't actually running properly. It looked like it completed successfully, but it wasn't making the changes required to allow this function. I found that there was a third network adapter (1394 I think) that was listed in the network adapters. I had to actually uninstall this adapter (just disabling it didn't work) to get the CEICW to run properly. After I removed it and re-ran the wizard, the changes were applied properly and the configuration started working. ""Robbin Meng [MSFT]"" <v-robmen(a)online.microsoft.com> wrote in message news:1muOVKqFLHA.2348(a)TK2MSFTNGHUB02.phx.gbl... > > Hi Lesa, > > Thanks for your post. > > If the Exchange Remote Connectivity Analyzer(RCA) tool test passed and > your Outlook client works fine for RPC over HTTP within your domain LAN > network, I think both the Exchange server and > Outlook profile is correctly configured. Regarding other thoughts, In > addition to Exchange RCA, please notice the below recommended best > practices to avoid certificate related issues: > > " Make sure that the occurrences shows the correct name. Even if your > local Active Directory domain is "domain.local," you can still generate a > Windows Certification Authority certificate for > "webmail.domain.com" by following the wizard in Internet Information > Services (IIS) Manager. > " Make sure that the root certificate exists in the "Trusted Root > Certification Authorities" folder on the local computer. The server > certificate does not necessarily have to be imported to the > computer, but the computer must trust the root authority. Those computers > that are part of an Active Directory domain should always trust the root > certificate, but home computers and computers that are > not part of the corporate Active Directory forest could just as easily use > RPC over HTTPS. > " Make sure that network administrators renew the certificate before it > expires. > > > 1. Configure an email profile for Outlook 2003 clients to use RPC over > HTTP. For detailed steps, see "How to Create an Outlook Profile for Users > to Use with RPC over HTTP." > http://technet.microsoft.com/en-us/exchange/aa996069(EXCHG.65).aspx > > 2. Test RPC virtual directory configuration from your Windows client. For > detailed steps, see "How to Verify RPC Virtual Directory Configuration." > http://technet.microsoft.com/en-us/exchange/bb124175(EXCHG.65).aspx > > More information: > > How to Deploy RPC over HTTP for the First Time in Small Business Server > 2003 (Standard or Premium) > http://technet.microsoft.com/en-us/exchange/bb123622.aspx > > You cannot use Outlook 2003 to connect to an Exchange 2003 server by using > RPC over HTTPS > http://support.microsoft.com/kb/979177 > > Hope this helps. > > > Sincerely, > Robbin Meng > Microsoft Online Newsgroup Support > ================================================================== > This posting is provided "AS IS" with no warranties, and confers no > rights. > ================================================================== > > >
From: "Robbin Meng [MSFT]" on 11 Jul 2010 23:38 Good news Lesa , thanks for your feedback and sharing. Please do not hesitate to post in SBS forum again if you need any other assistance in the future. Best regards, Robbin Meng(MSFT)
|
Pages: 1 Prev: Send-as an Email alias [SBS2003PremiumR2] Next: SBCore event ID 1011 |