Hi,
I have an exchange 2010 server running on a 2008 R2 server and I cannot seem to get outlook anywhere working.
I can use outlook web access, my iphone and ipad can connect and I seem able to pass all of the exchange tests from the exchange testing web site (details from that test below with username etc removed)
Testing RPC/HTTP connectivity.
The RPC/HTTP test completed successfully.
Test Steps
ExRCA is attempting to test Autodiscover for myname@server.org
Autodiscover was tested successfully.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service was tested successfully.
Test Steps
Attempting to test potential Autodiscover URL https://???????
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name ?????????.org in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: ???.???.???.???
Testing TCP port 443 on host ?????????.org to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server ???????.org on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Attempting to test potential Autodiscover URL
https://?????????????
Testing of the Autodiscover URL was successful.
Test Steps
Attempting to resolve the host name autodiscover.????.org in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: ???.???.???.???
Testing TCP port 443 on host autodiscover.?????.org to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.????.org on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.??????.org, OU=??????, O=??????, L=Glasgow, S=Lanarkshire, C=GB, Issuer: CN=DigiCert High Assurance CA-3, OU=www.digicert.com, O=DigiCert Inc, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name autodiscover.?????.org was found in the Certificate Subject Alternative Name entry.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=mail.??????.org, OU=?????, O=??????, L=Glasgow, S=Lanarkshire, C=GB.
One or more certificate chains were constructed successfully.
Additional Details
A total of 4 chains were built. The highest quality chain ends in root certificate CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 8/23/2012 12:00:00 AM, NotAfter = 10/31/2015 12:00:00 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
ExRCA successfully retrieved Autodiscover settings by sending an Autodiscover POST.
Test Steps
ExRCA is attempting to retrieve an XML Autodiscover response from URL
https://autodiscover.????????.org/AutoDiscover/AutoDiscover.xml for user
??????@??????.org.
The Autodiscover XML response was successfully retrieved.
Additional Details
Autodiscover Account Settings
XML response:
<?xml version="1.0"?>
<Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<User>
<DisplayName>????????.</DisplayName>
<LegacyDN>/o=????????/ou=First Administrative Group/cn=Recipients/cn=??????</LegacyDN>
<DeploymentId>03e7cbfe-c50b-4f32-9cbf-4e82b97e45d0</DeploymentId>
</User>
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>EXCH</Type>
<Server>???????.????????.local</Server>
<ServerDN>/o=?????????/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EMAIL</ServerDN>
<ServerVersion>738180DA</ServerVersion>
<MdbDN>/o=????????/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EMAIL/cn=Microsoft Private MDB</MdbDN>
<ASUrl>https://email.????????.local/EWS/Exchange.asmx</ASUrl>
<OOFUrl>https://email.????????.local/EWS/Exchange.asmx</OOFUrl>
<OABUrl>http://email.???????.local/OAB/60818a68-4971-4391-a3d5-e2cbfe6077a5/</OABUrl>
<UMUrl>https://email.???????.local/EWS/UM2007Legacy.asmx</UMUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<PublicFolderServer>EMAIL.?????????.local</PublicFolderServer>
<AD>SERVER.??????????.local</AD>
<EwsUrl>https://email.????????.local/EWS/Exchange.asmx</EwsUrl>
<EcpUrl>https://email.????????.local/ecp/</EcpUrl>
<EcpUrl-um>?p=customize/voicemail.aspx&exsvurl=1</EcpUrl-um>
<EcpUrl-aggr>?p=personalsettings/EmailSubscriptions.slab&exsvurl=1</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx></EcpUrl-mt>
<EcpUrl-ret>?p=organize/retentionpolicytags.slab&exsvurl=1</EcpUrl-ret>
<EcpUrl-sms>?p=sms/textmessaging.slab&exsvurl=1</EcpUrl-sms>
</Protocol>
<Protocol>
<Type>EXPR</Type>
<Server>mail.????????.org</Server>
<ASUrl>https://mail.????????.org/ews/exchange.asmx</ASUrl>
<OOFUrl>https://mail.????????.org/ews/exchange.asmx</OOFUrl>
<OABUrl>https://mail.?????????.org/OAB/60818a68-4971-4391-a3d5-e2cbfe6077a5/</OABUrl>
<UMUrl>https://mail.????????.org/ews/UM2007Legacy.asmx</UMUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<SSL>On</SSL>
<AuthPackage>Ntlm</AuthPackage>
<EwsUrl>https://mail.???????.org/ews/exchange.asmx</EwsUrl>
<EcpUrl>https://mail.????????.org/ecp/</EcpUrl>
<EcpUrl-um>?p=customize/voicemail.aspx&exsvurl=1</EcpUrl-um>
<EcpUrl-aggr>?p=personalsettings/EmailSubscriptions.slab&exsvurl=1</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx></EcpUrl-mt>
<EcpUrl-ret>?p=organize/retentionpolicytags.slab&exsvurl=1</EcpUrl-ret>
<EcpUrl-sms>?p=sms/textmessaging.slab&exsvurl=1</EcpUrl-sms>
</Protocol>
<Protocol>
<Type>WEB</Type>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<Internal>
<OWAUrl AuthenticationMethod="Basic, Fba">https://email.?????????.local/owa/</OWAUrl>
<Protocol>
<Type>EXCH</Type>
<ASUrl>https://email.?????????.local/EWS/Exchange.asmx</ASUrl>
</Protocol>
</Internal>
<External>
<OWAUrl AuthenticationMethod="Fba">https://mail.???????????.org/owa/</OWAUrl>
<Protocol>
<Type>EXPR</Type>
<ASUrl>https://mail.????????.org/ews/exchange.asmx</ASUrl>
</Protocol>
</External>
</Protocol>
</Account>
</Response>
</Autodiscover>
Autodiscover settings for Outlook Anywhere are being validated.
ExRCA validated the Outlook Anywhere Autodiscover settings.
Attempting to resolve the host name mail.???????????.org in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: ???.???.???.???
Testing TCP port 443 on host mail.????????.org to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server mail.?????????.org on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=mail.??????????.org, OU=??????????, O=?????????, L=Glasgow, S=Lanarkshire, C=GB, Issuer: CN=DigiCert High Assurance CA-3, OU=www.digicert.com, O=DigiCert Inc, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name mail.????????.org was found in the Certificate Subject Common name.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=mail.???????.org, OU=???????, O=????????, L=Glasgow, S=Lanarkshire, C=GB.
One or more certificate chains were constructed successfully.
Additional Details
A total of 4 chains were built. The highest quality chain ends in root certificate CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 8/23/2012 12:00:00 AM, NotAfter = 10/31/2015 12:00:00 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL
https://mail.??????????.org/rpc/rpcproxy.dll?EMAIL.?????????.local:6002.
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Negotiate, NTLM
Testing SSL mutual authentication with the RPC proxy server.
Mutual authentication was verified successfully.
Additional Details
Certificate common name mail.???????.org matches msstd:mail.?????????.org.
Attempting to ping RPC proxy mail.?????????.org.
RPC Proxy was pinged successfully.
Additional Details
Completed with HTTP status 200 - OK
Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server EMAIL.?????????.local.
The endpoint was pinged successfully.
Additional Details
RPC Status Ok (0) returned in 655 ms.
Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
The NSPI interface was tested successfully.
Test Steps
Attempting to ping RPC endpoint 6004 (NSPI Proxy Interface) on server EMAIL.???????????.local.
The endpoint was pinged successfully.
Additional Details
RPC Status Ok (0) returned in 796 ms.
Testing NSPI "Check Name" for user ????????@?????????.org against server EMAIL.??????????.local.
The test passed with some warnings encountered. Please expand the additional details.
Tell me more about this issue and how to resolve it
Additional Details
NspiBind returned ecNotSupported. This typically indicates that your server requires RPC encryption. ExRCA will attempt the NSPI test again with encryption.
Testing NSPI "Check Name" for user ?????????@???????????.org against server EMAIL.????????.local.
Check Name succeeded.
Additional Details
DisplayName: ????? ?????????., LegDN: /o=??????/ou=First Administrative Group/cn=Recipients/cn=???????
Testing the Referral service on the Exchange Mailbox server.
The Referral service was tested successfully.
Test Steps
Attempting to ping RPC endpoint 6002 (Referral Interface) on server EMAIL.???????????.local.
The endpoint was pinged successfully.
Additional Details
RPC Status Ok (0) returned in 749 ms.
Attempting to perform referral for user /o=????????????????/ou=First Administrative Group/cn=Recipients/cn=???????? on server EMAIL.??????????.local.
ExRCA successfully got the referral.
Additional Details
The server returned by the Referral service: EMAIL.???????????.local
Testing the Exchange Information Store on the Mailbox server.
ExRCA successfully tested the Information Store.
Test Steps
Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server EMAIL.???????????.local.
The endpoint was pinged successfully.
Additional Details
RPC Status Ok (0) returned in 218 ms.
Attempting to log on to the Exchange Information Store.
ExRCA successfully logged on to the Information Store.
when I try to connect outlook 2010 keeps asking for my username and password, I have tried setting outlook to connect to exchange using http and its made no difference.
below is what my certificate are set for on the virtual directories etc
CertificateAuthentication :
InternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity}
ExternalAuthenticationMethods : {Ntlm, WindowsIntegrated, WSSecurity}
LiveIdSpNegoAuthentication : False
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : False
DigestAuthentication : False
WindowsAuthentication : True
[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | fl *auth*
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
LiveIdSpNegoAuthentication : False
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
any help would be more than welcome
Thanks
Jamie