When attempting to connect to Exchange Server 2010 using outlook 2007 from outsied domain. Outlook throws an error stating "Cannot Open default mail folders. You must connect to microsoft exchange with the current profile before you can synchronize your folders with your offline folder file" Test Exchange connectivity results: Testing RPC/HTTP connectivity RPC/HTTP test completed successfully. Test Steps Attempting to resolve the host name mail.domain.com in DNS. Host successfully resolved Additional Details IP(s) returned: x.x.x.x Testing TCP Port 443 on host mail.domain.com to ensure it is listening and open. The port was opened successfully. Testing SSL Certificate for validity. The certificate passed all validation requirements. Test Steps Validating certificate name Successfully validated the certificate name Additional Details Found hostname mail.domain.com in Certificate Subject Common name Validating certificate trust The test passed with some warnings encountered. Please expand additional details. Additional Details Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ's from your Certificate Authority for more information. Testing certificate date to ensure validity Date Validation passed. The certificate is not expired. Additional Details Certificate is valid: NotBefore = 4/29/2010 1:43:16 PM, NotAfter = 3/31/2011 2:05:34 PM" Testing Http Authentication Methods for URL https://mail.domain.com/rpc/rpcproxy.dll Http Authentication Methods are correct Additional Details Found all expected authentication methods and no disallowed methods. Methods Found: Negotiate, NTLM Testing SSL mutual authentication with RPC Proxy server Successfully verified Mutual Authentication Additional Details Certificate common name mail.domain.com matches msstd:mail.domain.com Attempting to Ping RPC Proxy mail.domain.com Pinged RPC Proxy successfully Additional Details Completed with HTTP status 200 - OK Attempting to ping RPC Endpoint 6001 (Exchange Information Store) on server exchangesrv1.domain.com Pinged Endpoint successfully Additional Details RPC Status Ok (0) returned in 124 ms. Testing NSPI Interface on Exchange Mailbox Server Successfully tested NSPI Interface. Test Steps Attempting to ping RPC Endpoint 6004 (NSPI Proxy Interface) on server exchangesrv1.domain.com Pinged Endpoint successfully Additional Details RPC Status Ok (0) returned in 577 ms. Testing NSPI "Check Name" for user user@domain.com against server exchangesrv1.domain.com The test passed with some warnings encountered. Please expand additional details. Tell me more about this issue and how to resolve it Additional Details NspiBind returned ecNotSupported. This typically indicates that your server requires RPC encryption. ExRCA will attempt the NSPI test again with encryption. Testing NSPI "Check Name" for user user@domain.com against server exchangesrv1.domain.com Check Name succeeded Additional Details DisplayName: User Name, LegDN: /o=Company/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User Name Testing the Referral Service on Exchange Mailbox Server Successfully tested the Referral Service Test Steps Attempting to ping RPC Endpoint 6002 (Referral Interface) on server exchangesrv1.domain.com Pinged Endpoint successfully Additional Details RPC Status Ok (0) returned in 577 ms. Attempting to perform Referral for user /o=Company/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User Name on Server exchangesrv1.domain.com Succeeded getting Referral Additional Details Server returned by Referral Service: EXCHANGESRV1.domain.com Testing the Exchange Information Store on Mailbox Server Successfully tested the Information Store Test Steps Attempting to ping RPC Endpoint 6001 (Exchange Information Store) on server exchangesrv1.domain.com Pinged Endpoint successfully Additional Details RPC Status Ok (0) returned in 389 ms. Testing Logon to the Exchange Information Store Successfully logged on to the Information Store ANy Ideas?

Hi, Few checks 1. Check Exchange RPC service is running or not? if not then run it 2. Check get-mailboxDatabase "Mailbox Database Name" |FL RpcClientAccess* "Mailbox Database Name" should be the DB which contains your mailbox. see if your internet facing CAS is there. Regards, Laeeq Qazi|Team Lead(Exchange + Sharepoint + BES + DynamicsCRM) www.HostingController.com

RPC is running. C:\Windows\system32>Get-MailboxDatabase "Mailbox Database 2138851113"| FL RcpClientAccess* C:\Windows\system32> What do you mean by Internet facing CAS?

Hi, From the previous post, some certificate warning can be found. I'd like to know what certificate that you are using now. Please verify if it is a self-signed certificate or a 3rd CA issued certificate. Please try to use get-exchangecertificate |fl, get-outlookprovider expr |fl and then post the result here. We need to compare the certificate. Besides, please try to browse https://domain.com/rpc/rpcproxy.dll outside the network. Let me know if any error occur. Regards, Xiu

RPC is running. C:\Windows\system32>Get-MailboxDatabase "Mailbox Database 2138851113"| FL RcpClientAccess* C:\Windows\system32> What do you mean by Internet facing CAS? What do you mean by Internet facing CAS? CAS which you use for outlook anywhere from internet. As you can see you dont have an RPC CAS Server set on your DB so plz set it like this Set-MailboxDatabase "Mailbox Database 2138851113" -RcpClientAccessServer "YourCAS" And then test it. Also outlook anywhere require a third part SSL certificate by default. Without it, it wont work. Regards,Laeeq Qazi|Team Lead(Exchange + Sharepoint + BES + DynamicsCRM) www.HostingController.com

A browser to https://domain.com/rpc/rpcproxy.dll prompts for a login then renders a blank page. The certificate is a single domain certificate from godaddy.com Thumbprint Services Subject ---------- -------- ------- 7D4B2069F1A8CC92B1AF56835D095F26129ACEA3 ...... C=US, S=ST, L=City, O=Org, OU=HQ, CN=mail... 6D3B12EC14C58D21014E1C54B61294915C33018A IP.WS. CN=mail.domain.com, OU=Domain Control Validated, O=mail... DD56C9F44B44B1A31CB94C3917CE928CAF0A1500 ....S. CN=EXCHANGESRV1 147CF4D6E019E2616F3CC6BBC3CE2F6F88243101 ...... CN=WMSvc-EXCHANGESRV1 [PS] C:\Windows\system32>get-outlookprovider expr |fl RunspaceId : ef20c583-491f-454f-9842-ce6daa880fb0 CertPrincipalName : Server : TTL : 1 OutlookProviderFlags : None AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) Name : EXPR DistinguishedName : CN=EXPR,CN=Outlook,CN=AutoDiscover,CN=Client Access,CN=Company,CN=Microsoft Exch ge,CN=Services,CN=Configuration,DC=addomain,DC=com Identity : EXPR Guid : ba171385-8b4e-4eed-8341-fad9daad3e78 ObjectCategory : addomain.com/Configuration/Schema/ms-Exch-Auto-Discover-Config ObjectClass : {top, msExchAutoDiscoverConfig} WhenChanged : 4/28/2010 2:23:29 PM WhenCreated : 4/28/2010 2:23:29 PM WhenChangedUTC : 4/28/2010 7:23:29 PM WhenCreatedUTC : 4/28/2010 7:23:29 PM OrganizationId : OriginatingServer : adserver.domain.com IsValid : True

[PS] C:\Windows\system32>Set-MailboxDatabase "Mailbox Database 2138851113" -RpcClientAccessServer "exchangesrv1" WARNING: The command completed successfully but no settings of 'Mailbox Database 2138851113' have been modified. [PS] C:\Windows\system32>test-outlookconnectivity cmdlet Test-OutlookConnectivity at command pipeline position 1 Supply values for the following parameters: Protocol: http Failed to find the mailbox. Mailbox = 'extest_d2fae01cba6a4@domain.com'. + CategoryInfo : OperationStopped: (Microsoft.Excha...onnectivityTask:TestOutlookConnectivityTask) [Test- OutlookConnectivity], MailboxNotFoundException + FullyQualifiedErrorId : 2BA90394,Microsoft.Exchange.Monitoring.TestOutlookConnectivityTask

This WARNING: The command completed successfully but no settings of 'Mailbox Database 2138851113' have been modified. means that "exchangesrv1" was already set as RpcClientAccessServer, This command Get-MailboxDatabase "Mailbox Database 2138851113"| FL RcpClientAccess* did not get any result bcoz i put RcpClientAccess* instead of RpcClientAccess*. Some typo. Also run test-outlookconnectivity with some email address like test-outlookconnectivity user@domain.com Also have a look into this MS article if u already have not seen it: Outlook connection issues with Exchange 2010 mailboxes because of the RPC encryption requirement If possible for u then plz put the result of Get-ExchangeCertificate |FL *Domains Your certificate should contain your external host name which u r using as host name for Outlook anywhere. Regards, Laeeq Qazi|Team Lead(Exchange + Sharepoint + BES + DynamicsCRM) www.HostingController.com

Hi, First please ensure that you browse https://domain.com/rpc/rpcproxy.dll outside the network. Please run command that Laeeq said Get-ExchangeCertificate |FL *Domains and then put the output here. Also please try to set-outlookprovider expr -cerprincipalName msstd:domain.com Note: domain.com should be the external host name. Set-OutlookProvider http://technet.microsoft.com/en-us/library/bb123683(EXCHG.80).aspx Wildcard Certificate Causes Client Connectivity Issues for Outlook Anywhere http://technet.microsoft.com/en-us/library/cc535023(EXCHG.80).aspx Regards, Xiu