Setting up Outlook Anywhere on my home PC to work email
Hello all,
I need some help in figuring out how to setup Outlook Anywhere (we dont have VPN we use some weird Citrix connection) for my work email. I have setup Outlook Anywhere for other companies and it was never that difficult...
Has anyone had experience setting it up or making sure that if I am able to?
I made sure the settings were correct through the typical Outlook profile setup
The initial exchange server setup I have:
Microsoft exchange server: mail.domain.com (this is the public DNS MX record for my domain...used MX toolbox)
Mailbox: My username
More settings area (Connection tab):
Made sure I checked "Connect my Exchange server using HTTP"
Exhange Proxy settings:
URL to connect to Exchange proxy: https://"email.domain.com" (should be the same as accessing OWA right?)
Checked off mutually authenticate using SSL
Principal name: msstd:email.domain.com (which is what is listed on certificate for OWA)
Proxy authentication: Basic
The thing that keeps happening is when it asks for the credentials I enter it but it keeps returning with the same prompt as if I got it wrong...Ive tried multiple variations like: domain\username, username@domain.com, username only, OWA address\username and it never accepts...I know Ive got my password right because I use OWA all the time. I know this isn't a big deal since I have OWA but I thought I would get some usage out of my Outlook 2010 at home and its been bugging me. Any insight would help! Thanks in advance
I need some help in figuring out how to setup Outlook Anywhere (we dont have VPN we use some weird Citrix connection) for my work email. I have setup Outlook Anywhere for other companies and it was never that difficult...
Has anyone had experience setting it up or making sure that if I am able to?
I made sure the settings were correct through the typical Outlook profile setup
The initial exchange server setup I have:
Microsoft exchange server: mail.domain.com (this is the public DNS MX record for my domain...used MX toolbox)
Mailbox: My username
More settings area (Connection tab):
Made sure I checked "Connect my Exchange server using HTTP"
Exhange Proxy settings:
URL to connect to Exchange proxy: https://"email.domain.com" (should be the same as accessing OWA right?)
Checked off mutually authenticate using SSL
Principal name: msstd:email.domain.com (which is what is listed on certificate for OWA)
Proxy authentication: Basic
The thing that keeps happening is when it asks for the credentials I enter it but it keeps returning with the same prompt as if I got it wrong...Ive tried multiple variations like: domain\username, username@domain.com, username only, OWA address\username and it never accepts...I know Ive got my password right because I use OWA all the time. I know this isn't a big deal since I have OWA but I thought I would get some usage out of my Outlook 2010 at home and its been bugging me. Any insight would help! Thanks in advance
Comments
-
saspro
Member Posts: 114
Change the Proxy Authentication settings at the bottom to Basic Authentication.
Providing you've got your OWA cert installed this should then work -
lsud00d
Member Posts: 1,571
Do you know if the Exchange server supports the HTTP proxy?
Did you try the various proxy authentication settings? -
RomBUS
Member Posts: 699 ■■■■□□□□□□
Yes I forgot to mention I had changed to Basic Authentication.
If installing you mean clicking on the cert info on the OWA page and installing it automatically to my cert store, then yes I've done that too -
lsud00d
Member Posts: 1,571
Can you still login to OWA, just to verify that you didn't lock your account from hitting the server too much?
-
saspro
Member Posts: 114
Yes I forgot to mention I had changed to Basic Authentication.
If installing you mean clicking on the cert info on the OWA page and installing it automatically to my cert store, then yes I've done that too
If it's not a "proper" cert (i.e. a paid for UCC one) then you'll need to import it in to the trusted root store.
Have you tried using https://www.testexchangeconnectivity.com/ to test access to the server ?(just incase Outlook anywhere isn't configured properly on the server) -
RomBUS
Member Posts: 699 ■■■■□□□□□□
If it's not a "proper" cert (i.e. a paid for UCC one) then you'll need to import it in to the trusted root store.
Have you tried using https://www.testexchangeconnectivity.com/ to test access to the server ?(just incase Outlook anywhere isn't configured properly on the server)
Saspro,
I think I may have found the issue...it may have not have helped me get it working but it made me figure out the problem. I ran the test both using manual (said that it didnt resolve the internal name) and then I ran the Autodiscovery method (it passed all tests except for RPC endpoint 6004 (NSPI Proxy Interface) which was the last test). I looked up the error in the link it provided me (Technet article: Content not found. Thanks for the awesome tool, it was a very big help! Now I can narrow down what the issue is. I will get back to you guys to see if I can resolve it now or not (using a test machine at work). Or it may be that Outlook Anywhere isnt enabled (dont have access to company Exchange server) -
Everyone
Member Posts: 1,661
Just because OWA and/or ActiveSync are enabled, doesn't mean Outlook Anywhere is enabled. Probably would have saved yourself a lot of time if you just asked your Exchange guy.
-
RomBUS
Member Posts: 699 ■■■■□□□□□□
Yeah I know that that's what I should've done but I just wanted to see if I could do anything on my end and just for kicks to see if it'll work with a different config or something. It was most likely is because we dont have Outlook Anywhere enabled (isn't enabled by default right?). I'll try to ask later today
Anywayd thanks for the extra help guys! -
Everyone
Member Posts: 1,661
Correct, it is NOT enabled by default.. It was most likely is because we dont have Outlook Anywhere enabled (isn't enabled by default right?). I'll try to ask later today -
rsutton
Member Posts: 1,029 ■■■■■□□□□□
Microsoft exchange server: mail.domain.com (this is the public DNS MX record for my domain...used MX toolbox)
This is incorrect. you should have the internal FQDN of your server here, you have the public facing host name, which is not the same thing. -
lsud00d
Member Posts: 1,571
This is incorrect. you should have the internal FQDN of your server here, you have the public facing host name, which is not the same thing.
My previous job had the Exchange server and internal FQDN as the same DNS record...it happens. -
RomBUS
Member Posts: 699 ■■■■□□□□□□
This is incorrect. you should have the internal FQDN of your server here, you have the public facing host name, which is not the same thing.
Hmm that's strange on other occasions I've always put the public DNS record for the MS Exchange server and it has worked, also the FQDN of their internal was different from their external. I thought I would have to put the public facing name since I cannot communicate internally? -
Everyone
Member Posts: 1,661
Some places will use the same name internal and external. Pretty common to see something like "mail.domain.com" used as both the internal and external name.
The important part is how the firewall is configured. You're right in saying you can't communicate internally, you have to have an external facing name to connect to, but that name may not be the same as the MX record (although it often is). The MX record tells SMTP traffic where to go, which depending on the size of the environment, may not be the same server that HTTP traffic goes to for OWA/ActiveSync/RCP Over HTTP (Outlook Anywhere). When e-mail is sent (SMTP port 25 traffic) to domain.com, the MX record may tell it to go to mail.domain.com, which the firewall will get first, from there it may go to an anti-spam/anti-virus mail gateway, which may not even be an Exchange server. You could have outlook.domain.com being the address you really need to connect to for your Outlook (port 443 since SSL is required for this), which again goes to the firewall first. The internal entry may be cas.domain.com, the firewall sends the traffic to whatever the correct server is.
Make sense? -
RomBUS
Member Posts: 699 ■■■■□□□□□□
Some places will use the same name internal and external. Pretty common to see something like "mail.domain.com" used as both the internal and external name.
The important part is how the firewall is configured. You're right in saying you can't communicate internally, you have to have an external facing name to connect to, but that name may not be the same as the MX record (although it often is). The MX record tells SMTP traffic where to go, which depending on the size of the environment, may not be the same server that HTTP traffic goes to for OWA/ActiveSync/RCP Over HTTP (Outlook Anywhere). When e-mail is sent (SMTP port 25 traffic) to domain.com, the MX record may tell it to go to mail.domain.com, which the firewall will get first, from there it may go to an anti-spam/anti-virus mail gateway, which may not even be an Exchange server. You could have outlook.domain.com being the address you really need to connect to for your Outlook (port 443 since SSL is required for this), which again goes to the firewall first. The internal entry may be cas.domain.com, the firewall sends the traffic to whatever the correct server is.
Make sense?
You absolutely makes sense...so the question is where the MX record point to is my issue here. For which I do not know my company's infrastructure that well (just start two months ago for company move for a client so I didnt quite learn the ropes yet) that it probably points to another internal name I do not know about. Thanks for clearing that up! Is there a way to find out where the MX record points to RPC overt HTML or external mail...or is that only known by actually looking at my internal DNS entries? -
Everyone
Member Posts: 1,661
You absolutely makes sense...so the question is where the MX record point to is my issue here. For which I do not know my company's infrastructure that well (just start two months ago for company move for a client so I didnt quite learn the ropes yet) that it probably points to another internal name I do not know about. Thanks for clearing that up! Is there a way to find out where the MX record points to RPC overt HTML or external mail...or is that only known by actually looking at my internal DNS entries?
Does your company even use the same domain name internally as they do externally?
You could do an nslookup on your internal domain name while you're at work to find out what your internal MX record is. This will usually be the next hop after the firewall for SMTP traffic.
For your other traffic, you really won't be able to tell unless you have access to your mail infrastructure, or ask someone who does.
