Announcement

Collapse
No announcement yet.

Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

    When on site and connected directly to the network, Outlook works beautifully.

    When off site using someone else's network, when I launch Outlook, it asks for my username and password and asks if I want to allow the certificate.

    Exchange Remote Connectivity Analyzer shows no errors.

    Computer <> Internet <> autodiscover.mail.com TMG and + Edge Transport (all on domain) <> mail.net

    Interestingly, the certificate shows the server name of the internal server, not the domain name for the public facing domain name (mail.com)

  • #2
    Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

    Hm. So what I did in my other post seems to have helped, slightly.

    http://forums.petri.com/showthread.php?t=61978

    I am prompted for credentials, but then Outlook works fine afterward. So, the good news is that I no longer receive a certificate error.

    I wonder if I need to create yet another TMG policy to allow all users to authenticate via passthough with all outlook VDs.

    Comment


    • #3
      Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

      I checked the firewall log, and access to the rpc VD was denied. So I changed the authentication to all users for this dir and will test again tomorrow from outside of the network and post the results.

      It seems that the part of my problem here is that in my environment, I use the same listener for a few applications, which deviates from the recommended setup. If it works, then I'll be happy and it should buy more time for me to plan on utilizing separate listeners once I get more public IP addresses!

      Comment


      • #4
        Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

        Originally posted by beer View Post
        When on site and connected directly to the network, Outlook works beautifully.

        When off site using someone else's network, when I launch Outlook, it asks for my username and password and asks if I want to allow the certificate.

        Exchange Remote Connectivity Analyzer shows no errors.

        Computer <> Internet <> autodiscover.mail.com TMG and + Edge Transport (all on domain) <> mail.net

        Interestingly, the certificate shows the server name of the internal server, not the domain name for the public facing domain name (mail.com)

        I had almost the same issue but not with OWA. my Owa will work great outside but outlook will not. so i had to open these ports 135, 6002 enable the outlook anywhere on the exchange and when prompt by outlook for username and password i had to use [email protected] and that the only why i could make this thing working. hope it will help

        Comment


        • #5
          Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

          Are you using a 3rd Party SSL certificate? Is the certificate you are using for Exhcange a SAN or Wildcard? Furthermore, I take it you have an SSL web listener on TMG? Do you pass it through to Exchange via SSL? It is worth reviewing guides with regards to publishing Exchange 2010 via TMG.

          Comment


          • #6
            Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

            Originally posted by Virtual View Post
            Are you using a 3rd Party SSL certificate? Is the certificate you are using for Exhcange a SAN or Wildcard? Furthermore, I take it you have an SSL web listener on TMG? Do you pass it through to Exchange via SSL? It is worth reviewing guides with regards to publishing Exchange 2010 via TMG.
            I am using a wildcard SSL certificate.

            Yes, I do have an SSL listener and yes it passes it through via SSL.

            After making that change, now it won't even connect remotely. I am prompted for my credentials and the username is prepopulated with [email protected]
            Last edited by beer; 14th November 2012, 17:50.

            Comment


            • #7
              Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

              There is no issue with using the same listener for multiple sites/resources in TMG, but you should use the wizards to publish Exchange. It was common practice in ISA 2004/6 to add the /rpc and /Microsoft-server-ActiveSync virtual directories to the OWA publishing rule paths. In TMG you should have a separate publishing rule for each protocol even if they all use the same listener.
              BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
              sigpic
              Cruachan's Blog

              Comment


              • #8
                Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                Originally posted by cruachan View Post
                There is no issue with using the same listener for multiple sites/resources in TMG, but you should use the wizards to publish Exchange. It was common practice in ISA 2004/6 to add the /rpc and /Microsoft-server-ActiveSync virtual directories to the OWA publishing rule paths. In TMG you should have a separate publishing rule for each protocol even if they all use the same listener.
                Hm. Perhaps I'll republish them. Maybe I tinkered around with a setting and messed something up.

                Comment


                • #9
                  Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                  Well, we are about 90% there.

                  The last problem I am having is this:

                  1) Connect to public network
                  2) Open outlook
                  3) Outlook prompts me for my password, the username field is preloaded with my email
                  4) When I type in my password, it doesn't accept it
                  5) The TMG log shows a 401 unauthorized error for that event
                  6) I type replace my email in the username field, with my regular username and then the password, and then it works!

                  So how can I get it to authenticate automatically with my email address?

                  What gives?

                  Edit:

                  My username is different that the email address

                  Username format

                  initialoffirstnamethenfulllastname

                  Example
                  jsmith

                  [email protected]

                  Example
                  [email protected]
                  Last edited by beer; 13th January 2013, 22:07. Reason: Added detail

                  Comment


                  • #10
                    Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                    Don't know why it's defaulting to email address, as DOMAIN\Username is the standard format for Outlook Anywhere and email address will not work. I use Outlook Anywhere all the time as I'm rarely in the office and I get prompted for password but the username is in the correct format.

                    We're using Exchange 2007 published via TMG 2010 and Outlook 2010.
                    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                    sigpic
                    Cruachan's Blog

                    Comment


                    • #11
                      Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                      You should be able to use UPN though which could be email address?
                      cheers
                      Andy

                      Please read this before you post:


                      Quis custodiet ipsos custodes?

                      Comment


                      • #12
                        Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                        Well, I don't provide DOMAIN\username, just username

                        And UPN would just allow me to use an alternate domain name for logging in, correct?

                        Comment


                        • #13
                          Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                          Sorry was just responding to Cruachan really.
                          cheers
                          Andy

                          Please read this before you post:


                          Quis custodiet ipsos custodes?

                          Comment


                          • #14
                            Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                            No problem at all.

                            Now that I think about it, I think the issue is with TMG, right?

                            I mean, internally there is no issue. But externally, it does not like authenticating via e-mail address/password.

                            Comment


                            • #15
                              Re: Exchange 2010, Outlook 2010, TMG and HTTP over RPC Connection Issue

                              Originally posted by AndyJG247 View Post
                              You should be able to use UPN though which could be email address?
                              Isn't UPN an AD feature rather than an Exchange one, so UPN would be the "internal" email address (I.e. [email protected]) rather than primary SMTP address?

                              Check the security logs in Event Viewer on the TMG server, if there are failed logins you'll see them there.
                              BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                              sigpic
                              Cruachan's Blog

                              Comment

                              Working...
                              X