Announcement

Collapse
No announcement yet.

XP + Exchange 2013

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • XP + Exchange 2013

    Hello. We have a new Windows server 2012 + Exchange 2013 CU1 installation. i configured only a send connector to send emails for test purposes and 3 users. Exchage server has only company.local as an accepted domain and the default email address policy. I try to configure outlook 2010 running on a XP machline, but i get a popup for username kai password. I don't have any ssl certificate. i want to test only configuring outlook in the lan, not outside the lan with the company.local domain. but XP with office 2010 doesn't work. Windows 7 with Office 2010 works ok.
    I tried the following:
    -i runSet-OutlookProvider EXCH -CertPrincipalName msstd:server.company.local
    -i configured Outlook-->«Connect to Microsoft Exchange using HTTP” and typed server.company.local
    -at the XP machine i changed the following registry entry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\ImcompatibilityLevel-->3

    Any ideas for this?
    Regards

  • #2
    Re: XP + Exchange 2013

    SSL certificate is pretty much mandatory with Exchange 2013 because it uses Outlook Anywhere only for connectivity.
    If you have the authentication set to Negotiate then that may also cause problems because XP cannot cope with that.

    Strongly suggest dropping Windows XP and using something a little more modern.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: XP + Exchange 2013

      Hello. You mean that Xp+Outlook2010 can't connect to Exchange 2013 at all? I checked a few things from articles i found. the internal domain is company. internal
      • At exchange server i go to servers->Outlook Anywhere.The internal host name is server.company.local and authentication method NTLM. Allow SSl offlading is enabled
      • I run the commands about outlook provider. the command were Set-OutlookProvider EXCH -CertPrincipalName msstd:server.company.local and Set-OutlookProvider EXPR -CertPrincipalName msstd:server.company.local
      After that, when i run get-outlookprovider i get this:
      Name Server CertPrincipalName TTL
      EXCH msstd:server.company.internal 1
      EXPR msstd:server.company.internal 1
      WEB 1






      At windows XP client i go to Connection->Exchange Proxy Settings and type the following:
      • Use this URL to connect to my proxy server for Exchange-> https://server.company.local
      • Connect using SSL only-> msstd:server.company.local
      • Authentication->NTLM
      After that the account is created and outlook is online for a few minutes. after that a pop-up window appears for username and password. I tried these after setting the mention registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\ImcompatibilityLevel to either 2 or 3 but nothing.
      What else can i try?
      Regards

      Comment


      • #4
        Re: XP + Exchange 2013

        Do you have a trusted SSL certificate in place?

        Windows XP and Exchange 2013 is not a great combination. The quicker Windows XP goes away the better.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: XP + Exchange 2013

          Hi. No SSL certificate. only the self issued by Exchange 2013. But i want to setup internal Outlook accounts. No access form the internet

          Comment


          • #6
            Re: XP + Exchange 2013

            You shouldn't have to configure Outlook manually. It should all be done by Autodiscover. That includes the Outlook Anywhere configuration.

            Therefore that would suggest that the configuration being delivered by Exchange isn't correct and it is being "corrected" by Autodiscover shortly after connection.

            Self Signed certificates are not good, and cause a lot of headaches. Is anyone can have any access to the server from the internet? ActiveSync, OWA etc? You would save a lot of hassle by switching to a trusted certificate and setting up Exchange to use that instead.

            If you persist in wanting to use the self signed certificate then I will drop off the question - I think they are a waste of time and as such do not have anything to do with them. Even my labs use trusted certificates.

            Simon.
            --
            Simon Butler
            Exchange MVP

            Blog: http://blog.sembee.co.uk/
            More Exchange Content: http://exchange.sembee.info/
            Exchange Resources List: http://exbpa.com/
            In the UK? Hire me: http://www.sembee.co.uk/

            Sembee is a registered trademark, used here with permission.

            Comment


            • #7
              Re: XP + Exchange 2013

              Hello. I deleted the virtual machines and created them from scratch, including the domain controller. So I have a new domain controller, with domain name company.internal and installed Exchange 2013 CU2. I also purchased a wild card certificate.
              The users will access exchange server from the internet using https: //mail.company.com/owa
              As you see the domain names internally and externally are different. After Exchange was installed I did the following:
              · Exchange Server name: Exch01. There is only one exchange server, all roles installed.
              · Internal domain name: company.internal
              · External domain name: mail.company.com
              · At the internal DNS,except from the company.internal zone, I created the zones mail.company.com and autodiscover.company.com. At each zone I created an empty A record with IP the IP of the Exchange Server.
              · At the external DNS the provider created an A record for mail.company.com and a CNAME record autodiscover.company.com pointing to mail.company.com
              · At exchange server I went to servers->Outlook anywhere and changed the internal and external host name to be mail.company.com
              · For each virtual directory I changed the internal url with the following command from PowerShell:
              Set-owavirtualdirectory –identity “Exch01\owa (Default Web Site)” –internalurl https: //mail.company.com/owa. I run this command for ecp,oab,ews and activesyncvirtualdirectory
              · I installed the certificate running the command:
              Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\cert.pfx -Encoding byte -ReadCount 0)) -PasswordGet-Credential).password
              · I assigned the services IIS and SMTP to the certificate
              · The certificate is from Globalsign. It’s a wild card domain+organization certificate. The certificates is issued for *.company.com and includes the following SAN’s
              Ø *.company.com
              Ø Exch01.company.internal
              Ø Owa.company.com
              Ø Mail.company.com
              Ø Autodiscover.company.com
              Ø Company.com
              · I run the following commands:
              Set-Outlookprovider EXCH –CertPrincipalName msstd:*.company.com
              Set-Outlookprovider EXPR –CertPrincipalName msstd:*.company.com
              Set-ClientAccessServer –Identity “Exch01” –AutodiscoverServiceInternalURi https://mail.company.com/autodiscover/autodiscover.xml

              These are the steps I followed. After that Windows 7+Outlook 2010 can create the account successfully and connect to Exchange server. Windows XP+Outlook 2010 can’t create the account. I get a pop-up windows for username and password. I set the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\ImcompatibilityLevel to either 2 or 3 but no success.

              Are the steps I followed correct? I suspect there is something wrong with the certificate but don’t know. Any advice is welcome.
              Thanks in advance

              Comment


              • #8
                Re: XP + Exchange 2013

                Forgot to mention that I run the tests from http: //testexchangeconnectivity.com. all the tests completed successfully.

                Comment


                • #9
                  Re: XP + Exchange 2013

                  If you are using a wildcard certificate, you only need to have the SAN of *.company.com. Your autodiscover internal Uri should be autodiscover.company.com at the beginning and you should also ensure the EWS External and Internal URLs should also be set.

                  As for XP, I believe it can have issues with a wildcard certificate but have tended to always use Win 7 with Exchange 2013. Does OWA 2013 work from XP? What IE version do the XP PCs have?

                  Comment


                  • #10
                    Re: XP + Exchange 2013

                    Hello. Well the certificate inludes *.company.com. About the internal and external url fro EWS are the same, set to company.com. Generally the virtual directories internal and external url's are the same, se to company.com with the command i described. the same for autodiscover.
                    Except if you found any mistake at the commands.
                    something else to check? any ideas are welcome
                    Thanks

                    Comment


                    • #11
                      Re: XP + Exchange 2013

                      You created the DNS zone for autodiscover but didn't use autodiscover in the URL you set for the autdiscoverinternaluri. If you look at the threads I have started via my profile, one refers to SSL certificates for Exchange 2010. Review the commands that were carried out.

                      Comment

                      Working...
                      X