|
Sorry about that. At this point, I would suggest that you call Microsoft
Product Support Services or repost to one of the microsoft.public.exchange.*
groups to see if you get any different suggestions to try.
"Evans Leung" <evans_leung@hotmail.com> wrote in message
news:eq$zINGOJHA.2404@TK2MSFTNGP05.phx.gbl...
Product Support Services or repost to one of the microsoft.public.exchange.*
groups to see if you get any different suggestions to try.
"Evans Leung" <evans_leung@hotmail.com> wrote in message
news:eq$zINGOJHA.2404@TK2MSFTNGP05.phx.gbl...
> have tried changing the registry but it didn't work, it also broke the
> originally working configurations (BOTH Outlook 2003 in Windows XP and
> Outlook 2007 in Vista)
>
> Evans
>
> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
> news:eNOaZK3NJHA.1668@TK2MSFTNGP06.phx.gbl...
>
> originally working configurations (BOTH Outlook 2003 in Windows XP and
> Outlook 2007 in Vista)
>
> Evans
>
> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
> news:eNOaZK3NJHA.1668@TK2MSFTNGP06.phx.gbl...
>> There is a known issue about Outlook 2007 and wildcard certificates.
>>
>> Looking back over this... lets try changing the rpc proxy registry key a
>> bit based on your description of:
>>
>> internal name: exchange.company.local
>> external name: owa.company.com
>>
>> I would set the ValidPorts registry value to:
>>
>> exchange:6001-6002;exchange:6004;exchange.company.local:6001-6002;exchange.company.local:6004;owa.company.com:6001-6002;owa.company.com:6004
>>
>> "evans leung" <evans_leung@hotmail.com> wrote in message
>> news:ub9SckaNJHA.3684@TK2MSFTNGP04.phx.gbl...
>>
>>>
>> Looking back over this... lets try changing the rpc proxy registry key a
>> bit based on your description of:
>>
>> internal name: exchange.company.local
>> external name: owa.company.com
>>
>> I would set the ValidPorts registry value to:
>>
>> exchange:6001-6002;exchange:6004;exchange.company.local:6001-6002;exchange.company.local:6004;owa.company.com:6001-6002;owa.company.com:6004
>>
>> "evans leung" <evans_leung@hotmail.com> wrote in message
>> news:ub9SckaNJHA.3684@TK2MSFTNGP04.phx.gbl...
>>> same... is this a known issue?
>>>
>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
>>> news:uJf$HrVNJHA.4600@TK2MSFTNGP06.phx.gbl...
>>>
>>>>>
>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
>>> news:uJf$HrVNJHA.4600@TK2MSFTNGP06.phx.gbl...
>>>> safe to assume the result is the same if you remove the msstd setting?
>>>>
>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>> news:OmwAB8KNJHA.1304@TK2MSFTNGP02.phx.gbl...
>>>>
>>>>>>>
>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>> news:OmwAB8KNJHA.1304@TK2MSFTNGP02.phx.gbl...
>>>>>i use the same settings in all fields in OL2007 just like in OL2003...
>>>>>
>>>>> msstd:owa.company.com
>>>>>
>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
>>>>> news:utSBqjKNJHA.5564@TK2MSFTNGP03.phx.gbl...
>>>>>
>>>>>>>>>
>>>>> msstd:owa.company.com
>>>>>
>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
>>>>> news:utSBqjKNJHA.5564@TK2MSFTNGP03.phx.gbl...
>>>>>> hmm... so much for the hunch of OL2007 and a wild card
>>>>>> cert...........
>>>>>>
>>>>>> When you configure OL2007 for RPC/HTTP, are you setting the principal
>>>>>> name for the proxy field (its the place where you put
>>>>>> msstd:some.server.name)?
>>>>>>
>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>> news:ebucv%23JNJHA.5232@TK2MSFTNGP05.phx.gbl...
>>>>>>
>>>>>>>>>>> cert...........
>>>>>>
>>>>>> When you configure OL2007 for RPC/HTTP, are you setting the principal
>>>>>> name for the proxy field (its the place where you put
>>>>>> msstd:some.server.name)?
>>>>>>
>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>> news:ebucv%23JNJHA.5232@TK2MSFTNGP05.phx.gbl...
>>>>>>> not a wild card one, just one, owa."company.com"
>>>>>>>
>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
>>>>>>> news:OEYVwdDNJHA.3764@TK2MSFTNGP04.phx.gbl...
>>>>>>>
>>>>>>>>>>>>>
>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in message
>>>>>>> news:OEYVwdDNJHA.3764@TK2MSFTNGP04.phx.gbl...
>>>>>>>> Not quite what I'm asking. A wildcard certificate shows that the
>>>>>>>> name the certificate was issued to is *.some.domain. A subject
>>>>>>>> alternatitive name (SAN) is where the certificate is multiple fqdn
>>>>>>>> server names. For example, you can have a certificate that can be
>>>>>>>> used for owa.some.domain, autodiscovery.some.domain,
>>>>>>>> smtp.some.domain, pop3.some.domain, .etc.
>>>>>>>>
>>>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>>>> news:eWMHP89MJHA.1308@TK2MSFTNGP02.phx.gbl...
>>>>>>>>
>>>>>>>>>>>>>>> name the certificate was issued to is *.some.domain. A subject
>>>>>>>> alternatitive name (SAN) is where the certificate is multiple fqdn
>>>>>>>> server names. For example, you can have a certificate that can be
>>>>>>>> used for owa.some.domain, autodiscovery.some.domain,
>>>>>>>> smtp.some.domain, pop3.some.domain, .etc.
>>>>>>>>
>>>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>>>> news:eWMHP89MJHA.1308@TK2MSFTNGP02.phx.gbl...
>>>>>>>>> Verisign
>>>>>>>>>
>>>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in
>>>>>>>>> message news:e0Gmgo9MJHA.4248@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in
>>>>>>>>> message news:e0Gmgo9MJHA.4248@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>> Interesting. What kind of certificate are you using on the ISA
>>>>>>>>>> box? (wildcard, san, .etc)
>>>>>>>>>>
>>>>>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>>>>>> news:e7%23Eq$uMJHA.4900@TK2MSFTNGP04.phx.gbl...
>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> box? (wildcard, san, .etc)
>>>>>>>>>>
>>>>>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>>>>>> news:e7%23Eq$uMJHA.4900@TK2MSFTNGP04.phx.gbl...
>>>>>>>>>>> thanks for your reply, it puzzeles me that the current setup has
>>>>>>>>>>> been working well with Outlook 2003 but not Outlook 2007...
>>>>>>>>>>>
>>>>>>>>>>> Evans
>>>>>>>>>>>
>>>>>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in
>>>>>>>>>>> message news:OrFpO4uMJHA.5060@TK2MSFTNGP02.phx.gbl...
>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>> been working well with Outlook 2003 but not Outlook 2007...
>>>>>>>>>>>
>>>>>>>>>>> Evans
>>>>>>>>>>>
>>>>>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in
>>>>>>>>>>> message news:OrFpO4uMJHA.5060@TK2MSFTNGP02.phx.gbl...
>>>>>>>>>>>> ISA2004 adds a layer of complexity, but
>>>>>>>>>>>> http://www.isaserver.org/tutorials/2004pubowamobile.html might
>>>>>>>>>>>> be helpful to you.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>>>>>>>> news:ekMYbfuMJHA.5564@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>> http://www.isaserver.org/tutorials/2004pubowamobile.html might
>>>>>>>>>>>> be helpful to you.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> "Evans Leung" <evans_leung@hotmail.com> wrote in message
>>>>>>>>>>>> news:ekMYbfuMJHA.5564@TK2MSFTNGP03.phx.gbl...
>>>>>>>>>>>>> Neo,
>>>>>>>>>>>>>
>>>>>>>>>>>>> I have a similar situation, my domain is company.local, server
>>>>>>>>>>>>> name is exchange
>>>>>>>>>>>>>
>>>>>>>>>>>>> with respect to your suggestion to change ValidPorts entry:
>>>>>>>>>>>>>
>>>>>>>>>>>>> at the moment I have:
>>>>>>>>>>>>>
>>>>>>>>>>>>> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>>>>>>>>>>>>>
>>>>>>>>>>>>> do I need to change the above entry?
>>>>>>>>>>>>>
>>>>>>>>>>>>> the outlook 2007 (installed in Windows XP SP2) rpc-over-http
>>>>>>>>>>>>> only works outside the network only if it VPN in (we use
>>>>>>>>>>>>> ISA2004 here)
>>>>>>>>>>>>>
>>>>>>>>>>>>> thanks,
>>>>>>>>>>>>> Evans
>>>>>>>>>>>>>
>>>>>>>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in
>>>>>>>>>>>>> message news:%23YcxBRiIJHA.468@TK2MSFTNGP06.phx.gbl...
>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>> I have a similar situation, my domain is company.local, server
>>>>>>>>>>>>> name is exchange
>>>>>>>>>>>>>
>>>>>>>>>>>>> with respect to your suggestion to change ValidPorts entry:
>>>>>>>>>>>>>
>>>>>>>>>>>>> at the moment I have:
>>>>>>>>>>>>>
>>>>>>>>>>>>> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>>>>>>>>>>>>>
>>>>>>>>>>>>> do I need to change the above entry?
>>>>>>>>>>>>>
>>>>>>>>>>>>> the outlook 2007 (installed in Windows XP SP2) rpc-over-http
>>>>>>>>>>>>> only works outside the network only if it VPN in (we use
>>>>>>>>>>>>> ISA2004 here)
>>>>>>>>>>>>>
>>>>>>>>>>>>> thanks,
>>>>>>>>>>>>> Evans
>>>>>>>>>>>>>
>>>>>>>>>>>>> "neo [mvp outlook]" <neo@discussions.microsoft.com> wrote in
>>>>>>>>>>>>> message news:%23YcxBRiIJHA.468@TK2MSFTNGP06.phx.gbl...
>>>>>>>>>>>>>> You should be asking this question over in one of the
>>>>>>>>>>>>>> microsoft.public.exchange support groups. Also, you will
>>>>>>>>>>>>>> need to clarify your post a bit. Based on the below, I would
>>>>>>>>>>>>>> assume that you have a single Exchange server setup. If my
>>>>>>>>>>>>>> understanding is right, you high level checks would be...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 1) Ensure that the RPC proxy component is installed on your
>>>>>>>>>>>>>> Windows 2003 (SP1/SP2)/Exchange 2003 SP2 server
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2) Enable the Exchange server as an RPC/HTTPS backend server.
>>>>>>>>>>>>>> (Exchange System Manager > Right click on server object >
>>>>>>>>>>>>>> Properties > RPC-HTTP tab) You may have to add the necessary
>>>>>>>>>>>>>> registry keys to get this working. Location in registry is:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> The DWORD value Enabled should be set to 1
>>>>>>>>>>>>>> The REG_SZ value ValidPorts would be set to
>>>>>>>>>>>>>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> To explain the ValidPort line better, assume that the name of
>>>>>>>>>>>>>> the Exchange server is EXCH01 and the domain name I'm working
>>>>>>>>>>>>>> with is contoso.com. The ValidPorts entry would be:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 3) I would test the connection on the internal network before
>>>>>>>>>>>>>> testing from the internet.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Other than that, test with SSL enabled and if you are using a
>>>>>>>>>>>>>> private (internal) certificates to secure the web/rpc proxy
>>>>>>>>>>>>>> services, make sure that a copy of the signing certificate
>>>>>>>>>>>>>> authority is installed on the workstations. The client
>>>>>>>>>>>>>> operating system (assuming Windows XP SP2 or newer) will
>>>>>>>>>>>>>> verify the SSL certificate back to the issuing certificate
>>>>>>>>>>>>>> authority.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> "Daniel Mazur" <news@compits.net> wrote in message
>>>>>>>>>>>>>> news:%23CNE8XYIJHA.4896@TK2MSFTNGP04.phx.gbl...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>> microsoft.public.exchange support groups. Also, you will
>>>>>>>>>>>>>> need to clarify your post a bit. Based on the below, I would
>>>>>>>>>>>>>> assume that you have a single Exchange server setup. If my
>>>>>>>>>>>>>> understanding is right, you high level checks would be...
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 1) Ensure that the RPC proxy component is installed on your
>>>>>>>>>>>>>> Windows 2003 (SP1/SP2)/Exchange 2003 SP2 server
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2) Enable the Exchange server as an RPC/HTTPS backend server.
>>>>>>>>>>>>>> (Exchange System Manager > Right click on server object >
>>>>>>>>>>>>>> Properties > RPC-HTTP tab) You may have to add the necessary
>>>>>>>>>>>>>> registry keys to get this working. Location in registry is:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> The DWORD value Enabled should be set to 1
>>>>>>>>>>>>>> The REG_SZ value ValidPorts would be set to
>>>>>>>>>>>>>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> To explain the ValidPort line better, assume that the name of
>>>>>>>>>>>>>> the Exchange server is EXCH01 and the domain name I'm working
>>>>>>>>>>>>>> with is contoso.com. The ValidPorts entry would be:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 3) I would test the connection on the internal network before
>>>>>>>>>>>>>> testing from the internet.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Other than that, test with SSL enabled and if you are using a
>>>>>>>>>>>>>> private (internal) certificates to secure the web/rpc proxy
>>>>>>>>>>>>>> services, make sure that a copy of the signing certificate
>>>>>>>>>>>>>> authority is installed on the workstations. The client
>>>>>>>>>>>>>> operating system (assuming Windows XP SP2 or newer) will
>>>>>>>>>>>>>> verify the SSL certificate back to the issuing certificate
>>>>>>>>>>>>>> authority.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> "Daniel Mazur" <news@compits.net> wrote in message
>>>>>>>>>>>>>> news:%23CNE8XYIJHA.4896@TK2MSFTNGP04.phx.gbl...
>>>>>>>>>>>>>>> having trouble seeing my exchange server via outlook 2007
>>>>>>>>>>>>>>> over the internet
>>>>>>>>>>>>>>> connecting to my Exchange Enterprise Server 2003. Have
>>>>>>>>>>>>>>> followed Microsoft
>>>>>>>>>>>>>>> instructions, testing first without use of of SSL
>>>>>>>>>>>>>>> certificates. I may be a
>>>>>>>>>>>>>>> bit confused about front end and backend servers. I have
>>>>>>>>>>>>>>> one PC, a domain
>>>>>>>>>>>>>>> controller at our office, a seperate PC with Exchange Only
>>>>>>>>>>>>>>> on it, connecting
>>>>>>>>>>>>>>> to the Domain Controller, and another PC with Blackberry
>>>>>>>>>>>>>>> Enterprise
>>>>>>>>>>>>>>> installed. The purpose of this is to get away from use of
>>>>>>>>>>>>>>> the VPN
>>>>>>>>>>>>>>> connection required to be part of the local network for
>>>>>>>>>>>>>>> Exchange User access
>>>>>>>>>>>>>>> off property. Sounds good configuring settings into the
>>>>>>>>>>>>>>> Outlook only and
>>>>>>>>>>>>>>> preventing other local access this way. Any ideas? Again,
>>>>>>>>>>>>>>> cannot get the
>>>>>>>>>>>>>>> Outlook to see the Exchange Server during the logon name and
>>>>>>>>>>>>>>> password to
>>>>>>>>>>>>>>> server process.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> over the internet
>>>>>>>>>>>>>>> connecting to my Exchange Enterprise Server 2003. Have
>>>>>>>>>>>>>>> followed Microsoft
>>>>>>>>>>>>>>> instructions, testing first without use of of SSL
>>>>>>>>>>>>>>> certificates. I may be a
>>>>>>>>>>>>>>> bit confused about front end and backend servers. I have
>>>>>>>>>>>>>>> one PC, a domain
>>>>>>>>>>>>>>> controller at our office, a seperate PC with Exchange Only
>>>>>>>>>>>>>>> on it, connecting
>>>>>>>>>>>>>>> to the Domain Controller, and another PC with Blackberry
>>>>>>>>>>>>>>> Enterprise
>>>>>>>>>>>>>>> installed. The purpose of this is to get away from use of
>>>>>>>>>>>>>>> the VPN
>>>>>>>>>>>>>>> connection required to be part of the local network for
>>>>>>>>>>>>>>> Exchange User access
>>>>>>>>>>>>>>> off property. Sounds good configuring settings into the
>>>>>>>>>>>>>>> Outlook only and
>>>>>>>>>>>>>>> preventing other local access this way. Any ideas? Again,
>>>>>>>>>>>>>>> cannot get the
>>>>>>>>>>>>>>> Outlook to see the Exchange Server during the logon name and
>>>>>>>>>>>>>>> password to
>>>>>>>>>>>>>>> server process.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
All times are in (US) Eastern Daylight Time (GMT -4:00)