Exchange 2013 2007 co-existence Outlook Anywhere issues

Sorted out all other issues (apart from a SSO issue- another thread) . Activesync, autodiscover etc all working- but Outlook Anywhere does not work for Exchange 2007 external mailboxes. It does work for 2013 mailboxes internally and externally-
and 2007 mailboxes internally.
Exchange 2013 SP1. Exchange 2007 Sp3 RU10. Legacy namespace is in use and on certificate. Outlook Anywhere IIS Authentication is set to Basic and NTLM on both 2007 and 2013 servers. Outlook Anywhere external client authentication is set to Basic.
Any sugestions what to look at next?

Tony,
I apologize for the stupid question, but was Outlook Anywhere working on Exchange 2007 before you started the upgrade?
When you open command prompt on Exchange 2007 and ping the Exchange 2007 internal FQDN or NetBIOS name, do you get an IPv4 address or you get the IPv6 one?
Step by Step Screencasts and Video Tutorials

Similar Messages

OWA SSO issues in Exchange 2013 - 2007 co-existence

This may not be possible. For a multitude of reasons the client needs OWA authentication of Windows Integrated and Basic. As a result I''ve got a double prompt for users still on 2007 for OWA externally.
Do you have to use Forms Based Authentication to get SSO to work? Is it possible to enable FBA as well as basic and Windows auth?

FBA is required on the source and destination, yes. You would need to enable that and not use Basic or Windows Auth.
http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
CAS2013 in Site1 will authenticate the user, do a service discovery, and determine that the mailbox is located within the local AD site on an Exchange 2007 Mailbox server.
CAS2013 will initiate a single sign-on silent redirect (assumes FBA is enabled on source and target) to
legacy.contoso.com. CAS2007 will then facilitate the request and retrieve the necessary data from the Exchange 2007 Mailbox server.
Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

Exchange 2013 / 2010 co-existence - Outlook won't connect to Exchange 2010 mailboxes

Greetings! I have a lab set up at home where I have been testing co-existence of Exchange 2013 and 2010 for a future corporate upgrade project.
I am running into some odd behavior. Any mailbox that has been migrated to Exchange 2013 works just fine, however, when I try to set up Outlook for a mailbox still on Exchange 2010 I receive errors. OWA works just fine for these Exchange
2010 mailboxes, it is just Outlook that has the problem. This is what I am running into:
1. Outlook uses autodiscover to locate server settings. It fails at the 'logging on to mail server' step saying that Exchange isn't available; Outlook must be connected, etc.
2. It then gives me the settings box for Exchange server and Mailbox. This is auto populated with one of the Exchange 2013 servers (there are 3 of them, all have both MBX and CAS role). If I then change the server to the Exchange 2010 CAS server,
and hit 'check names', it underlines the very same entries (like it found them this time) that were there initially and goes on to finish the configuration.
3. When I launch Outlook with this Exchange 2010 user, it fails to open with the error message that the set of folders couldn't be opened.
I've been doing as much research on this as I can. I've tried disabling IPv6 to no avail. It seems as if perhaps the issue is with Exchange 2013 proxying the request back to the Exchange 2010 servers but I am not sure what to check in that regards.
Any suggestions? Thanks in advance!

Hi,
Don´t disable IPV6 on an Exchange Server, it is, in my opinion not necessary - also applies for AD.
You can use your original SSL Cert for your new Ex 2013 environment.
In dns you want two host A records: mail.domain.com and autodiscover.domain.com
On your 2013 set your internal and external virtual directories to mail.domain.com
leave autodiscover and Powershell alone.
Also set the autodiscover URI to your Certificate name ie. mail.domain.com
Set-ClientAccessServer -Identity "YourCASServer" -AutoDiscoverServiceInternalUri "https://mail.domain.com/autodiscover/autodiscover.xml"
Thanks. I wanted to give some additional info before I run any commands. I currently have an A record for autodiscover and it is pointed to the Exchange 2013 DAG/cluster IP. I have a 3 entries for mail.domain, for DNS round robin; basically
it is listed 3 times for the IP of each of my Exchange 2013 servers. Does any of this sound problematic?

Some Outlook clients getting internal FQDN of newly installed Exchange 2013 CAS server as Outlook Anywhere Proxy address

Hello Folks,
I have this problem and is making me crazy if anyone have any idea please shed some light on this:-
1. Working Outlook 2010 and 2013 clients with webmail.xyz.com as Outlook Anywhere proxy address.
2. Installed new Exchange 2013 server (server02)with CAS and Mailbox role, Exchange install wizard finished and server is rebooted.
3. Server came up online started changing internal and external FQDN's of Virtual Directories and Outlook Anywhere to webmail.xyz.com
4. As soon as Fqdn's changed some outlook clients create support request that Outlook suddenly white's out and after reopening it is giving error cannot connect to exchange. upon checking Clients Exchange Proxy address is set to http://server02.xyz.com,
even though OA/OWA/ECP/OAB/EWS/Autodiscover/ActiveSync FQDN's Point to webmail.xyz.com, on all servers if i create new outlook profile for same user it picks up correct settings through autodiscover and connects fine, this is happening to about 20% of outlook
clients every time i am introducing new Exchange 2013 server in Organization. we have around 2000 users and planning on installing 4 exchange servers to distribute load and everytime changing outlook profile of close to 150-200 users is not possible.
Any help is greatly appreciated.
Thanks
Cool

Here are the EXCRA results
Here IP (x.x.x.x) returned is my Load Balancer IP (Webmail.xyz.com).
Connectivity Test Successful with Warnings
Test Details
    Testing Outlook connectivity.
    The Outlook connectivity test completed successfully.
       Additional Details
    Elapsed Time: 9881 ms.
       Test Steps
       The Microsoft Connectivity Analyzer is attempting to test Autodiscover for [email protected].
    Autodiscover was tested successfully.
       Additional Details
    Elapsed Time: 2063 ms.
       Test Steps
       Attempting each method of contacting the Autodiscover service.
    The Autodiscover service was tested successfully.
       Additional Details
    Elapsed Time: 2063 ms.
       Test Steps
       Attempting to test potential Autodiscover URL https://xyz.com:443/Autodiscover/Autodiscover.xml
    Testing of this potential Autodiscover URL failed.
       Additional Details
    Elapsed Time: 186 ms.
       Test Steps
       Attempting to resolve the host name xyz.com in DNS.
    The host name couldn't be resolved.
       Tell me more about this issue and how to resolve it
       Additional Details
    Host xyz.com couldn't be resolved in DNS InfoNoRecords.
Elapsed Time: 186 ms.
    Attempting to test potential Autodiscover URL https://autodiscover.xyz.com:443/Autodiscover/Autodiscover.xml
    Testing of the Autodiscover URL was successful.
       Additional Details
    Elapsed Time: 1876 ms.
       Test Steps
       Attempting to resolve the host name autodiscover.xyz.com in DNS.
    The host name resolved successfully.
       Additional Details
    IP addresses returned: x.x.x.x
Elapsed Time: 338 ms.
    Testing TCP port 443 on host autodiscover.xyz.com to ensure it's listening and open.
    The port was opened successfully.
       Additional Details
    Elapsed Time: 173 ms.
    Testing the SSL certificate to make sure it's valid.
    The certificate passed all validation requirements.
       Additional Details
    Elapsed Time: 318 ms.
       Test Steps
       The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.xyz.com on port 443.
    The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
       Additional Details
    Remote Certificate Subject: CN=webmail.xyz.com, Issuer: CN=VeriSign Class 3 Secure Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US.
Elapsed Time: 219 ms.
    Validating the certificate name.
    The certificate name was validated successfully.
       Additional Details
    Host name autodiscover.xyz.com was found in the Certificate Subject Alternative Name entry.
Elapsed Time: 1 ms.
    Certificate trust is being validated.
    The certificate is trusted and all certificates are present in the chain.
       Test Steps
       The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=webmail.xyz.com, OU=Terms of use at www.verisign.com/rpa (c)05,.
    One or more certificate chains were constructed successfully.
       Additional Details
    A total of 1 chains were built. The highest quality chain ends in root certificate CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign,
Inc.", C=US.
Elapsed Time: 36 ms.
    Analyzing the certificate chains for compatibility problems with versions of Windows.
    Potential compatibility problems were identified with some versions of Windows.
       Additional Details
    The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature
isn't enabled.
Elapsed Time: 5 ms.
    Testing the certificate date to confirm the certificate is valid.
    Date validation passed. The certificate hasn't expired.
       Additional Details
    The certificate is valid. NotBefore = 1/3/2013 12:00:00 AM, NotAfter = 11/16/2015 11:59:59 PM
Elapsed Time: 0 ms.
    Checking the IIS configuration for client certificate authentication.
    Client certificate authentication wasn't detected.
       Additional Details
    Accept/Require Client Certificates isn't configured.
Elapsed Time: 289 ms.
    Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
    The Microsoft Connectivity Analyzer successfully retrieved Autodiscover settings by sending an Autodiscover POST.
       Additional Details
    Elapsed Time: 756 ms.
       Test Steps
       The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.xyz.com:443/Autodiscover/Autodiscover.xml for user [email protected].
    The Autodiscover XML response was successfully retrieved.
       Additional Details
    Autodiscover Account Settings
XML response:
<?xml version="1.0"?>
<Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<User>
<DisplayName>Test Exch1</DisplayName>
<LegacyDN>/o=DOMAIN/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=add423106fbb47d5bf237462f52b8dab-Test Exch1</LegacyDN>
<DeploymentId>4ec753c9-60d9-4c05-9451-5b24e2d527a7</DeploymentId>
</User>
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>EXCH</Type>
<Server>[email protected]</Server>
<ServerDN>/o=DOMAIN/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/[email protected]</ServerDN>
<ServerVersion>73C0834F</ServerVersion>
<MdbDN>/o=DOMAIN/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/[email protected]/cn=Microsoft Private MDB</MdbDN>
<ASUrl>https://webmail.xyz.com/ews/exchange.asmx</ASUrl>
<OOFUrl>https://webmail.xyz.com/ews/exchange.asmx</OOFUrl>
<OABUrl>https://webmail.xyz.com/OAB/6a6a06ad-4717-4636-bd98-0b4fa3aaf4a5/</OABUrl>
<UMUrl>https://webmail.xyz.com/ews/UM2007Legacy.asmx</UMUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<PublicFolderServer>webmail.xyz.com</PublicFolderServer>
<AD>DC-03.domain.xyz.com</AD>
<EwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://webmail.xyz.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.xyz.com</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.xyz.com</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-ret>
<EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-sms>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.xyz.com</EcpUrl-photo>
<EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.xyz.com</EcpUrl-tm>
<EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmCreating>
<EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmEditing>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.xyz.com</EcpUrl-extinstall>
<ServerExclusiveConnect>off</ServerExclusiveConnect>
</Protocol>
<Protocol>
<Type>EXPR</Type>
<Server>webmail.xyz.com</Server>
<ASUrl>https://webmail.xyz.com/ews/exchange.asmx</ASUrl>
<OOFUrl>https://webmail.xyz.com/ews/exchange.asmx</OOFUrl>
<OABUrl>https://webmail.xyz.com/OAB/6a6a06ad-4717-4636-bd98-0b4fa3aaf4a5/</OABUrl>
<UMUrl>https://webmail.xyz.com/ews/UM2007Legacy.asmx</UMUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<SSL>On</SSL>
<AuthPackage>Ntlm</AuthPackage>
<EwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://webmail.xyz.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.xyz.com</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.xyz.com</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-ret>
<EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-sms>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.xyz.com</EcpUrl-photo>
<EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.xyz.com</EcpUrl-tm>
<EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmCreating>
<EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmEditing>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.xyz.com</EcpUrl-extinstall>
<ServerExclusiveConnect>on</ServerExclusiveConnect>
<EwsPartnerUrl>https://webmail.xyz.com/ews/exchange.asmx</EwsPartnerUrl>
<GroupingInformation>Default-First-Site-Name</GroupingInformation>
</Protocol>
<Protocol>
<Type>WEB</Type>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<Internal>
<OWAUrl AuthenticationMethod="Basic, Fba">https://webmail.xyz.com/owa/</OWAUrl>
<Protocol>
<Type>EXCH</Type>
<ASUrl>https://webmail.xyz.com/ews/exchange.asmx</ASUrl>
</Protocol>
</Internal>
<External>
<OWAUrl AuthenticationMethod="Fba">https://webmail.xyz.com/owa/</OWAUrl>
<Protocol>
<Type>EXPR</Type>
<ASUrl>https://webmail.xyz.com/ews/exchange.asmx</ASUrl>
</Protocol>
</External>
</Protocol>
<Protocol>
<Type>EXHTTP</Type>
<Server>webmail.xyz.com</Server>
<ASUrl>https://webmail.xyz.com/ews/exchange.asmx</ASUrl>
<OOFUrl>https://webmail.xyz.com/ews/exchange.asmx</OOFUrl>
<OABUrl>https://webmail.xyz.com/OAB/6a6a06ad-4717-4636-bd98-0b4fa3aaf4a5/</OABUrl>
<UMUrl>https://webmail.xyz.com/ews/UM2007Legacy.asmx</UMUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<SSL>On</SSL>
<AuthPackage>Ntlm</AuthPackage>
<EwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://webmail.xyz.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.xyz.com</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.xyz.com</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-ret>
<EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-sms>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.xyz.com</EcpUrl-photo>
<EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.xyz.com</EcpUrl-tm>
<EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmCreating>
<EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmEditing>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.xyz.com</EcpUrl-extinstall>
<ServerExclusiveConnect>On</ServerExclusiveConnect>
</Protocol>
<Protocol>
<Type>EXHTTP</Type>
<Server>webmail.xyz.com</Server>
<ASUrl>https://webmail.xyz.com/ews/exchange.asmx</ASUrl>
<OOFUrl>https://webmail.xyz.com/ews/exchange.asmx</OOFUrl>
<OABUrl>https://webmail.xyz.com/OAB/6a6a06ad-4717-4636-bd98-0b4fa3aaf4a5/</OABUrl>
<UMUrl>https://webmail.xyz.com/ews/UM2007Legacy.asmx</UMUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<SSL>On</SSL>
<AuthPackage>Ntlm</AuthPackage>
<EwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://webmail.xyz.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://webmail.xyz.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=domain.xyz.com</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=domain.xyz.com</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-ret>
<EcpUrl-sms>?rfr=olk&p=sms/textmessaging.slab&exsvurl=1&realm=domain.xyz.com</EcpUrl-sms>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=domain.xyz.com</EcpUrl-photo>
<EcpUrl-tm>?rfr=olk&ftr=TeamMailbox&exsvurl=1&realm=domain.xyz.com</EcpUrl-tm>
<EcpUrl-tmCreating>?rfr=olk&ftr=TeamMailboxCreating&SPUrl=<SPUrl>&Title=<Title>&SPTMAppUrl=<SPTMAppUrl>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmCreating>
<EcpUrl-tmEditing>?rfr=olk&ftr=TeamMailboxEditing&Id=<Id>&exsvurl=1&realm=domain.xyz.com</EcpUrl-tmEditing>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=domain.xyz.com</EcpUrl-extinstall>
<ServerExclusiveConnect>On</ServerExclusiveConnect>
</Protocol>
</Account>
</Response>
</Autodiscover>HTTP Response Headers:
request-id: 9d325a80-f1fd-4496-ac48-2be6bb782c28
X-CalculatedBETarget: Server01.domain.xyz.com
X-DiagInfo: Server01
X-BEServer: Server01
Persistent-Auth: true
X-FEServer: Server01
Content-Length: 11756
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Date: Mon, 25 Aug 2014 19:12:25 GMT
Set-Cookie: X-BackEndCookie=S-1-5-21-1293235207-2459173341-1304346827-14544=u56Lnp2ejJqBypqcnsfJx5nSy8ucnNLLnJzP0sfKz8/Sy5nHmsiamZrMyZrLgYHPxtDNy9DNz87L387Gxc7Nxc3J; expires=Thu, 25-Sep-2014 00:12:26 GMT; path=/Autodiscover; secure; HttpOnly
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Elapsed Time: 756 ms.
    Autodiscover settings for Outlook connectivity are being validated.
    The Microsoft Connectivity Analyzer validated the Outlook Autodiscover settings.
       Additional Details
    Elapsed Time: 0 ms.
    Testing RPC over HTTP connectivity to server webmail.xyz.com
    RPC over HTTP connectivity was verified successfully.
       Additional Details
    HTTP Response Headers:
request-id: 835acf95-78b7-40ae-b232-117318d1577e
Server: Microsoft-IIS/8.5
WWW-Authenticate: Basic realm="webmail.xyz.com",Negotiate,NTLM
X-Powered-By: ASP.NET
X-FEServer: Server01
Date: Mon, 25 Aug 2014 19:12:26 GMT
Content-Length: 0
Elapsed Time: 7817 ms.
       Test Steps
       Attempting to resolve the host name webmail.xyz.com in DNS.
    The host name resolved successfully.
       Additional Details
    IP addresses returned: x.x.x.x
Elapsed Time: 107 ms.
    Testing TCP port 443 on host webmail.xyz.com to ensure it's listening and open.
    The port was opened successfully.
       Additional Details
    Elapsed Time: 180 ms.
    Testing the SSL certificate to make sure it's valid.
    The certificate passed all validation requirements.
       Additional Details
    Elapsed Time: 303 ms.
       Test Steps
       The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server webmail.xyz.com on port 443.
    The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
       Additional Details
    Remote Certificate Subject: CN=webmail.xyz.com, OU=Terms of use at www.verisign.com/rpa (c)05, Issuer: CN=VeriSign Class 3 Secure Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign,
Inc.", C=US.
Elapsed Time: 224 ms.
    Validating the certificate name.
    The certificate name was validated successfully.
       Additional Details
    Host name webmail.xyz.com was found in the Certificate Subject Common name.
Elapsed Time: 0 ms.
    Certificate trust is being validated.
    The certificate is trusted and all certificates are present in the chain.
       Test Steps
       The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=webmail.xyz.com, OU=Terms of use at www.verisign.com/rpa (c)05,
    One or more certificate chains were constructed successfully.
       Additional Details
    A total of 1 chains were built. The highest quality chain ends in root certificate CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign,
Inc.", C=US.
Elapsed Time: 34 ms.
    Analyzing the certificate chains for compatibility problems with versions of Windows.
    Potential compatibility problems were identified with some versions of Windows.
       Additional Details
    The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature
isn't enabled.
Elapsed Time: 5 ms.
    Testing the certificate date to confirm the certificate is valid.
    Date validation passed. The certificate hasn't expired.
       Additional Details
    The certificate is valid. NotBefore = 1/3/2013 12:00:00 AM, NotAfter = 11/16/2015 11:59:59 PM
Elapsed Time: 0 ms.
    Checking the IIS configuration for client certificate authentication.
    Client certificate authentication wasn't detected.
       Additional Details
    Accept/Require Client Certificates isn't configured.
Elapsed Time: 298 ms.
    Testing HTTP Authentication Methods for URL https://webmail.xyz.com/rpc/[email protected]:6002.
    The HTTP authentication methods are correct.
       Additional Details
    The Microsoft Connectivity Analyzer found all expected authentication methods and no disallowed methods. Methods found: Basic, Negotiate, NTLMHTTP Response Headers:
request-id: 835acf95-78b7-40ae-b232-117318d1577e
Server: Microsoft-IIS/8.5
WWW-Authenticate: Basic realm="webmail.xyz.com",Negotiate,NTLM
X-Powered-By: ASP.NET
X-FEServer: Server01
Date: Mon, 25 Aug 2014 19:12:26 GMT
Content-Length: 0
Elapsed Time: 296 ms.
    Attempting to ping RPC proxy webmail.xyz.com.
    RPC Proxy was pinged successfully.
       Additional Details
    Elapsed Time: 454 ms.
    Attempting to ping the MAPI Mail Store endpoint with identity: [email protected]:6001.
    The endpoint was pinged successfully.
       Additional Details
    The endpoint responded in 0 ms.
Elapsed Time: 1007 ms.
    Testing the MAPI Address Book endpoint on the Exchange server.
    The address book endpoint was tested successfully.
       Additional Details
    Elapsed Time: 2177 ms.
       Test Steps
       Attempting to ping the MAPI Address Book endpoint with identity: [email protected]:6004.
    The endpoint was pinged successfully.
       Additional Details
    The endpoint responded in 906 ms.
Elapsed Time: 918 ms.
    Testing the address book "Check Name" operation for user [email protected] against server [email protected].
    The test passed with some warnings encountered. Please expand the additional details.
       Tell me more about this issue and how to resolve it
       Additional Details
    The address book Bind operation returned ecNotSupported. This typically indicates that your server requires encryption. The Microsoft Connectivity Analyzer will attempt the Address Book test again with encryption.
NSPI Status: 2147746050
Elapsed Time: 825 ms.
    Testing the address book "Check Name" operation for user [email protected] against server [email protected].
    Check Name succeeded.
       Additional Details
    DisplayName: Test Exch1, LegDN: /o=DOMAIN/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=add423106fbb47d5bf237462f52b8dab-Test Exch1
Elapsed Time: 433 ms.
    Testing the MAPI Referral service on the Exchange Server.
    The Referral service was tested successfully.
       Additional Details
    Elapsed Time: 1808 ms.
       Test Steps
       Attempting to ping the MAPI Referral Service endpoint with identity: [email protected]:6002.
    The endpoint was pinged successfully.
       Additional Details
    The endpoint responded in 953 ms.
Elapsed Time: 949 ms.
    Attempting to perform referral for user /o=DOMAIN/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=add423106fbb47d5bf237462f52b8dab-Test Exch1 on server [email protected].
    We got the address book server successfully.
       Additional Details
    The server returned by the Referral service: [email protected]
Elapsed Time: 858 ms.
    Testing the MAPI Address Book endpoint on the Exchange server.
    The address book endpoint was tested successfully.
       Additional Details
    Elapsed Time: 626 ms.
       Test Steps
       Attempting to ping the MAPI Address Book endpoint with identity: [email protected]:6004.
    The endpoint was pinged successfully.
       Additional Details
    The endpoint responded in 156 ms.
Elapsed Time: 154 ms.
    Testing the address book "Check Name" operation for user [email protected] against server [email protected].
    Check Name succeeded.
       Additional Details
    DisplayName: Test Exch1, LegDN: /o=DOMAIN/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=add423106fbb47d5bf237462f52b8dab-Test Exch1
Elapsed Time: 472 ms.
    Testing the MAPI Mail Store endpoint on the Exchange server.
    We successfully tested the Mail Store endpoint.
       Additional Details
    Elapsed Time: 555 ms.
       Test Steps
       Attempting to ping the MAPI Mail Store endpoint with identity: [email protected]:6001.
    The endpoint was pinged successfully.
       Additional Details
    The endpoint responded in 234 ms.
Elapsed Time: 228 ms.
    Attempting to log on to the Mailbox.
    We were able to log on to the Mailbox.
       Additional Details
    Elapsed Time: 326 ms.

Exchange 2013 how to disable outlook anywhere

Hi Team,
I have migrated some mailboxes from Exchange 2010 to 2013. But i want to restrict some users to use outlook anywhere.
How can i do this?
Also, Some outlook 2010 clients are not able to open outlook after migrating to Exchange 2013. Please help.
Thanks.
Regards, Sunny Kewalramani.

Hi,
Firstly, I'm afraid that we cannot disable Outlook Anywhere for certain users only when they use OA externally. And if the property MAPIBLOCKOutlookRpcHttp of a user is set to true, the user cannot access Exchange server both internally and externally.
Thanks,
Angela Shi
TechNet Community Support

Exchange 2013 - How to configure Outlook Anywhere with certificate based authentication?

Hello,
is it possible to secure Outlook Anywhere in Exchange 2013 with certficate based authentication?
I found documentation to configure CBA for OWA and ActiveSync, but not for Outlook Anywhere.
We would like to secure external access to the mailboxes via Outlook by using CBA.
Thanks a lot in advance!
Regards,
André

Hi,
Let’s begin with the answer in the following thread:
http://social.technet.microsoft.com/Forums/en-US/e4b44ff0-4416-44e6-aa78-be4c1c03f433/twofactor-authentication-outlook-anywhere-2010?forum=exchange2010
Based on my experience, Outlook client only has the following three authentication methods:Basic, NTML, Negotiate. And for more information about Security for Outlook Anywhere, you can refer to the following article:
http://technet.microsoft.com/en-us/library/bb430792(v=exchg.141).aspx
If you have any question, please feel free to let me know.
Thanks,
If you have feedback for TechNet Subscriber Support, contact
[email protected]
Angela Shi
TechNet Community Support

Publish Exchange 2013 OWA + Active Sync + Outlook Anywhere using TMG 2010

We plan to publish our new Exchange 2013 SP1 servers (3 in DAG) outside corporate network using TMG 2010. I am looking for some guide how to do it in the proper way. What I found is little old and does not take into consideration Exchange 2013
SP1
http://blogs.technet.com/b/exchange/archive/2012/11/21/publishing-exchange-server-2013-using-tmg.aspx
Any advice how to publish Exchange 2013 OWA using form-based authentication and how to use Kerberos Constrained Delegation?

Hi,
The blog below describes some scenarios about publishing Exchange. You could have a look the Scenario 2.
Exchange publishing after TMG/UAG
http://dizdarevic.ba/ddamirblog/?p=168
Note: Microsoft provides third-party contact information to help you find technical support. This contact
information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information
Best Regards,
Joyce
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

RPC over HTTP trouble Exchange 2013/2007 coexistence, 2013 RPCProxy cannot ping GC.

I currently have an Exchange 2013/2007 coexistence scenario which gives me trouble with the RPC over HTTP part with users with a 2007 mailbox. the MS RCA website performs 2 tests with the MAPI address book endpoints, once against a 2007 mailbox server and
once a against a GC/DC, the last one fails. The logs are from our test domain, but the exact same happens in the production domain. running CU8 (recently upgraded, but problem was exactly the same with CU7)
Testing the MAPI Address Book endpoint on the Exchange server.
The address book endpoint was tested successfully.
Additional Details
Elapsed Time: 7872 ms.
Test Steps
Attempting to ping the MAPI Address Book endpoint with identity: exmb11.domain.test:6004.
The endpoint was pinged successfully.
Additional Details
The endpoint responded in 156 ms.
Elapsed Time: 4153 ms.
Testing the MAPI Address Book endpoint on the Exchange server.
An error occurred while testing the address book endpoint.
Additional Details
Elapsed Time: 3079 ms.
Test Steps
Attempting to ping the MAPI Address Book endpoint with identity: tdc01421.domain.test:6004.
The attempt to ping the endpoint failed.
<label for="testSelectWizard_ctl12_ctl06_ctl02_ctl09_ctl00_tmmArrow">Tell
me more about this issue and how to resolve it</label>
Additional Details
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
Elapsed Time: 3079 ms.
texmb11 = ex2007 mailbox
texfr11 = ex2007 CAS
tdc01421 = DC/GC
texch31 = 2013 multirole
other symptoms :
Browser test
https://texch31.domain.test/rpc/rpcproxy.dll?texmb11:6004
--> 503 (which is correct)
https://texch31.domain.test/rpc/rpcproxy.dll?tdc01421:6004
--> 404.0 Not Found
RPCPing
rpcping -t ncacn_http -s texmb11 -o RpcProxy=texch31.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
Success
rpcping -t ncacn_http -s tdc01421 -o RpcProxy=texch31.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
Fails!
so the Ex2013 RPCProxy doesn't proxy to the DC/GC, but the RPCProxy to an ex2007 mailbox server works fine, so the authentication methods configured are correct i'd say..
the same tests using the ex2007CAS server as RPC proxy all succeed!:
MS RCA is all green
https://texfr11.domain.test/rpc/rpcproxy.dll?texmb11:6004
--> 503
https://texfr11.domain.test/rpc/rpcproxy.dll?tdc01421:6004
--> 503
rpcping -t ncacn_http -s texmb11 -o RpcProxy=texfr11.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
Success
rpcping -t ncacn_http -s tdc01421 -o RpcProxy=texfr11.domain.test -P "user,dom,*" -I "user,dom,*" -H 2 -u 9 -a connect -F 3 -v 3 -e 6004
Success!!
Logs
all tries against the 2013 CAS server generate '404' log entries in several logs int the Logging directory, the most explicit being the one in Program Files\Microsoft\Exchange Server\V15\Logging\HttpProxy\RpcHttp : HttpProxy_xxxxxx.LOG
2015-04-30T19:58:00.153Z,895cdf07-f2eb-4beb-b787-da02ba11b0c2,15,0,1076,0,,RpcHttp,webmail.domain.test,/rpc/rpcproxy.dll,,Basic,true,DOM\user,,,MSRPC,10.10.142.132,TEXCH31,404,,MailboxGuidWithDomainNotFound,RPC_IN_DATA,,,,,,,,,4,,,,1,,,0,,0,,0,0,,0,2,0,,,,,,,,,1,1,0,,1,,2,2,,?TDC01422.domain.test:6004,,BeginRequest=2015-04-30T19:58:00.153Z;CorrelationID=<empty>;ProxyState-Run=None;ProxyState-Complete=CalculateBackEnd;EndRequest=2015-04-30T19:58:00.153Z;,HttpProxyException=Microsoft.Exchange.HttpProxy.HttpProxyException:
RPC server name passed in by client could not be resolved: TDC01422.domain.test at Microsoft.Exchange.HttpProxy.RpcHttpProxyRequestHandler.ResolveToDefaultAnchorMailbox(String originalRpcServerName String reason) at
Microsoft.Exchange.HttpProxy.RpcHttpProxyRequestHandler.ResolveAnchorMailbox() at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InternalBeginCalculateTargetBackEnd(AnchorMailbox& anchorMailbox) at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.<BeginCalculateTargetBackEnd>b__3b();
the error suggests the name could not be resolved. but nslookup works fine. i can ping the tdc01421 correctly form texch31, it returns me the ipv4 address. i can telnet to port 6004 from texch31 server to tdc01421 giving me the correct 'ncacn_http' answer..
i look at the 'ValidPorts' and ValidPorts_Autoconfig_Exchange reg keys and filled them with the same i have on the 2007cas servers (all ex servers, all dc/gc's, all of them with netbios & fqdn ports 6001,6002 & 6004..) but also no success.
im out of ideas by now..

Hello togehter,
if anyone is using the Interim Update (Hotfix) "Exchange2013-KB2997209_2997847-x64-en.msp" please be aware of the following bug in this hotfix:
NOTE: Another issue that we have seen only from some E2013 On-Premises customers who installed
fixes for any of the above E2013 CU6 related issues is that “Using OWA, users cannot create new messages or reply to existing messages” – These are mostly installer issues where OWA files are not copying correctly in the new version directory. Ideally the
content of these two folders, i.e. “V15\ClientAccess\Owa\prem\15.0.995.31” and “V15\ClientAccess\Owa\prem\15.0.995.29” should be identical, now if for any reason, they are not then it can break the OWA experience like described above. Take these steps if you
run into related issues:
-Backup the contents of “15.0.995.31” folder to a different folder/directory
-Copy the files and folders from “15.0.995.29” to “15.0.995.31” folder – this should fix the issue …
Best,
Martin

Exchange 2013/2007 coexistence: The Name on the Security Certificate is Invalid or Does Not Match the Name of the Site.

In the midst of Exchange 2013/2007 coexistence configuration.
Currently:
Exchange 2007:
2 CAS\HUB
1 Mailbox server
Exchange 2013 (2 sites):
LA:
1 CAS
2 MBX servers
MKE:
1 CAS
2 MBX servers.
We purchased a certificate from Digicert and added every SAN name we could think of including "legacy.companyname.com", just to be sure. Added certificate to Exchange 2013 CAS servers and 2007 CAS\HUB boxes. Configured virtual directories on Exchange
2013 MKE-CAS01 but not on Exchange 2013 LA-CAS01. Configured virtual directories to on Exchange 2007 CAS\HUB to point to "legacy.companyname.com".
Mailboxes have not been moved yet. I just wanted to get the coexistence between Exchange 2013/2007 up first but some users (not all) receiving
"The name of the security certificate is invalid or does not match the name of the site" for
"LEGACY.COMPANYNAME.COM". I remember configuring the AUTODISCOVER virtual directory for Exchange 2007. Any ideas? Thank you.

Hi,
Please make sure that the certificate with "legacy.companyname.com" name is enabled for IIS service. We can check it by running the following command in Exchange server 2007:
Get-ExchangeCertificate | FL
Thanks,
Winnie Liang
TechNet Community Support

Exchange Server 2013 Outlook Anywhere issue

I am working on an issue with Outlook Anywhere in Exchange 2013 where external users cannot connect. This is a new server co-existing with an Exchange
2010 server that will soon be decommissioned.
When I run an Outlook Connectivity test on testexchangeconnectivity.com I get the following error. I am not seeing anything in the application or system logs.
I already applied CU 6 (which was released today) and am seeing the same results. Port 443 is exposed directly to the web (no TMG, load balancer, proxy server, or SSL accelerator). Any help would be greatly appreciated!
Attempting to ping RPC proxy <external Exchange URL>.
RPC Proxy can't be pinged.
Additional Details
An unexpected network-level exception was encountered. Exception details:
Message: The remote server returned an error: (500) Internal Server Error.
Type: Microsoft.Exchange.Tools.ExRca.Extensions.MapiTransportException
Stack trace:
at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
at Microsoft.Exchange.Tools.ExRca.Tests.MapiPingProxyTest.PerformTestReally()
Exception details:
Message: The remote server returned an error: (500) Internal Server Error.
Type: System.Net.WebException
Stack trace:
at System.Net.HttpWebRequest.GetResponse()
at RpcPingLib.RpcPing.PingProxy(String internalServerFqdn, String endpoint)
at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
Elapsed Time: 290 ms.

Hi,
Does the issue only happen to your Exchange 2013 external users? How about Exchange 2010 users?
Please make sure the external host name in your external Exchange URL is pointed to your Exchange 2013 in public DNS. For your coexistence environment, please make sure the Outlook Anywhere configurations are correct in both Exchange 2010 and Exchange 2013.
We can run the following command to check it:
Get-OutlookAnywhere | FL
If the configuration is not correct, we can run the following command to set it(supposing the mail.domain.com is your External host name):
For Exchange 2010:
Set-OutlookAnywhere -Identity “E14-01\Rpc (Default Web Site)” -ClientAuthenticationMethod Basic -SSLOffloading $False -ExternalHostName mail.domain.com -IISAuthenticationMethods NTLM, Basic
For Exchange 2013:
Set-OutlookAnywhere -Identity "E15-01\Rpc (Default Web Site)" -InternalHostname mail.domain.com -ExternalHostname mail.domain.com -InternalClientAuthenticationMethod Ntlm -ExternalClientAuthenticationMethod Basic -ExternalClientsRequireSsl
$True -InternalClientsRequireSsl $true
After all settings, please recycle MS Exchange RPCProxy AppPools and Default AppPools on both Exchange 2013 and Exchange 2010. Then restart IIS service by running IISReset /noforce from a command prompt window.
Regards,
Winnie Liang
TechNet Community Support

Password prompts - Exchange 2013 RTM vs. [Outlook 2007 & Outlook 2010] - Fully patched

Exchange 2013 RTM - Multi-Tenant
ExternalClientAuthenticationMethod : Ntlm
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm, Negotiate}
Clients using Outlook Anywhere only, not Exchange domain members.
1. Windows XP SP3 (fully patched), Outlook 2007 SP3 + Nov 2012 Patch - When launching Outlook prompts for password only once.
2. Windows 7 (fully patched), Outlook 2010 (fully patched) - When launching Outlook doesn't prompt for password.
I'm aware of this:
http://support.microsoft.com/kb/956531
The goal - Eliminate issue with password prompts for Windows XP.
Any chance resolving this? CU install? Anything else?
Thanks.
Memento Mori

Hi,
Based on my experience, the credential issue is mostly likely caused by authentication method.
And I recommend the following troubleshooting:
1. Change LmCompatibilityLevel on the windows XP client to a value of 2 or 3:
a. Click Start, click Run, type regedit in the Open box, and then press ENTER.
b. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\
c. In the pane on the right side, double-click lmcompatibilitylevel.
d. In the Value data box, type a value of 2 or 3 that is appropriate for your environment, and then click OK.
e. Exit Registry Editor.
f. Restart your computer
2. Reset the windows credential store.
If you have any question, please feel free to let me know.
Thanks,
Angela Shi
TechNet Community Support

Exchange Server 2013 Service Pack Upgrade - Outlook connectivity issue

Hi,
After upgrading to Exchange Server 2013 service pack 1, we are unable to connect via Outlook 2010 or Outlook 2013. Outlook Web Access is working fine though. We have followed all the instructions, and have applied Outlook upgrades, but the issue remain the
same. Outlook was working fine before the upgrade.
Have we missed out something. I would highly appreciate if someone can help out? I'm not sure if this is the known issue as I can't seem to find anything on the internet.
Already applied the transport fix.
Thanks in advance!

Hi,
According to your description, your Outlook 2010 and Outlook 2013 come across the connectivity issue.
To narrow down the issue, I’d like to recommend the following troubleshooting:
1. Check if the issue happens on all Outlook users
2. Check the Outlook Anywhere connectivity by using ExRCA:
https://testconnectivity.microsoft.com/
Additionally, MAPI over HTTP is only supported when you use Outlook 2013 sp1 and Exchange 2013 sp1 at the same time. Since the issue also happens on Outlook 2010 client, we can firstly try the above troubleshooting.
If you have any question , please feel free to let me know.
Thanks,
Angela Shi
TechNet Community Support

Exchange 2013 - 2007 coexistence legacy namespace issues

Got an odd config here. Exchange 2007 CCR mode co-existing with split role 2013 servers over 2 Data Centers. Each DC has its own subnet so DAG has 2 IPs. New Certificate purchased with extra legacy namespace and loaded onto ISA and F5 as well as the
exchange servers.
I can send and receive from the Exchange 2013 servers. But I'm struggling to deploy the legacy namespace
Here's where it gets ugly. The client wants to continue (short term) to put legacy.company.com through ISA2006 servers and 2013 traffic through F5 load balancers. On the f5 side the path goes through a firewall then an f5 to the mailgateway
When we cut over to legacy (dns changes etc) OWA suffered intermittent Internal 500 errors. Active sync had to be pointed to webmail to work (we had it set blank as per Steve Goodmans recommendation) and Outlook Anywhere had no connectivity.
Urls were set correctly
Outlook Anywhere -> webmail.company.com
Autodiscover -> webmail.company.com
WebServices -> legacy.company.com
OWA -> legacy.company.com
OAB -> legacy.company.com
UM -> legacy.company.com
ActiveSync -> legacy.company.com
This is our 4th attempt to get this working. We can only work in the small hours so we are all fairly tired. Pointers anyone?

Hello,
Do you mean when the user access mailbox from internet, the load balancing will not occur? If so, I recommend you check your configuration as the following article:
http://technet.microsoft.com/en-us/library/aa997148.aspx .
The user of ISA Server load balancing will eliminates the need for setting up the load balancing cluster on the exchange server CAS side.
If I have any misunderstanding, please free let me know.
Cara Chen
TechNet Community Support

Set Exchange 2013 calendar permissions with Outlook 2007

Hi,
I have a new install of Exchange 2013 with ~30 Win 7, Office 2007 clients. Setting permissions on calendars doesn't work properly from Outlook 2007 (a known MS issue). Does anyone know if there is a fix or work around to assign permissions to the calendar?
i.e. where you right click the Calendar folder and set different levels of permission. There is a 'permission' option in OWA but this doesnt appear to work for calendars.
I have tried Outlook 2013 and that works ok. Is there alternate way to save having to move to Outlook 2013?
Thanks.

Hi,
The above issue occurs because of a limitation in how Exchange Server 2013 set Free/Busy permissions. The workaround is to use OWA to set up calendar permissions.
Here is a helpful article about setting up calendar permissions in OWA for your reference.
Sharing your calendar in Outlook Web App
https://support.office.com/en-us/article/Sharing-your-calendar-in-Outlook-Web-App-7ecef8ae-139c-40d9-bae2-a23977ee58d5?CorrelationId=7fe34d54-c3e4-4ca4-a83d-450dbd8075a5&ui=en-US&rs=en-US&ad=US#_Toc342645965
Hope this can be helpful to you.
Best regards,
Amy Wang
TechNet Community Support

Outlook 2007 - single profile connecting to Exchange 2013 / 2007 mailboxes

Hi,
I am in the early part of a migration from Exchange 2007 to Exchange 2013. So far I have 2013 installed and running in a DAG and just moved my own mailbox to the new server.
I set up a new profile in Outlook 2007 which connects to my mailbox on Exchange 2013. The problem is that I need to add additional mailboxes to my profile which are still hosted on Exchange 2007, however this is not working.
I thought at one stage I tested this and was able to get it work with a test mailbox also hosted on Exchange 2013.. but maybe I never did.
Does anyone know if this is possible at all (single Outlook profile, primary mailbox hosted on Exchange 2013 and other mailboxes on Exchange 2007). Most of our users have an additional mailbox mapped in their profile so I hope there is some way around this.
Thank you!

Hi,
It is possible to open a shared mailboxes on a legacy server.
Your problem could be caused by:
Not having one of the later CU installed (read CU4 or CU5)
Incorrect authentication methods configured (see link below)
Outlook is not at the latest patch level
Users of Exchange Server 2013 can't open public folders or shared mailboxes on an Exchange 2010 or Exchange 2007 server
http://support.microsoft.com/kb/2834139
Martina Miskovic

Exchange 2013 2007 co-existence Outlook Anywhere issues

Similar Messages

Maybe you are looking for