Troubleshooting for RPC over https (Outlook Anywhere) connection issue

RPC over https (ROH), well known as Outlook Anywhere, is more frequently used. Even in Exchange 2013, Outlook no longer connects CAS server via MAPI.
In this thread, we will discuss about the troubleshoot checklist about the RPC over https (Outlook Anywhere) connection issue. In order to make it more logical, I’d like to divide the whole troubleshooting to the following processes:
1. Client side to CAS side
2. CAS side to MBX side
[Issues between Client side to CAS side]
In Exchange 2013, Outlook Anywhere is enabled by default. Different from this, Outlook Anywhere in Exchange 2007 and 2010 need to be manually enabled. Thus, please firstly check if the RPC over HTTP component has been installed:
Click Start, and then click Control Panel.
Double-click Programs and Features.
In the left pane of Server Manager, click Features.
In the right pane, click Add Features.
Check if the RPC over HTTP component has been selected.
If the ROH connectivity issue only happens on certain users, the property MAPIBlockOutlookRpcHTTP can be checked: 
Get-CASMailbox  name | fl MAPIBlockOutlookRpcHttp
2. Confirm if Exchange server is blocked. Ping the Exchange server FQDN on client machine and confirm if it can return the proper IP address.
3. Check if the RPC Proxy server is responding correctly:
 rpcping -t ncacn_http -s ExchServer -o RpcProxy=RPCProxyServer -P "user,domain,*" -I "user,domain,*" -H 2 -u 10 -a connect -F 3 -v 3 -E -R none
If 200 code returns, the test is successful.
4. Check if Outlook Anywhere host names are added in the certificate:
To get host names, the following command can be used: get-outlookanywhere |fl *hostname
5. To use the Shell to test Outlook Anywhere connectivity, use the
Test-OutlookConnectivity cmdlet.
[Issues between CAS side to Mailbox side][RZ1] 
A. Check if it can connect to store’s port:
RpcPing –t ncacn_http –s ExchangeMBXServer -o RpcProxy=RpcProxyServer -P "user,domain,password" -I "user,domain,password" -H 1 –F 3 –a connect –u 10 –v 3 –e 6001
If it returns as following: Completed 1 calls in 60 ms  16 T/S or 60.000 ms/T, it means the RPC Ping Utility test succeeds.
B. Check if it can Connect to DsProxy Service:
RpcPing –t ncacn_http –s ExchangeMBXServer -o RpcProxy=RpcProxyServer -P "user,domain,password" -I "user,domain,password" -H 2 –F 2 –a connect –u 10 –v 3 –e 6004
If it returns as following: Completed 1 calls in 60 ms  16 T/S or 60.000 ms/T, it means the RPC Ping Utility test succeeds.
C. Check the following registries:
[Disable the auto update]
1).Open Regedit and navigate to:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeServiceHost\RpcHttpConfigurator\RpcHttpConfigurator
2).Set the PeriodicPollingMinutes value to 0.
[Check the RpcProxy ValidPorts]
1).On the RPC proxy server, start Registry Editor (Regedit).
2). In the console tree, locate the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
3). In the details pane, right-click the ValidPorts subkey, and then click Modify.
4). In Edit String, in the Value data box, type the following information:
ExchangeServer :6001-6002; ExchangeServerFQDN :6001-6002; ExchangeServer :6004; ExchangeServerFQDN :6004
Note:
ExchangeServer is the NetBIOS name of your Exchange server. ExchangeServerFQDN is the fully qualified domain name (FQDN) of your Exchange server. If the FQDN that is used to access the server from the Internet differs from the internal FQDN, you must use
the internal FQDN.
[Check the 6004 port settings in registry]
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Value name: HTTP Port
Value type: REG_DWORD
Value data: 0x1772 (Decimal 6002)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Value name: Rpc/HTTP NSPI Port
Value type: REG_DWORD   
Value data: 0x1774 (Decimal 6004)
D. Check if the RPC ports are used by other applications instead of Exchange by using : netstat –o
 Then it will return all active TCP connections and the process ID (PID) for each connection.
 After that, please check the application based on the PID on the Processes tab in Windows Task Manager and confirm if it’s Exchange server.
Additionally, ExRCA is a perfect tool to test the whole connection between client side and Mailbox side:
https://testconnectivity.microsoft.com/
1. On the ExRCA website, under Microsoft Office Outlook Connectivity Tests, select Outlook connectivity, and then select Next at the bottom of the page.
2. Enter the required information on the next screen, including email address, domain and user name, and password.
3. Choose whether to use Autodiscover to detect server settings or to manually specify server settings.
4. Accept the disclaimer, enter the verification code, and then select Verify.
5. Select Perform Test.
<Resource for reference>
How does Outlook Anywhere work (and not work):
http://blogs.technet.com/b/exchange/archive/2008/06/20/3405633.aspx
How to use the RPC Ping utility to troubleshoot connectivity issues with the Exchange over the Internet feature in Outlook 2007 and in Outlook 2003:
http://support.microsoft.com/kb/831051
Test Outlook Anywhere Connectivity:
http://technet.microsoft.com/en-us/library/ee633453(v=exchg.150).aspx
 [RZ1]It’s part, please re-layout
Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

I've just restored the M11 to Windows XP with the disks provided and Outlook Anywhere connected without issue. As strange as it sounds, this looks to be isolated to this particular model of laptop and Windows 7.
I've used the same Enterprise copy of Windows 7 and Office on a variety of laptops and pc's and none have come across this problem. The only commonality I can see is the hardware and OS.
Aftery trying to troubleshoot this unsuccessfully with Microsoft tech support for a few hours, they eluded to the fact that this +could+ be a hardware related problem. (driver, adapter properties, etc)

Similar Messages

  • Re: Tecra M11 - Outlook anywhere connection issue

    Hello,
    Has anyone tried to connect to an Exchange server with Outlook Anywhere on the factory installation of Windows 7 and Office 2010? The authentication window keeps popping up asking for a user name and password. (DOMAIN\Username)
    I've been trying to get this working (with Microsoft tech support also), but haven't been able to. I've installed an Enterprise copy of Win 7 with Office 2010 & 2007 and got the same result. I tried this with a Tecra M10 with both a factory restore of Win7 and an Enterprise copy of Win7 from my company and it worked flawlessly.
    This leads me to believe that this particular model of laptop could be the culprit. I have 2 M11's, and this happens on both. These are not connected to any domain. I don't believe this is an Exchange issue because Outlook Anywhere works with other models of Toshiba Tecras running Win7 and also several standalone Win7 PCs running both Office 2010 and 2007.
    Any ideas or suggestions would be greatly appreciated!
    Thanks

    I've just restored the M11 to Windows XP with the disks provided and Outlook Anywhere connected without issue. As strange as it sounds, this looks to be isolated to this particular model of laptop and Windows 7.
    I've used the same Enterprise copy of Windows 7 and Office on a variety of laptops and pc's and none have come across this problem. The only commonality I can see is the hardware and OS.
    Aftery trying to troubleshoot this unsuccessfully with Microsoft tech support for a few hours, they eluded to the fact that this +could+ be a hardware related problem. (driver, adapter properties, etc)

  • Exchange 2013 Outlook Anywhere connection issues when using F5 VIP

    Hello, 
    We are in the process of deploying Exchange 2013 into our Exchange 2010 Org.  We are using an F5 to load balance all services. We are doing some initial testing and have not cut over autodiscover or other URLs yet to 2013.  We are using host files
    on the local testing machines to point the URLs to 2013.    OWA, Activesync, ecp work with no issue through the F5 VIP.   However, we are having issues with Outlook.  If our host file entries point to a single server, Outlook functions
    normally.  If the host file entries point to the F5 VIP, it keeps prompting for creds and will never connect.
    Just wondering if anybody has run into this or has any guidance as far as OA and F5 deployment.
    Thanks

    Hi,
    Please check your Load Balance configuration and make sure the namespace used for Load Balance has been included in the Exchange certificate. For example: mail.domain.com and autodiscover.domain.com.
    If possible, please share your load balance configuration with us for further analysis. Here are some references about the Load Balance Scenario:
    http://blogs.technet.com/b/exchange/archive/2014/03/05/load-balancing-in-exchange-2013.aspx
    Regards,
    Winnie Liang
    TechNet Community Support

  • Outlook 2013 connection issue with exchange 2013

    my exchange 2013 was upgrade from exchange 2010. after the upgrade (migration), i using outlook 2013 connect to exchange 2013. some very
    weird issues happened.
    when i using auto discovery to create profile and connect to exchange will success. but when i manually create the profilewill failed. the following pic for your reference. (same account, same PC)
    please help, thanks lots!!!!

    This is what changed in Exchange 2013. It uses RPC or HTTPs (Outlook Anywhere) and uses Server GUID to connect...
    "As a result of these architectural changes, there have been some changes to client connectivity. First, RPC is no longer a supported direct access protocol. This means that all Outlook connectivity must take place using RPC over HTTP (also known as
    Outlook Anywhere). At first glance, this may seem like a limitation, but it actually has some added benefits. The most obvious benefit is that there is no need to have the RPC client access service on the Client Access server. This results in the reduction
    of two namespaces that would normally be required for a site-resilient solution. In addition, there is no longer any requirement to provide affinity for the RPC client access service.
    Second, Outlook clients no longer connect to a server FQDN as they have done in all previous versions of Exchange. Outlook uses Autodiscover to create a new connection point comprised of mailbox GUID, @ symbol, and the domain portion of the user’s primary
    SMTP address. This simple change results in a near elimination of the unwelcome message of “Your administrator has made a change to your mailbox. Please restart.” Only Outlook 2007 and higher versions are supported with Exchange 2013."
    From : What's New in Exchange 2013-
    http://technet.microsoft.com/library/jj150540%28EXCHG.150%29.aspx#BKMK_arch
    Blog |
    Get Your Exchange Powershell Tip of the Day from here

  • Why does Outlook 2010/2013 tries to connect by rpc over http in LAN?

    Hi All,
    I have Exchange 2010 (Two CAS) Published by TMG (Basic Authentication). Also outlook anywhere is configured with Basic Authentication.
    Some users have issues with "authentication prompt" (randomly). By the way, Outlook Clients(2007/2010/2013) are fully updated.
    What I can see when "authentication prompt" shows up, Outlook tries to connect by rpc over https.
    Is this a normal behavior?
    Regards
    Jo

    Hi,
    Firstly, I'd like to say, basic authentication requires user name and password. Thus, it's an expected behavior that credential will prompt once when users login Outlook with basic authentication.
    Additionally, I'd like to confirm how you confirm it's Outlook Anywhere when the credential prompts. Based on my knowledge, the credential issue may be caused by connectivity issue and we can confirm the connection method through the tool "connection status".
    Thus, I'd like to confirm if the connection is established when the credential issue happens.
    Press ctrl and right click Outlook icon>connection status>status, protocol
    Thanks,
    Angela Shi
    TechNet Community Support

  • Trial SAN Certificate & Outlook Anywhere (RPC over HTTP) test fail

    I am testing exchange 2013 where autodiscover pass while performing Outlook Anywhere (RPC over HTTP) connectivity test failed with invalid SSL certifiate . I am only using self certifiate .do any one idea if any CA provding SAN certificate trial basis.
    Don't forget to mark helpful or answer
    connect me :-
    http://in.linkedin.com/in/satya11
    http://facebook.com/satya.1000

    Hi,
    Agree with the above suggestion, ExRCA test cannot pass with self-signed certificate. And to ensure Outlook Anywhere work well , we need to install the self-signed certificate on all clients machines.
    If you have any question, please feel free to let me know.
    Thanks,
    Angela Shi
    TechNet Community Support

  • Outlook 2010 RPC over HTTP to Exchange 2003 users remain disconnected after login

    Greetings Guys,
    I am unable to find a solution, Windows 2003 DC, Exchange 2003, all user were working great, RPC over HTTP, until Tuesday at about the same time perhaps before the MS update  KB3002657
    all remote users using outlook 2010 did not have authentication popups as was noted from this KB. But instead all login successfully, ( looking at  the security logs in the exchange) , but all are remaining disconnected, immediately after login.
    The users had already been configured with the registry DefConnectOpts RPC key, so I doubt their Outlook profiles are the problem.
    I suspect the DC's ( we have 2 ) or the exchange have picked up an issue. I am out of ideas.
    Any help would be awesome
    Barry

    Hi,
    According to your description, I understand that Outlook(Outlook Anywhere) client display disconnected after install MS update KB3002657.
    If I misunderstand your concern, please do not hesitate to let me know.
    KB3002657 is a security update to prevent attacker logging on to a domain-joined system and being able to monitor network traffic. More details about this update, please refer to:
    https://technet.microsoft.com/library/security/ms15-027
    For your question, please try to reconfigure a Outlook profile for testing.
    If it works, you can try to below steps to pop sign in page in Outlook client:
    1. Open Outlook---> File and click “Account setting”, then select account name and click “Change”.
    2. Click “More settings”, switch “Security” and check “Always Prompt for logon credentials”。
    3. Restart Outlook to login your account.
    Once this done, you can uncheck this setting for convenience.
    Besides, I find an similar thread about your question, for your reference:
    https://social.technet.microsoft.com/Forums/exchange/en-US/7199811f-ee41-4b81-aafe-698bdb5a0b49/recently-outlook-cannot-auth-username-and-password?forum=exchangesvrclients
    Thanks
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
    Allen Wang
    TechNet Community Support

  • CSS load balance - Lock Outlook 2007 - RPC over http

    I have problema whit load balance for configuration of client Outlook 2007. (using protocol RPC over http). Through the CSS, after a period of utilization, the Outlook lock. And without the CSS doind load balance, no ocurred the problem.
    I appreciate any help.
    Thanks!

    Jason,
    CSS is not created in a source group of "exchange2007rcvir. Is that the problem is that?
    **** OWNER ****
    content exchange2007rcvir
    vip address 10.58.32.123
    add service scmt801cto
    add service scmt801cas
    redundant-index 205
    protocol tcp
    advanced-balance sticky-srcip
    sticky-inact-timeout 30
    active
    content exchangehtvir
    vip address 10.58.32.89
    add service scmt700cto
    add service scmt700cas
    redundant-index 201
    protocol tcp
    advanced-balance sticky-srcip
    sticky-inact-timeout 30
    active
    content exchangewavir
    vip address 10.58.32.33
    add service scmt800cto
    add service scmt800cas
    redundant-index 51
    protocol tcp
    advanced-balance sticky-srcip
    sticky-inact-timeout 30
    active
    ***** GROUP *****
    group exchangehtvir
    add destination service scmt700cto
    add destination service scmt700cas
    vip address 10.58.32.91
    active
    group grp_axiavir
    vip address 10.58.32.83
    add destination service scxt393cas
    add destination service scxt394cas
    add destination service scxt395cas
    add destination service scxt393cto
    add destination service scxt394cto
    add destination service scxt395cto
    active
    ** No have exchange2007rcvir

  • BM 3.8 / Outlook RPC over HTTP

    hello,
    we want to use outlook rpc over http. did anybody know, what ports do i
    need to open the firewall for that?
    i think statefull from outside to dmz, but witch ports?
    is is 6000 standard from ms knowledgebase?
    helge
    how can i check it out ? what for a filter do i need really ?

    Helge,
    It appears that in the past few days you have not received a response to your
    posting. That concerns us, and has triggered this automated reply.
    Has your problem been resolved? If not, you might try one of the following options:
    - Visit http://support.novell.com and search the knowledgebase and/or check all
    the other self support options and support programs available.
    - You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://support.novell.com/forums)
    Be sure to read the forum FAQ about what to expect in the way of responses:
    http://support.novell.com/forums/faq_general.html
    If this is a reply to a duplicate posting, please ignore and accept our apologies
    and rest assured we will issue a stern reprimand to our posting bot.
    Good luck!
    Your Novell Product Support Forums Team
    http://support.novell.com/forums/

  • Is there any apps for iphone to support rpc over http or any software yet

    Hi,
        Am wondering if there is any kind of app or software that supports rpc over http in exchange 2003 enviroment for iphone?? I am looking for solution for my company employees so that they can get emails securly to their hand held devices. I found one called "good" but havent used yet and dont know if there is any configuration fro rpc over http. Any suggestion would be greatly appreciated.
    Many thanks,

    The number of apps currently available in the App Store compatible with both iOS 4.2.1 and the iPhone 3G hardware (a major limitation) is dwindling rapidly. If you don't already have a supply of apps, your choices are getting fewer and fewer.  TIme to consider upgrading the phone.

  • RDS 2012 Disable HTTP transport - Enable only RPC over HTTP for both pre 8 and 8 RDP clients

    Hi,
    Is it possible to enable only RPC over HTTP for both pre 8 and 8 RDP clients?
    Thank you

    I would like to know this as well.

  • Outlook rpc over http

    isn't possible to syncing iphone4 with an "rpc over http" configured outlook?
    thanks

    Helge,
    It appears that in the past few days you have not received a response to your
    posting. That concerns us, and has triggered this automated reply.
    Has your problem been resolved? If not, you might try one of the following options:
    - Visit http://support.novell.com and search the knowledgebase and/or check all
    the other self support options and support programs available.
    - You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://support.novell.com/forums)
    Be sure to read the forum FAQ about what to expect in the way of responses:
    http://support.novell.com/forums/faq_general.html
    If this is a reply to a duplicate posting, please ignore and accept our apologies
    and rest assured we will issue a stern reprimand to our posting bot.
    Good luck!
    Your Novell Product Support Forums Team
    http://support.novell.com/forums/

  • Client Access Server Logs that capture Outlook Anywhere Connections

    Do Exchange 2010 Client Access Servers log Outlook Anywhere connections? Since it's RPC over HTTP, I'm thinking these would be in the IIS logs but don't see any entries in those logs that pertain to Outlook Anywhere. What logs contain Outlook Anywhere connections?
    I suspect I have a CAS server that isn't working properly pertaining to OA and need to be able to review some sort of logs to confirm.
    Thanks

    ARay,
    Do the below basic checks-
    Running the Test-OutlookConnectivity cmdlet. The cmdlet tests for Outlook Anywhere (RPC over HTTP) and TCP/IP connections. If the cmdlet
    test fails, the output notes the step that failed.
    Running the Outlook Anywhere connectivity test using the Exchange Remote Connectivity Analyzer (ExRCA). When you run this test, you get a detailed summary showing where the test failed and what steps you can take to fix issues.
    Both tests try to log on through Outlook Anywhere after obtaining server settings from the Autodiscover service. End-to-end verification includes the following:
    Testing for Autodiscover connectivity
    Validating DNS
    Validating certificates (whether the certificate name matches the Web site, whether the certificate has expired, and whether it's trusted)
    Checking that the firewall is set up correctly (ExRCA checks overall firewall setup. The cmdlet tests for Windows firewall configuration.)
    Confirming client connectivity by logging on to the user's mailbox
    Regards,
    ASP20

  • 500 Internal server error on RPC over HTTP using TS Gateway

    I've been happily using TS Gateway on Windows Server 2008 x64 for 18 months and everything was working perfectly. Suddenly this week it started giving "access denied" errors to any user who tried to connect, evidenced in event viewer as a failed login attempt.
    After restarting the server, it got worse in that if I browse to the /rpc folder it gives me 500 Internal server error and I don't even get as far as authenticating credentials. I've tried removing IIS, RPC over HTTP and TS Gateway, and re-adding all of them,
    but I still get the same error 500. The RPC and TS Gateway services are both running. What could be causing this and how can I fix it?

    Hi,
    Thanks for your post.
    Firstly, check the following KB article to troubleshoot this issue.
    This computer can't connect to the remote computer because the Terminal Services Gateway server is temporarily unavailable
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;969743
    If the issue still persists, you may perform the below steps:
    Uninstalled TSGateway, IIS role, all IIS related components.
    Delete all files in the folder %windir%\system32\inetsrv\config
    Delete all files in the folder %windir%\system32\inetsrv\metaback
    Restart the server and try to re-install TSGateway again
    Best Regards,
    Aiden
    Aiden Cao
    TechNet Community Support
    Thank you very much for this. I confirm it fixed the problem, although there was an error in reinstalling IIS and TS Gateway until I also removed Windows Process Activation Service.

  • Exchange 2007 - enabling RPC over HTTP in add/remove windows components

    Does adding this component require a reboot or interrupt Exchange functionality?

    Hi,
    Based on my knowledge, there is no need to reboot the Exchange server 2007 when you install the Windows RPC over HTTP Proxy component.
    What's more, here is an article for your reference.
    How to Enable Outlook Anywhere
    http://technet.microsoft.com/en-us/library/bb123889(v=exchg.80).aspx
    Hope this can be helpful to you.
    Best regards,
    Amy Wang
    TechNet Community Support

Maybe you are looking for