Problem solve Get help with specific problems with your technologies, process and projects.

Identifying Outlook Anywhere connectivity glitches

Outlook Anywhere's initial configuration can be tricky. If you're having trouble connecting, there are a couple tests you can run.

Outlook Anywhere connects users to Exchange Server using an Outlook client outside their perimeter network. This...

is accomplished by encapsulating Outlook-related traffic within HTTP packets. Outlook Anywhere's initial configuration is pretty tricky and connecting might be tough, but it shouldn't be much trouble after you're up and running.

If you can't connect to Outlook Anywhere, the first thing you should do is run the Exchange Remote Connectivity Analyzer (ExRCA). The ExRCA is a Web-based tool that diagnoses various types of Exchange Server 2010 connectivity issues.

To begin testing your connection with Exchange Server, choose the Outlook Anywhere (RPC over HTTP) test. Click Next and you'll be prompted to enter an email address as well as credentials that specify you're accessing a mailbox on Exchange (Figure 1).

Enter your credentials into ExRCA
Figure 1. You must provide the ExRCA with proper credentials before testing Outlook Anywhere connectivity.

ExRCA will run through a series of tests to determine whether or not Outlook Anywhere is connected. When the tests complete, you will see a screen similar to the one in Figure 2 that shows if the test passed or failed.

ExRCA test results
Figure 2.This is an example of ExRCA test results.

This screen doesn't immediately explain why the test failed. It only indicates that Outlook Anywhere isn’t working. To find out why the test failed, click Expand All and ExRCA will display a list of each test that was performed as well as the results (Figure 3).

Click Expand All in ExRCA to see test info
Figure 3. You can view detailed information on ExRCA tests and results.

In this example, several tests failed. The first bullet points indicate the failure occurred because of an SSL-certificate issue. I’m using an SSL certificate that an in-house certificate authority (CA) generated; the server ExRCA runs on doesn’t trust the CA.

If you're using an in-house CA and receive this error message, it doesn’t necessarily mean that there is a problem. But you should verify that client computers connecting to Outlook Anywhere trust your CA. You should also make sure your client access server (CAS) isn’t configured to use a self-signed certificate.

If you’re trying to determine why an error occurred, the Tell Me More About This Issue and How to Resolve It link can be helpful. This ExRCA component, which is located next to each individual error message, directs you to a TechNet article explaining how to fix the issue.

Configure Outlook clients for Outlook Anywhere
After you've properly configured Exchange Server, you’ll want to configure Outlook clients to use Outlook Anywhere. If you're using Outlook 2010, navigate to the File menu and click Info and then Account Settings. Click the Account Settings option and then double-click on the listed account. Next, select More Settings and navigate to the Connection tab.

Outlook 2010 is configured to connect through a local area network (LAN) by default (Figure 4). Select the Connect to Microsoft Exchange Using HTTP check box and use the Exchange Proxy Settings button to specify a proxy URL and authentication method.

Outlook connects to Exchange over HTTP.
Figure 4. For Outlook Anywhere to work, Outlook must be configured to connect to Exchange over HTTP.

Commands to test Outlook Anywhere connectivity 
You can also use Exchange Management Shell (EMS) cmdlets to test Outlook Anywhere connectivity, specifically the Test-OutlookConnectivity cmdlet. While ExRCA tests external Outlook Anywhere connections, EMS tests connectivity within your perimeter network. If an external test fails but an internal test succeeds, you likely have either a DNS issue or firewall problem.

Before using the Test-OutlookConnectivity cmdlet, Microsoft recommends that you create a special test mailbox. If you ran the Test-OutlookConnectivity cmdlet against one of your own mailboxes, the cmdlet could fail because of an improperly configured or damaged mailbox. Using a test mailbox means test results are based on the CAS configuration.

To create a test mailbox, open the EMS and go to \Program Files\Microsoft\Exchange Server\V14\Scripts. Next, run the following script ./New-TestCasConnectivityUser.ps1. You may have to modify your execution policy using the Set-ExecutionPolicy cmdlet to run the script.

After the script runs, create a password for the test mailbox. Then test your Outlook Anywhere instance using the following EMS command:

Test-OutlookConnectivity –Protocol:HTTP –Identity:Extest_F727e8cb68fc4 –MailboxCredential(Get-Credential lab\extest_f727e8cb68fc4) –GetDefaultsFromAutoDiscover:$true

Enter the test mailbox password and the cmdlet will run through a series of tests to verify that each Outlook Anywhere component is functional.

Brien Posey is a seven-time Microsoft MVP with two decades of IT experience. Before becoming a freelance technical writer, Brien worked as a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network administrator for some of the nation’s largest insurance companies and for the Department of Defense at Fort Knox.

Dig Deeper on Outlook management