In this article i will list down few common steps that can be checked during troubleshooting outlook connectivity issues in Exchange 2013 SP1 and later.
First step is that we need to identify whether it is happening for few users, or all users or its just one user and troubleshoot accordingly. In this blog we will discuss about troubleshooting Outlook connectivity issues for all users in Exchange 2013 environment .
1) Ensure that all Microsoft Exchange Services which is set to automatic are up and running.Especially the Microsoft Exchange RPC Client Access service must be started which is more involved in Outlook Connectivity issues.
2) Check in the application log for any throttling events in both CAS server as well as mailbox server.
3) If it is a new Exchange 2013 setup ensure Host A record for Mail ,Webmail and Auto discover on internal DNS is created correctly.
4) Ensure that the new Exchange Certificate is created and assigned to the IIS service. If you have SSL make sure that the SSL certificate is assigned to the virtual directory.
5) Ensure that autodiscover internal url,ews internal url,oab internal url are set correctly.
6) Check the authentication methods in the IIS for the RPC .If you have enabled mapihttpenabled protocol then check the mapi virtual directory. It can be Basic, NTLM, Negotiate on both the virtual directories and negotiate authentication is enabled by default in Exchange 2013.
You can use the below command to check the authentication method for mapi virtual directory if you have enabled mapihttpenabled protocol.
Get-MapivirtualDirectory | fl
Below is the output and check the iis authentication method and internal authentication column.
Also you can check if you have enabled mapihttpenabled by running the below command
Get-organizationalconfig | fl Mapi*
Analyzing this part is very important.If your organization is using mapihttpenabled protocol then we need to enable this option. There are also few other settings that needs to be configured for using this protocol.For enabling mapihttpenabled protocol refer microsoft blog
This value should be set to false if you have not configured mapihttpenabled in your organization else end users will face trouble in connecting through Outlook . Run the below command to disable mapihttpenabled feature.
Set-OrganizationConfig -MapiHttpEnabled $False
7) Also it could be problem if the outlook providers were not set correctly.
Below is an example of setting up outlook providers .
First we need to run the below command to check the value of outlook provider
In our case since the outlook provider is not set we get the values to be null.
Run the below commands to set the outlook provider name
Set-OutlookProvider -Server exchange2013CAS EXCH -CertPrincipalName msstd:exchangequery.com
Set-OutlookProvider -Server exchange2013CAS EXPR -CertPrincipalName msstd:exchangequery.com
Make sure that the certprincipal name that you are entering matches the name of the autodiscover that you have given in the SAN certificate and internal DNS.
Below will be the output if the outlook providers are set.
Though Outlook providers is not required as it is changes the autodiscover settings to global level from server level .But problems might arise if the outlook providers were not set correctly and autodiscover settings are not configured correctly.So its always better to check the values of outlook provider during troubleshooting these kind of scenarios and there is no harm in setting these values.
Get and easy and secured access to your online private work space and catch up with latest emails and essential documents with office 365 on your preferred device(PC/Mac/android/iOS) on your remotely accessible virtual desktop from CloudDesktopOnline.com with 24*7 top-notch support services from Apps4Rent.com.
MVP – Office Servers & Services
My outookprovider is set to msstd:*.domain.ext
I think I set it to that when I installed a wildcard cert.
Now, when I try to use a new cert with servername.domain.ext as the name, my Outlook clients complain ” proxy server name on the security certificate is invalid”.
How can I tell if I did, indeed, change the Outlook provider?
And, can I reset it to default?
Make sure the cert principle name is matching the external url specified in the Virtual Directory .
Thank you bro, you helped me