<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2525 " id="quads-ad2525" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<p><strong>Issue:</strong></p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2530 " id="quads-ad2530" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2526 " id="quads-ad2526" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2531 " id="quads-ad2531" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>




<p>When you try to setup your Outlook with Exchange account, you get the below issue.</p>



<p><strong>Note:</strong></p>



<ul class="wp-block-list"><li>In this scenario I&#8217;m using windows signed certificate for exchange but I have the CA installed on Client side.</li><li>Client is not joined to the domain.</li><li>Client is not on VPN.</li></ul>



<p><strong>Symptoms:</strong></p>



<p>Outlook 2010/2013 keeps prompting you for credentials even though you entered them correctly several times.</p>



<p>And when cancelling you receive that &#8220;The action couldn&#8217;t be completed. The connection to Exchange is unavailable&#8221;.</p>



<figure class="wp-block-image"><img src="https://lh5.googleusercontent.com/CVptrLE_MO7LFMTqicq2hHR3mziK_s5Zg-kw1_41fifxylHxgPILAxa13epQOSdt7x9tx0_MWRbvCzN6KnSIGEL2tamXxyi97Jqf1Ew9XpVQMtLnfHYi=w1175" alt=""/> 

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2528 " id="quads-ad2528" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>
 
</figure>



<figure class="wp-block-image"><img src="https://lh6.googleusercontent.com/bEOFBSt2y7NS0bvmVbWJgiwoLqTB_cG0VbiSYBTiDGR5tTWcl1NPiEdvru6GKyZM_KZysF_4K1slyQBriHg9u8PDr06CIMSSAO0yUYkjhdSTUplR16m0=w874" alt=""/></figure>



<p>Investigation:</p>



<p>Let&#8217;s test our autodiscover and see what&#8217;s wrong.</p>



<p>I will first go to <a href="http://www.google.com/url?q=http%3A%2F%2Fwww.testexchangeconnectivity.com&;sa=D&;sntz=1&;usg=AFQjCNHUqhF-2O-tGbWFeOhmXD2ORMzmhw" target="_blank" rel="noreferrer noopener">www.testexchangeconnectivity.com</a> and test the autodiscover</p>



<figure class="wp-block-image"><img src="https://lh4.googleusercontent.com/DrK1u_-M-9a7hIopa1-2BSPtseLqOIiBMYFE4byxOPsH80z_s6WAI0FBnwTk14jvClj54iHmFiIFBIbFnmDIaPUmC-xB-PwOLjpcv3dqCj_xdylA=w572" alt=""/></figure>



<p><strong>Now testing Autodiscover have resulted positively.</strong></p>



<figure class="wp-block-image"><img src="https://lh3.googleusercontent.com/PJJYipNi_SELSlSyET05ogd1kbNQyFxKzu5ub27rTSzspeTtUWcTIbU_H4Cvs_2RMpKZkmHJaY3L8KwaNRF4X3wQtee_dkuoZfHXE5gTGOXslbhMmq4=w874" alt=""/></figure>



<p><strong>There&#8217;s no need to test RPC over HTTP when using a windows/self-signed certificate as it won&#8217;t result positive anyway </strong></p>



<p><strong>Next let&#8217;s check TMG&#8217;s configuration.</strong></p>



<figure class="wp-block-image"><img src="https://lh3.googleusercontent.com/jxBOKFFs1YFSpesg8E4l-XM-kA6qcPp1HG7w2hYMq3RXBuTJ9-D5IoCjmBuggO3JH4qHJLOlWhfejvVPI5n2umV-qr9BeEph4ehFG6lPLo-VuiG248E=w572" alt=""/></figure>



<p><strong>Every rule that involves RPC should be checked in order to make sure that your Publishing configuration is correct.</strong></p>



<p><strong>RPC Server should be pointing internally to your Exchange server and externally to your mail.domain.com External IP Address.</strong></p>



<figure class="wp-block-image"><img src="https://lh6.googleusercontent.com/RF0vq5_fKQx2U817bceIIRvjdwRu5L2eWDa1kmng3Lav3odieaUhZmrO_OtTj57Jvh9zQpKbqQA4FK2RggkLZDaf6tNLWtZfLVSxhESPEN8Su1lSsC8k=w472" alt=""/></figure>



<figure class="wp-block-image"><img src="https://lh3.googleusercontent.com/S4CJF6rjcpT5bMOcS6AsjYYVSNGiBOo0bfN-EQsSoz96x6ki08zO57buPq2u7g1o_syy98l8WtzflPvqFJhsdZOUL7kQYgLVxqEHJB5VhdhzVpl9dRA=w472" alt=""/></figure>



<p><strong>Although when you use TMG&#8217;s wizard to publish Exchange TMG does everything for you but still you need to check if it&#8217;s the right configuration.</strong></p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2529 " id="quads-ad2529" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>




<p><strong>This is my autodiscover rule configuration&#8217;s paths and RPC is also included there.</strong></p>



<figure class="wp-block-image"><img src="https://lh6.googleusercontent.com/i70baQFOhLs7Uv-xvLpNxTMPocU_ppuX0jHnMKPO5TjUJYmnqHU1NcWXPhl1uAtddsNGIsVHZOC7p4pDlztDYW7oUnDfyg_aS1Shn4X4JPSiYkjsKzs=w472" alt=""/></figure>



<p><strong>Testing rule seems to result positive for all the published paths.</strong></p>



<figure class="wp-block-image"><img src="https://lh5.googleusercontent.com/ctZ0kOPy0x-ycqcJbBTzGj8LllzaNji2dfuQevvD2NU9RmPHz4QNeP8oc0tUFvp-fT52XCajIC0y_u0thjB5xae1sKGOFkJ7WICG3fEILB9ebu_NPA=w472" alt=""/></figure>



<p><strong>Let&#8217;s try testing the following link and see if it authenticate. The RPCproxy is required for outlook clients to be configured properly</strong></p>



<p><strong>Outlook client tries to connect to the below link after finding the autodiscover settings</strong></p>



<p><a href="https://autodiscover.demotesas.com/rpc/rpcproxy.dll">https://autodiscover.demotesas.com/rpc/rpcproxy.dll</a></p>



<p><strong>If you type your credentials, it most likely won&#8217;t connect and will keep prompting or will probably say that request is invalid!</strong></p>



<p><strong>Resolution:</strong></p>



<p><strong>What if we changed the RPC path from autodiscover to mail.demotesas.com? The authentication method might be the problem in this case as I am using a total different authentication methods for the mail and for autodiscover rules.</strong></p>



<figure class="wp-block-image"><img src="https://lh4.googleusercontent.com/I70Rxu5CyatTNT2E66ZRAHsCt2MqMFYtV9S6ZnvmVSOW_vxZUwWfhXwDXQgkXxIJ1RBUSTTTwV0SN2SbnJeDAsYuV5Wmf_KctoDIciP0_LSkT6qMnJM=w472" alt=""/></figure>



<p><strong>Once we publish the rule, we will have to check the result of the following link</strong></p>



<p><a href="https://mail.demotesas.com/rpc/rpcproxy.dll">https://mail.demotesas.com/rpc/rpcproxy.dll</a></p>



<p><strong>The site will mostly be accessed without any issues.</strong></p>



<p><strong>Now we can test our Outlook client setup and see if it will go well without any issues!</strong></p>



<p><strong>The problem was related to the RPCproxy.dll was not being set on the right rule and on the appropriate domain.</strong></p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2523 " id="quads-ad2523" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>




<p><strong>It should be on the mail.domain.com with the same authentication delegation.</strong></p>



<figure class="wp-block-image"><img src="https://lh4.googleusercontent.com/WGDKRV8Pw1yFij_pBIq080WjTWrdBLbr-l0_ihwCkslHQi6RVt3O65T8YMOo4hgtKRgOEjYFiUSdeCaC7tC-XHfSnNxi-EZxe_64SIgunNb3jR69Zg=w1175" alt=""/></figure>
</p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2524 " id="quads-ad2524" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>


Reset and manage your Active Directory users' Passwords Active Directory is one of the most…
Finding Exchange Database hidden mailboxes. Story:Maybe you have been in this situation before, trying to…
If you're using a Proxy server in your firewall or in your network and have…
Story:I got some clients that have reported some of their users being locked out and…
Delegate Permissions This is a code that I have wrote recently to check if an…
Story: I got a request from a client who constantly gets CVs and have to…