Using the Exchange 2010 Mailbox Export features for Mass Exports to PST files Comment navigation. Hey, in exchange 2010 we create CAS Arry and in that array we add CAS servers of the Site so that user connect to that array for RPCoutlook and then we configure out. Weve been running Outlook 2010 for several years, but Im beginning to test Outlook 2016 against our onpremises Exchange 2010 server. The short version connection. Setting Up Outlook 2010 Using Microsoft Exchange Activesync Settings' title='Setting Up Outlook 2010 Using Microsoft Exchange Activesync Settings' />SOLVED Outlook issues after Exchange 2. This has not been tested on Exchange 2. Here is my guide You need to make sure your Outlook. Anywhere and Auto. Discover settings are setup properly along with Split DNS. Outlook. Anywhere and Split DNS are vital for future proofing your Exchange configuration and making it work properly now, regardless if you use Exchange 2. For Exchange 2. 01. Outlook. Anywhere is a requirement and Split DNS is Best Practice. If you are on Exchange 2. Outlook. Anywhere enabled, enable Outlook. Anywhere and follow this guide. First thing is first, make a backup of your environments configuration. Run the following commands in Exchange Management Shell to backup your configuration. Dont forget to change the NSLOOKUP commands at the bottom so that they reflect your current OWA URL hostname and the Autodiscover record for your external domain name. The Start TranscriptStop Transcript lines will output all of this to a text file in the current folder, as well as on screen. Start Transcript Environment. Backup. txt. Get Outlook. Provider Format List. Get Outlook. Anywhere Format List. Get Client. Access. Server Format List. Get Active. Sync. Virtual. Directory Format List. Get Autodiscover. Virtual. Directory Format List. Get Ecp. Virtual. Directory Format List. Get Oab. Virtual. Exchange 2007 Outlook Web Access knowledge base, including OWA 2007 articles, white papers, tips, frequently asked questions and software links. Using Outlook gives you the opportunity to access many different types of email accounts from one place. If you have a Microsoft email account that ends in outlook. Yesterday I upgraded from Exchange 2010 SP3 CU 13 to Exchange 2016 by standing up a new 2016 MailboxCAS server, configuring it then snagging the IP from the old CAS. Since Microsoft introduced Exchange ActiveSync EAS as part of the old Microsoft Mobile Information Server, it has steadily become more widespread. Setting message size limits in Microsoft Exchange 201020132007 can be tricky. Learn how to configure message size settings and troubleshoot message size. Misc/mmd_1.jpg' alt='Setting Up Outlook 2010 Using Microsoft Exchange Activesync Settings' title='Setting Up Outlook 2010 Using Microsoft Exchange Activesync Settings' />Directory Format List. Get Owa. Virtual. Directory Format List. Get Power. Shell. Virtual. Directory Format List. Get Web. Services. Virtual. Directory Format List. Get Send. Connector Where Object. Enabled eq true Format List. E%2526A)Outlook2010Exchange8-4a57959391fe2e860a72dc8420550c5b5c918bd9a1942a1b0f7a8e073f64de6d.png' alt='Setting Up Outlook 2010 Using Microsoft Exchange Activesync Settings' title='Setting Up Outlook 2010 Using Microsoft Exchange Activesync Settings' />Get Send. Connector Where Object. Enabled eq true Get ADPermission Where Object. Stop Transcript. Now that we have an Environment Backup, lets proceed with the steps to fix your environment. As DNS is a vital component in any network, please make sure that Split DNS is setup first before doing anything else. To make sure Split DNS is working properly, review the Environment Backup The 7 NSLOOKUP commands at the end. The first 2 nslookup commands should both respond from an internal computer to the internal IP of your Exchange server eg. To fix the internal records, the easiest way to do this is to create a DNS Zone Active Directory Integrated for mail. OWA URL and then create a blank A Record and point it to your internal IP Address for your mail server eg. Then create another DNS Zone Active Directory Integrated for autodiscover. A record and point it to the internal IP Address of your mail server eg. The next 2 nslookup commands should both respond externally Via Googles DNS to your external IP of the mail server eg. To fix the external records more than likely, autodiscover is the one that doesnt exist and needs to be created, on your domains external DNS Manager create an A record for autodiscover. IP of your mail server eg. The 5th nslookup command will show you your MX records on the internet. MX Records should NOT point to an IP Address as stated in RFC1. They should have a priority at the beginning where the lowest number is the preference. If you are directing inbound mail traffic to an Anti Spam 3rd party provider, this will be the hostnames associated with them. In the case of an onsite appliance, create a new A record called inbound. IP for your Anti Spam Appliance, and then set the MX Records to 1. The 6th nslookup command will show you your TXT records these records are used for extra information in DNS, and one of the extra pieces of information you should have in there is an SPF record. A Sender Policy Framework SPF record identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. If your domain does not have an SPF record, some recipient domains may reject messages from your users because they cannot validate that the messages come from an authorized mail server. You should use an SPF Generator to get the proper syntax for your SPF Record https www. SPFGenerator. And the 7th nslookup command should respond that this record does NOT EXIST. If it does resolve to an IP, there is likely a wildcard record on your domain. Some webhosting companies do this for subdomain management instead of putting an explicit hostname in their DNS records. It actually causes more problems than it fixes, so where possible, you should log into your domains external DNS Manager and remove the wildcard record. After Split DNS is confirmed working, the next things to check and fix are the Virtual Directories and the Client Access Server Autodiscover URI. All Internal. Url and External. Urls should be setup using the hostname mail. OWA URL that you chose. You should always use NTLM over Basic authentication as Basic sends the username and password in the clear, and NTLM doesnt as it is Windows Authentication. On Exchange 2. 01. Negotiate, which is recommended, but if you have Outlook 2. Outlook 2. 00. 7 clients, keep it with NTLM for backwards compatibility. For futureproofing, please also turn on SSLOffloading for Outlook. Anywhere which is enabled by default on Exchange 2. OA. For Exchange 2. Set Outlook. Anywhere Identity SERVERRpc Default Web Site SSLOffloading true Client. Authentication. Method NTLM IISAuthentication. Methods Basic,NTLMFor Exchange 2. Outlook 2. 01. 0 and 2. Set Outlook. Anywhere Identity SERVERRpc Default Web Site SSLOffloading true External. Client. Authentication. Method NTLM Internal. Client. Authentication. Method NTLM IISAuthentication. Methods Basic,NTLM,Negotiate. For Exchange 2. 01. Outlook 2. 01. 3. Set Outlook. Anywhere Identity SERVERRpc Default Web Site SSLOffloading true External. Client. Authentication. Method Negotiate Internal. Client. Authentication. Method Negotiate IISAuthentication. Methods Basic,NTLM,Negotiate. Now that weve got Outlook. Anywhere configured, lets configure the Outlook. Provider settings. By default three Outlook Providers are used to configure settings individually for Exchange RPC protocol or internal clients EXCH, Outlook Anywhere EXPR and WEB. The EXCH setting references the Exchange RPC protocol that is used internally. This setting includes port settings and the internal URLs for the Exchange services that you have enabled. The EXPR setting references the Exchange HTTP protocol that is used by Outlook Anywhere. This setting includes the external URLs for the Exchange services that you have enabled, which are used by clients that access Exchange from the Internet. The WEB setting contains the best URL for Outlook Web Access for the user to use. This setting is not in use. To harden security, it is best practice to set the Cert. Principal. Name for each of the Outlook Providers it is also required if you have any lingering XP Clients that will use Outlook. This will make sure that only a certificate with a specific subject name will be accepted. Set the Cert. Principal. Name for the Outlook. Palm 7X Software. Provider settings. Set Outlook. Provider Identity EXCH Cert. Principal. Name msstd Subject name of certificate. Set Outlook. Provider Identity EXPR Cert. Principal. Name msstd Subject name of certificate. Set Outlook. Provider Identity WEB Cert. Principal. Name msstd Subject name of certificateSet the Client Access Servers Autodiscover record to the OWA Hostname Set Client. Access. Server Identity SERVER Auto. Discover. Service. Exchange Server 2. Outlook Web App Authentication Settings. Outlook Web App OWA is the webmail interface for Exchange Server 2. Most of you will already be familiar with the acronym OWA from previous versions of Exchange Server where webmail was named Outlook Web Access. Outlook Web App is hosted on the Client Access Server role for Exchange Server 2. IIS 7.   The OWA URL is typically something like this https webmail. To connect to Outlook Web App users must authenticate first. The OWA virtual directory can be secured using different authentication settings depending on the network environment. Exchange Server 2. Outlook Web App Authentication Types. There are four authentication methods available for Exchange Server 2. OWA.   They are Integrated Authentication this allows domain users who are logged on to domain computers to automatically logon to Outlook Web App. This is useful for internal Outlook Web App access as it simplifies the logon process for domain users they dont need to logon once to the computer and then a second time for OWA. However Integrated Authentication is not suitable for remote access by people using non domain member computers, or people who are connecting via proxy servers. Basic Authentication this uses the HTTP protocol to send the logon credentials to the server. Because the credentials are sent in the clear the use of SSL is highly recommended for securing them. Also, because Basic Authentication credentials can be cached in web browsers it is recommended to use an additional authentication factor eg a one time password from a token to prevent unauthorized access from public kiosk computers using the cached credentials. Logon dialog box for Outlook Web App using Basic Authentication Digest Authentication this method solves the problem with Basic Authentication where credentials are sent in the clear by sending a hashed password instead. Digest Authentication also works through a proxy server unlike Integrated Authentication. However Digest Authentication does have some other configuration requirements, such as the use of reversible encryption for password storage in Active Directory. These may make it an undesirable option for many organiztions. Forms Based Authentication this method uses a sign in webpage on the server to collect logon credentials. Basic Authentication the use of SSL with Forms Based Authentication is highly recommended to protect the user credentials. The Exchange Server 2. OWA Logon Page. Forms Based Authentication has three additional configuration options for how the user credentials are submitted. Domain. Username users enter their credentials in the format Domain. Username, using either the NETBIOS or FQDN for the domain name. User Principal Name UPN if this option is chosen only users who have a UPN specified that matches their email address will be able to logon to Outlook Web App. PS C Get Mailbox alan reid fl name, userprincipalname, primarysmtpaddress. Name Alan. Reid. User. Principal. Name Alan. Reidexchangeserverpro. Primary. Smtp. Address Alan. Reidexchangeserverpro. PSC Get Mailboxalan reidfl name,userprincipalname,primarysmtpaddress. User. Principal. Name   Alan. Reidexchangeserverpro. Primary. Smtp. Address Alan. Reidexchangeserverpro. Username Only with this option the Exchange administrator specifies a default domain for OWA logons, and users in that domain can logon with username only. Users in other domains must still use Domain. Username. Configuring Outlook Web App for Integrated Authentication. In this example the Exchange Server 2. OWA virtual directory is being configured for Integrated Authentication. Using the Exchange Management Console navigate to Server Configuration Client Access, and choose the server you wish to configure. Select the Outlook Web App tab, then right click the OWA virtual directory and choose Properties. Configuring an Exchange Server 2. OWA Virtual Directory. Select the Authentication tab. Choose Use one or more Standard Authentication Methods and tick the Integrated Windows Authentication box. Enabling Integrated Authentication for Exchange Server 2. OWAClick OK to apply the change. Vose And Sons Piano Serial Numbers there. To perform the same configuration using the Exchange Management Shell run this command. PS C Set Owa. Virtual. Directory EX3owa Default Web Site Basic. Authentication false Windows. Authentication true Digest. Authentication falsePSC Set Owa. Virtual. DirectoryEX3owa Default Web Site Basic. Authenticationfalse Windows. Authenticationtrue Digest. Authenticationfalse. You will notice that three settings were specified in the command. This is because Basic, Integrated, and Digest Authentication can be enabled concurrently so that the OWA virtual directory supports multiple authentication methods. Because of this you should explicitly configure the authentication methods the way that you intend them to be set, rather than modifying only a single authentication method. Configuring Outlook Web App for Forms Based Authentication. In this example the Exchange Server 2. OWA virtual directory is being configured for Forms Based Authentication. Using the Exchange Management Console navigate to Server Configuration Client Access, and choose the server you wish to configure. Select the Outlook Web App tab, then right click the OWA virtual directory and choose Properties. Configuring an Exchange Server 2. OWA Virtual Directory. Select the Authentication tab. Choose Use forms based authentication and then choose a logon format, in this example User name only. Configuring Forms Based Authentication for Exchange Server 2. OWAClick OK to apply the change. To perform the same configuration using the Exchange Management Shell run the following command. PS C Set Owa. Virtual. Directory EX3owa Default Web Site Forms. Authentication true Logon. Format User. Name Default. Domain exchangeserverpro. PSC Set Owa. Virtual. DirectoryEX3owa Default Web Site Forms. Authenticationtrue Logon. Format User. Name Default. Domain exchangeserverpro. Other Steps When Changing Outlook Web App Authentication Settings. You will notice as you modify OWA virtual directory authentication settings that two additional steps are usually required Resetting IIS this is required any time you switch to or from Forms Based Authentication. From a command prompt window run the following command Modifying the ECP virtual directory ECP stands for Exchange Control Panel and is the self service web portal for end users to make changes to their mailbox, distribution lists they manage, and some other items. The authentication method for this virtual directory should be configured to match the OWA virtual directory.