Here are the vital areas that need to be considered.
- Outlook Anywhere
- SSL certificate in line with your domain name and this should be installed on the IIS.
- RPC over HTTP needs to be added as a feature in your server using the server manager etc. depending on the Windows server you are using https://technet.microsoft.com/en-us/library/dd776122(v=exchg.141).aspx
- After configuring all these steps, ensure to text using https://testconnectivity.microsoft.com/ for possible cause of errors in other to find a fix.Note: you can also reach this site via exchange. In the console tree click on tools and on the Toolbox pane select Remote Connectivity Analyser.
This tool is very vital as it will analyse where all the errors hindering outlook anywhere connectivity.
Described Steps to achieve the above mentioned requirements
Step 1 Auto discover. Check on you Webserver (IIS) on exchange server.
To get here click on the server manager and expand the roles, select webserver and then Internet Information Service (IIS) and ensure you have your Autodiscover and RPC etc. available.
Now click on the DNS manager,
Expand the forward lookup zone,
Create an A record for your Autodiscover in your DNS to resolve both internal and external IP Addresses.
Note: these are the IP address assigned to the internal and external URL (i.e. the IP in which these URL can be reached externally and internally).
Step 2 Enabling Outlook anywhere
Note: You should have your internal and external virtual directory URL (FQDN) in place already in order for users to be able to access outlook/OWA internally and externally, most at times they are the same but can be different as well.
This can be done under the server configuration,
select client access
and on the Action pane select configure External Client and
then click on Enable Outlook Anywhere.
Now click on Properties to select the Authentication type and hostname.
See link and steps below for better understanding.
You would also enable the Client Access server for Outlook Anywhere to work or the external host name must be specified by using the Enable Outlook Anywhere wizard or by using the Power Shell as well. See link https://technet.microsoft.com/en-us/library/aa996902(v=exchg.141).aspx
Configuring the External hostname
- In the console tree,
- Navigate to Server Configuration and the click on Client Access.
- On the action pane, click Properties.
- On the Exchange (Default Web Site) Properties page, click the Outlook Anywhere tab.
- In the text box under External host name, enter the external host name to use for this site.
Note: Now select the authentication method you would like to use and this can be done via PowerShell or EMC, see link https://technet.microsoft.com/en-us/library/bb124149(v=exchg.141).aspx
But in my case we chose – NTLM
Step 4. Configure SSL Offloading for Outlook Anywhere. This is usually done the very first time you enable outlook anywhere wizard. Just enable SSL offloading by selecting the check box next to Allow secure channel (SSL) offloading and see link for further information if needed https://technet.microsoft.com/en-us/library/aa998346(v=exchg.141).aspx
Step 4. Note: Without SSL, there is no way we can make use of Outlook anywhere except we have rpc virtual directory configured to use Secure Sockets Layer (SSL).
See link on the configuration steps https://technet.microsoft.com/en-us/library/aa995982(v=exchg.141).aspx
Note: But in my case I had all these configured before but just to fix some basic issues not enabled which might be of help to you.
Step 5: Create a certificate request, create a certificate and install the certificate by completing the certificate request. See the following link https://techdirectarchive.com/2020/04/09/how-to-request-a-certificate-in-windows-example-adfs-certificate-request-to-support-aad-deployment/