Solved: Adding an Exchange 2007 server to an existing EV s...

lewis_licenses · ‎06-22-2009

We have an existing Exchange 2003 / EV 7.5 installation. We are moving to Exchange 2007 and I am trying to add that server into the EV setup. Everything appears to be working fine EXCEPT when I try to access archived items in test mailbox from Outlook 2007 when outside our network (using Outlook Anywhere), I get a gray bar at the top of the message that says "There was an error loading this item" Then, I receive a pop-up that says "The server name could not be resolved". I followed the instructions to the "T" from the admin guide.

Here is the error:

When I pull up the vault information in the EV Diagnostics dialog, I get this error:

Any suggestions/help would be much appreciated!

Thanks!

Jeff

MichelZ · ‎06-23-2009

BigPhil

Thanks for the roses :)
However, Proxy method definitely does not work with Exchange 2007. :)
You have to publish EV for full functionality.

Let me back this with some TechNotes:
http://seer.entsupport.symantec.com/docs/292532.htm
http://seer.entsupport.symantec.com/docs/318252.htm
http://seer.entsupport.symantec.com/docs/304193.htm

and a very nice quote from the last TechNote:
Enterprise Vault 2007 supports the use of RPC over HTTP in Exchange 2007. At this point, please note that one of the major changes with Enterprise Vault and Exchange 2007 is that we can no longer proxy through the Exchange Servers and therefore require direct access to the Enterprise Vault Server for RPC over HTTP to function.

Hope this helps ;)

Cheers

cloudficient - EV Migration, creators of EVComplete.

View solution in original post

Rob_Wilcox1 · ‎06-22-2009

In your mailbox policy what do you have for :-

RPC over HTTP Url
Go direct or use proxy ( I forget the EXACT name of the policy setting )

For Exchange 2007 at the moment the supported route is "direct". That means that the client extensions will try to make contact using your Default Web App URL. For EV 2007 you _can_ modify that on the properties of your site, and point it to the external name. In EV 8 you can't do that however. Another option is to change the policy setting to "use proxy", and then you can put in the URL of your Exchange 2003 Front-End server, or, you _can_ put in the URL that will work externally and get to your EV server.

I say "_can_" because there are a number of pitfalls, and the "true" solution is somethng that is being fleshed out (so that for example if you do someting today on your EV 2007 system, such as hard code the default web app URL, and then later upgrade to EV 8 where it will get "reset" we will have a "path" for people to follow).

So, please try one of the options mentioned, or shout up for clarification if you need any.

Thanks
Rob Wilcox
EV Engineering Support

Working for cloudficient.com

lewis_licenses · ‎06-22-2009

Rob, thanks for your response.

I forgot to mention that I created a new mailbox policy specifically for Exchange 2007 and set it to Direct. As an FYI, everything is working correctly when connected to the LAN and when using OWA.

Also, I have not done ANYTHING to the Exchange 2007 server except install the OWA extensions, as I did not read anything in the Admin guide that said to make any changes to that server... not sure if this is part of the issue?

lewis_licenses · ‎06-22-2009

I tried to use the proxy settings... no love. Same error messages.

I did verify that it is assigning the correct mailbox policy by making a change to remove the Archive Explorer button. Upon synchronizing EV policy and then restarting outlook while on the LAN, it was apparent that things are configured correctly to use the Mailbox policy I had created.

Thanks!

BigPhil · ‎06-22-2009

are you publishing via ISA or any other means? also...if using the "Direct" mailbox policy setting then are you using a hosts file or something so the client can resolve to the correct IP address while on the outside network? does owa work externally?

lewis_licenses · ‎06-22-2009

Thanks BigPhil,

No, we are not publishing via ISA or any other means. We use a juniper firewall.

no hosts file. This is not necessary when connecting when the mailbox is on the Exchange 2003 server.

Yes, OWA works perfectly.

BigPhil · ‎06-22-2009

I dont see how it could ever work if you cant get to http://ev01/enterprisevault from the outside world. without a hosts file or vpn how would the computer know what "ev01" is? maybe im missing something, but thats what it looks like to me.

lewis_licenses · ‎06-22-2009

Exchange 2003 is using the EV Proxy setting. My assumption, possibly incorrect, is that Exchange 2007 should just work. Either that or the Admin guide is very much lacking in any instructions on what is necessary to make this work.

BigPhil, thanks for trying!

BigPhil · ‎06-22-2009

dont know if it will help or not, but maybe you need to add the server with the hub/cas role to the ExchangeServers.txt file in the EV install directory. if owa is already working then this is probably not it but you might double check. i have never setup EV in an Exchange 2003 environment so I only know the Exchange 2007 side. hopefully somebody else can come up with a solution :)

lewis_licenses · ‎06-22-2009

Thanks for trying!

the IP address of the CAS server is already in the exchagneservers.txt file and I've already run the script to "activate" it there.

Thanks again!

MichelZ · ‎06-22-2009

Hi guys

As you have to use the "direct" method with Exchange 2007, and can't use the "proxy" method via /enterprisevaultproxy method:
What this means is that EV has to be published to the Outside World to work, and that's why he can't reach http://ev01 from the Outside world.
(I haven't used Outlook Anywhere / RPC/HTTP much yet, but I'm fairly sure ;) )

So, your options are:
- Publish EV to the Outside World
- Set ExternalWebAppUrl in web.config on your CAS EV Extensions to point to the external hostname of your EV Server

Anyone agrees??

@Lewis:
As a Test, are you able to open your archived items with pure OWA on Exchange 2007?
And let me guess: The search and Archive Explorer do not work, correct?

You have been hit by a product limitation with Exchange 2007 and Enterprise Vault :)

Cheers

cloudficient - EV Migration, creators of EVComplete.

BigPhil · ‎06-23-2009

@MichelZ
First I would like to say thank you for all of your valuable input on this forum! you are a great resource!!! so with that said, I dont 100% agree with you on this one ;) we use the proxy method here and run Exchange 2007 and everything works like a charm...albeit we are publishing with ISA 2006. also...i dont not have any issues using search of archive explorer from owa 2007 either. correct me if i am wrong here, but i dont think just because i publish with ISA that these work for me. i think you should be able to get these functions to work regardless.

@Lewis
I do agree with MichelZ that you must publish one way or another...dns or hosts file if not using any type of vpn. also...be sure you are running at LEAST 7.5 sp4 so you can change the settings in the web.config file MichelZ told you about. In your 4th post you said owa was working perfectly. was this owa2007 or 2003, and did any of the EV functions work correctly with it?

MichelZ · ‎06-23-2009

BigPhil

Thanks for the roses :)
However, Proxy method definitely does not work with Exchange 2007. :)
You have to publish EV for full functionality.

Let me back this with some TechNotes:
http://seer.entsupport.symantec.com/docs/292532.htm
http://seer.entsupport.symantec.com/docs/318252.htm
http://seer.entsupport.symantec.com/docs/304193.htm

and a very nice quote from the last TechNote:
Enterprise Vault 2007 supports the use of RPC over HTTP in Exchange 2007. At this point, please note that one of the major changes with Enterprise Vault and Exchange 2007 is that we can no longer proxy through the Exchange Servers and therefore require direct access to the Enterprise Vault Server for RPC over HTTP to function.

Hope this helps ;)

Cheers

cloudficient - EV Migration, creators of EVComplete.

BigPhil · ‎06-23-2009

by proxy method i was referring to the EV Exchange policy settings "rpc over http connection = use proxy", not the proxy through Exchange...this is what i thought you were talking about. sorry for the misunderstanding ;) good links for Lewis to look at!

MichelZ · ‎06-23-2009

I think it's the same with rpc over http connection = use proxy.
It's not there anymore with Exchange 2007.

You can check it easily, if you really have set rpc over http connection = use proxy, then have a look at your hidden message, and search for the value "RPCOVERHTTPCALCPROXYURL", this will point to http://<your-cas>/EnterpriseVaultProxy which is just non-existent on the CAS.

Or did I missunderstood you?

(Regardless of this, I think the proxy method was good and publishing EV is bad... :) :) )

cloudficient - EV Migration, creators of EVComplete.

BigPhil · ‎06-23-2009

@Lewis
not trying to hijack your thread, hopefully you have gotten some good info to get you going in the right direction

@MichelZ
here are my hidden messages:
RPCOVERHTTPCALCPROXYURL
RPCOVERHTTPPROXYURL https://mail.domain.com/enterprisevault

and here is a snapshot of my settings, of which my envrionment is working perfectly.

Rob_Wilcox1 · ‎06-23-2009

In EV 8 the supported method is "go direct"... which means we have to hit the URL defined for the Default Web App URL .. or it won't work for RPC over HTTP. Philip Nunn, what you suggested does work in some cases, but it's not the supported route :) I've seen and had that working that way many times.

So, with "go direct" you used to be able to (prior to EV 8) edit the default web app URL on the site settings to point to an externally working FQDN. In EV 8 you can't do that. So in EV 8 you have to be able to resolve your internal server name externally. This as I think MichelZ said is a big limitation, and one that we are working to resolve.

So for now..

Hosts file is the only way (or VPN in.. which isn't what you want to do I don't think).

The hosts file needs to resolve to an external IP address which hits your ISA/Firewall, etc, and that points it through to your Enterprise Vault server.

Hope that helps,

Thanks
Rob Wilcox
EV Engineering Support

Working for cloudficient.com

lewis_licenses · ‎06-29-2009

Thank you to all of you for your comments. I got swamped and did not have the time to follow-up on this thread.

MichelZ, I will look at thos technotes and will respond back to this thread once I have worked through all this great info!

Thanks!

lewis_licenses · ‎06-29-2009

Thanks to all, this information is what I was looking for.

Unfortunately, it is not ideal - as the user needs to login a second time when they go to access something from the vault (no integrated authentication) - but it works.

My last hurdle in moving to Exchange 2007 has been solved!

Thanks!
-jeff

citizen · ‎07-13-2009

This thread has been really helpful but I still don't have RPC over HTTP working in my EV8 & Exchange 2007 & ISA06 environment. Here my question:

By saying it is necessary to have "direct access to the Enterprise Vault Server for RPC over HTTP to function", does that mean opening up the firewall or can we publish through the ISA?

The ISA doc I was using is:
seer.entsupport.symantec.com/docs/305637.htm

VOX

Adding an Exchange 2007 server to an existing EV site - Outlook Anywhere not working (RPC over HTTPS)