cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

EV10 - getting in a muddle with RPC and Outlook access from the outside

CRM250
Level 2

‎03-26-2014 02:54 AM

Hello all, i am hoping someone can clear all this up for me once and for all. there seems to be some conflicting information out there.

I am running EV 10.0.3 and the clients are running the same with a few running 10.0.4

I am currently struggling to get Outlook to open items from outside the business organisation and while part of it works - the outlook client doesn't

So to explain things a bit better and simplify it, if we were to assume the EV Server FQDN name is vault.business.local
The internal domain is business.local
The domains external name is business.com

So keeping it simple, imagine a fresh install and taking the defaults with minor tweaks to the desktop policy, the vault works ok internally via the client software - but nothing will work on the outside.

However open the firewall, put in an external DNS entry of say vault.business.com and point it to the WAN ip of the vault and some items will work. Now one thing i noticed was by default the clients would try to open by default http://vault.business.local/enterprisevault from the outside world - now clearly this is not going to work, so with some DNS fudging (internally and externally) change that to http://vault.business.localvault.business.com/enterprisevault
So a quick edit of the SiteEntry table in the SQL of the DefaultWebAppURL field and replace the /enterprisevault with vault.business.com/enterprisevault means it will be prefixed with the http://vault.business.local - are you still with me ? so the full path is now http://vault.business.localvault.business.com/enterprisevault
A quick rebuild of all shortcut processing and the end result is outlook can open items from the outside - once the "View the original item" link is clicked and it shuffles off to the vault server and opens the email content in your browser. Now ok it sort of works, but i would rather get it to open normally in outlook obviously.

So the $64000 question is how to get outlook to open these ? when you click on either archive explorer or search vault buttons, the page displayed is blank, and with it not showing the path it is trying to open its difficult to see why not.

I am guess there are plenty out there who have seen this scenario and would like to resolve it, If someone could take the time to explain each setting based on the example names used above, and which item to check in the desktop policy, SQL, server names etc etc.

It seems to become more complicated with each version that appears and while some things improve, other items just get bloated and harder to unpick. So if anyone could help it would be very much appreciated.

Cheers

0 Kudos
3 REPLIES 3

Prone2Typos
Moderator
Moderator
Partner    VIP    Accredited Certified

‎05-08-2014 01:11 PM

Check this out: https://www.symantec.com/business/support/index?page=content&id=TECH63250

Hope it helps.

 

J

0 Kudos

BigPhil
Level 5

‎05-08-2014 02:20 PM

+1 To the article @TypoProne linked to. In addition to that, we need more information from you. Namely, Exchange version, type of firewall (using TMG?), Outlook version and their config (Outlook Anywhere?). Also...I wouldn't be going directly into the SQL database to make any configuration changes.

I think you likely need to configure your desktop policy/advanced/Outlook settings: All of the "RPC over HTTP...." settings.

0 Kudos

Merv
Level 6
Partner

‎05-09-2014 05:47 AM

CRM250 if you would have read up on access to EV over the internet or via outlook anywhere or OWA you would have come across the article from typo prone and saved lots of hassle. EV policy has defaultwebappurl and most importantly external web app url. These are stored in the hidden message and configured in the OWA or Outlook desktop policy settings. If you do a client trace you can capture what is configured or in use.

So the skinny is

1. Publish EV to the internet either directly like what you have I.e. Vault.externaldomain.com OR

2. Use a reverse proxy like TMG or F5 or any application layer f/w which can do Reverse proxy and URL rewrite I.e https://mail.externaldomain.com/enterprisevault -> http://evserver.internaldomain.local/enterprisevault

http://www.symantec.com/business/support/index?page=content&id=HOWTO59068

3. Configure your external web app URL as either option 1 or option 2 in desktop policy for both OWA and Outlook ( outlook rpc over http proxy URL)

4. There is also an option to force the external Url for OWA clients I.e. If say internally and externally users access OWA via unified URL I.e. Mail.externaldomain.com/OWA and your DNS can handle that even if they are in the intranet. Setup up the web.config options in your CAS server.

http://www.symantec.com/business/support/index?page=content&id=TECH141519

EnterpriseVault_ExternalWebAppURL - set to HTTPS://mail.externaldomain.com/enterprisevault

EnterpriseVault_UseExternalWebAppURL    -set to true

5. There are some fancy settings to allow otherwise I.e. If you do use a different OWA URL internally..and another externally the CAS extensions can inspect the request and route accordingly based on your firewall IP's or DNS names of the request.

Any changes always sych all EV policies to the users (archive task) and restart EV services 

6. undo the damage you are in currently... Set your default web URL back to what it was and configure your external web app URL as above and. Any issues check Browser error..is it 404? DNS? 401 2? Authentication? 

Troubleshooting:

turn on logging on CAS server side and search for 404 or 40x errors - http://www.symantec.com/business/support/index?page=content&id=TECH166086

- Check IIS logs on EV server and CAS server and filter by your test EV account.

- turn on the EV client tracing to troubleshoot outlook anywhere http://www.symantec.com/business/support/index?page=content&id=TECH38096

- for Search and Archive explorer the problem is most probably the external web app URL config / or incorrect reverse proxy firewall rules - it will manifest as a DNS error in your browser or authentication error

- you can dtrace w3wp on the EV server and search or download.asp for any calls to archive explorer or search but I doubt this is the issue

update here or contact support if needed

 

 

0 Kudos