OUTLOOK 2K7 & 2K10 FOR PROXY WIN7

1. Outlook 2007/2010 and Windows 7
During the course of migration from XP to a windows 7 environment the rules on how programs operate has changed. In Windows XP one could load up programs, load a proxy server setting, and go about your business if not on the web. Not true anymore. In windows 7 if a program needs access to the internet then all programs are deemed to go through internet options. This can be disastrous when needing to institute a web proxy. In each case with Outlook when trying to open via RPC over HTTP users receive a prompt for username and password. This is annoying and unproductive. If the user chooses cancel a prompt in Outlook will change to say needing password where the connection should reside. In order to get around this, organizations with remote users taking advantage of Outlook over RPC are going to need to make a few modifications to allow for Outlook to function appropriately.

2. The Infamous XML File
Outlook 2010 uses xml files to authenticate to specific items. One of these items is to use a configuration that will bypass proxy and allow outlook to use the https:// rpc protocol with msstd. This XML file needs to be placed in the directory: C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\Name.xml Name= your organization name. If you are mail.aloha.com then your file will be aloha.xml Here is an example of the XML file that you need. <?xml version="1.0" encoding="utf-8" ?> <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> <Account> <AccountType>email</AccountType> <Action>redirectUrl</Action> <RedirectUrl>https://mail.aloha.com/autodiscover/autodiscover.xml</RedirectUrl> </Account> </Response> </Autodiscover> Save this and rename it to your organization.

The other option is to set up a secondary cert on the exchange server. . Once these are unchecked choose the test button to begin the test If Autodiscover completes successfully a log file view will show this status. At this point two options are available. One is regular string value named aloha. To do this go down to the Outlook Icon in the system tray.com. Once you have copied these items to the PC it is time to test Autodiscover and make sure if it working correctly. Open regedit and go to: [HKEY_CURRENT_USER\Software\Microsoft\Office\14. It is important that when testing the “use guessmart” and “secure gessmart authentication are unchecked. It is still good to go ahead and check Autodiscover to make sure however.com to the cert. hold down the ctrl key and click the icon.XML After creating this registry the next key to create is a regular dword value and name it: PreferLocalXML Assign the value in decimal to this dword =1 4. One is to install a single certificate on the exchange server that is multi-domain capable and add autodiscover. Testing Autodiscover with these files in place. If autodiscover continues to fail this is a function of the exchange server not having the appropriate certificate. Making the appropriate adjustments to Registry In order for Outlook to take advantage of this XML file a registry needs to be modified which allows outlook to default over. If no prompts come up and Outlook says connected to Exchange then everything should be okay.3.aloha. On a machine that is operating remotely open Outlook and allow the connection to the Exchange server to be made. You will see the option to test the Autodiscover. Once created put in the value of the xml location as seen here: C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha.0\Outlook\AutoDiscover] One there two keys need to be created. This will bring up a new window which allows username credentials to be added.

xml" 'Called method to actually write the key that we want."REG_SZ" strKeyPath = "HKCU\Software\Microsoft\Office\14.xml" strValue2 = "C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha.RegWrite strKeyPath.com" 'Assign the value that you wish to have within the key strValue = "C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\aloha. Dim objShell Dim strKeyPath. strValue2 Dim dwValue 'Create an object that is going to the work as a user. The last value states whay type of key it is going to be. ' Author James Mosley ' August 17th 2010 ' -----------------------------------------------------------------' 'Delcare all administrative overhead Option Explicit 'Comment this out for testing. On Error Resume Next 'Declare Variables that will be used for the script."REG_DWORD" strKeyPath = "HKCU\Software\Microsoft\Office\12.strValue2. ' Editing the Registry and File Copy for Websense."REG_SZ" objShell.0\Outlook\Autodiscover\PreferLocalXML" dwValue = 1 objShell.Shell") 'This allows for creation of the key at the path provided all together. Deploying the registry changes and xml file through GPO.com" strValue = "C:\Program Files (x86)\Microsoft Office\Office12\OutlookAutoDiscover\aloha.dwValue. Optional objShell.RegWrite strKeyPath.RegWrite strKeyPath. strValue.0\Outlook\Autodiscover\aloha. strKeyPath = "HKCU\Software\Microsoft\Office\14. The simplest way to do this is through the logon script option in GPO.vbs ' Objective: ' ' VBScript to change registry and file copy for Websense: Will allow Outlook to function appropriately when out of the office.0\Outlook\Autodiscover\aloha. Please note the following VBscript which will install the file as well as change the appropriate registry. Set objShell = CreateObject("Wscript.strValue. Now that outlook is working on one machine it is time to create a GPO and get this applied to all machines affected.xml" .5.

CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.XML".com/en-us/library/bb332063%28EXCHG.aspx Note that it is important to configure your SCP to point to the appropriate url."REG_DWORD" '======================================================================' 'Declare the variables that are going to copy our files to allow for Outlook to bypass Autodiscover Dim FSO 'Create the object that is going to be a worker process Set FSO = CreateObject("Scripting.80%29. Exchange 2007 and the Autodiscover certificate The information provided here is additional troubleshooting if autodiscover is still failing in the organization.XML". It is of interesting note that this fix is not 100% accurate for the multiple certificate issue. True wscript.XML". Note the use of the "_" 'For line continuation FSO. Included are additional steps which should help in getting a multiple certificate infrastructure set up. True FSO."REG_SZ" strKeyPath = "HKCU\Software\Microsoft\Office\12.objShell. _ "C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha.CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.dwValue.XML".RegWrite strKeyPath.aspx#Scenario3 . True FSO.strValue.RegWrite strKeyPath.XML". True FSO. _ "C:\Program Files\Microsoft Office\Office12\OutlookAutoDiscover\aloha.CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.FileSystemObject") 'Copy all of the files from a unique location to the place that we want.XML".XML".quit 6. _ "C:\Program Files (x86)\Microsoft Office\Office12\OutlookAutoDiscover\aloha. _ "C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\aloha.com/archive/2007/04/30/438249. The context of configuring the SCP can be found at: http://technet.XML". Please see the link below and follow along.microsoft. http://msexchangeteam.0\Outlook\Autodiscover\PreferLocalXML" strValue = "PreferLocalXML" dwValue = 1 objShell.

vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0 %SYSTEMROOT%\Microsoft. directories. Turn off both guess smart. Properties of the autodiscover should be identical to default web site. Test outlook settings.NET\Framework64\v2.xml -AutodiscoverServiceInternalUri 6.com/autodiscover/autodiscover.) New-AutodiscoverVirtualDirectory (Check to make sure they are created. Re-register ASP 2. Correcting SSL Certificate with WebSite (Two separate SSL EXCH Hub) 1. etc. Also done from the exchange command shell.0.) 5. Create a new website named: Autodiscover Web Site Add your SSL certificate at the root.exe -i (Note: it will say there may have been errors but that is normal) iisreset 3. Lastly included are the steps taken with Microsoft when resolving autodiscover using two certs. Set-ClientAccessServer -identity <servername> https://autodiscover. 2. The autodiscover should be gone.50 727\aspnet_regiis. From the exchange command shell: Get-AutodiscoverVirtualDirectory New-AutodiscoverVirtualDirectory -WebSiteName "Autodiscover Web Site" If you receive an error then remove the old autodiscover first and then re-add. .contoso. Close IISManager and re-open. Look at log and you should see two fails and then a succeed. Make sure that you provide additional IP and DNS addressing internal and external. Home directory should point to Inetputb\wwwroot default 4.” This article also contains good information regarding the autodiscover service. Remove-AutodiscoverVirtualDirectory -Identity "swhqex04\Autodiscover (Default Web Site)" (Say Y to remove. It is assumed that the administrator understands websites. Create a new Exchange SCP pointing to the site.) (Re-add the default autodiscover and then add the new autodiscover on the website. The above is provided as a framework and does not imply that ALL steps are provided.Scroll down in this section and locate the “Step2: Modify the Service Connection Point.0 for the new web site from a command prompt (especially if this is a 64bit OS install): cscript %SYSTEMDRIVE%\inetpub\adminscripts\ads util.