OUTLOOK 2K7 & 2K10 FOR PROXY WIN7

1. Outlook 2007/2010 and Windows 7
During the course of migration from XP to a windows 7 environment the rules on how programs operate has changed. In Windows XP one could load up programs, load a proxy server setting, and go about your business if not on the web. Not true anymore. In windows 7 if a program needs access to the internet then all programs are deemed to go through internet options. This can be disastrous when needing to institute a web proxy. In each case with Outlook when trying to open via RPC over HTTP users receive a prompt for username and password. This is annoying and unproductive. If the user chooses cancel a prompt in Outlook will change to say needing password where the connection should reside. In order to get around this, organizations with remote users taking advantage of Outlook over RPC are going to need to make a few modifications to allow for Outlook to function appropriately.

2. The Infamous XML File
Outlook 2010 uses xml files to authenticate to specific items. One of these items is to use a configuration that will bypass proxy and allow outlook to use the https:// rpc protocol with msstd. This XML file needs to be placed in the directory: C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\Name.xml Name= your organization name. If you are mail.aloha.com then your file will be aloha.xml Here is an example of the XML file that you need. <?xml version="1.0" encoding="utf-8" ?> <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> <Account> <AccountType>email</AccountType> <Action>redirectUrl</Action> <RedirectUrl>https://mail.aloha.com/autodiscover/autodiscover.xml</RedirectUrl> </Account> </Response> </Autodiscover> Save this and rename it to your organization.

On a machine that is operating remotely open Outlook and allow the connection to the Exchange server to be made. Open regedit and go to: [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover] One there two keys need to be created. Making the appropriate adjustments to Registry In order for Outlook to take advantage of this XML file a registry needs to be modified which allows outlook to default over. Once created put in the value of the xml location as seen here: C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha. Testing Autodiscover with these files in place.com to the cert.3. This will bring up a new window which allows username credentials to be added.XML After creating this registry the next key to create is a regular dword value and name it: PreferLocalXML Assign the value in decimal to this dword =1 4. One is regular string value named aloha. You will see the option to test the Autodiscover. At this point two options are available. One is to install a single certificate on the exchange server that is multi-domain capable and add autodiscover. It is still good to go ahead and check Autodiscover to make sure however. . If autodiscover continues to fail this is a function of the exchange server not having the appropriate certificate. Once you have copied these items to the PC it is time to test Autodiscover and make sure if it working correctly. The other option is to set up a secondary cert on the exchange server.aloha. If no prompts come up and Outlook says connected to Exchange then everything should be okay. hold down the ctrl key and click the icon. To do this go down to the Outlook Icon in the system tray.com. Once these are unchecked choose the test button to begin the test If Autodiscover completes successfully a log file view will show this status. It is important that when testing the “use guessmart” and “secure gessmart authentication are unchecked.

xml" . strKeyPath = "HKCU\Software\Microsoft\Office\14."REG_DWORD" strKeyPath = "HKCU\Software\Microsoft\Office\12.5.RegWrite strKeyPath. ' Author James Mosley ' August 17th 2010 ' -----------------------------------------------------------------' 'Delcare all administrative overhead Option Explicit 'Comment this out for testing. strValue2 Dim dwValue 'Create an object that is going to the work as a user. strValue. The simplest way to do this is through the logon script option in GPO.0\Outlook\Autodiscover\PreferLocalXML" dwValue = 1 objShell.Shell") 'This allows for creation of the key at the path provided all together."REG_SZ" strKeyPath = "HKCU\Software\Microsoft\Office\14.com" 'Assign the value that you wish to have within the key strValue = "C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\aloha. Optional objShell. Please note the following VBscript which will install the file as well as change the appropriate registry. Deploying the registry changes and xml file through GPO. The last value states whay type of key it is going to be."REG_SZ" objShell. ' Editing the Registry and File Copy for Websense.strValue.com" strValue = "C:\Program Files (x86)\Microsoft Office\Office12\OutlookAutoDiscover\aloha.xml" strValue2 = "C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha. Set objShell = CreateObject("Wscript.vbs ' Objective: ' ' VBScript to change registry and file copy for Websense: Will allow Outlook to function appropriately when out of the office.RegWrite strKeyPath. Dim objShell Dim strKeyPath. Now that outlook is working on one machine it is time to create a GPO and get this applied to all machines affected.strValue2.RegWrite strKeyPath.0\Outlook\Autodiscover\aloha.0\Outlook\Autodiscover\aloha.dwValue.xml" 'Called method to actually write the key that we want. On Error Resume Next 'Declare Variables that will be used for the script.

_ "C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha.microsoft. Included are additional steps which should help in getting a multiple certificate infrastructure set up.strValue.com/en-us/library/bb332063%28EXCHG. True FSO. Exchange 2007 and the Autodiscover certificate The information provided here is additional troubleshooting if autodiscover is still failing in the organization.0\Outlook\Autodiscover\PreferLocalXML" strValue = "PreferLocalXML" dwValue = 1 objShell.RegWrite strKeyPath.aspx#Scenario3 . _ "C:\Program Files (x86)\Microsoft Office\Office12\OutlookAutoDiscover\aloha.XML".XML". _ "C:\Program Files\Microsoft Office\Office12\OutlookAutoDiscover\aloha.objShell.XML". http://msexchangeteam.com/archive/2007/04/30/438249. True wscript.dwValue.CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.RegWrite strKeyPath. It is of interesting note that this fix is not 100% accurate for the multiple certificate issue.CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.XML".XML".CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.XML". True FSO. _ "C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\aloha.XML". Please see the link below and follow along.FileSystemObject") 'Copy all of the files from a unique location to the place that we want.aspx Note that it is important to configure your SCP to point to the appropriate url. The context of configuring the SCP can be found at: http://technet."REG_SZ" strKeyPath = "HKCU\Software\Microsoft\Office\12.80%29."REG_DWORD" '======================================================================' 'Declare the variables that are going to copy our files to allow for Outlook to bypass Autodiscover Dim FSO 'Create the object that is going to be a worker process Set FSO = CreateObject("Scripting. Note the use of the "_" 'For line continuation FSO.XML". True FSO.CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.quit 6.

Test outlook settings. Lastly included are the steps taken with Microsoft when resolving autodiscover using two certs. . Also done from the exchange command shell. Properties of the autodiscover should be identical to default web site.0 for the new web site from a command prompt (especially if this is a 64bit OS install): cscript %SYSTEMDRIVE%\inetpub\adminscripts\ads util.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0 %SYSTEMROOT%\Microsoft. Remove-AutodiscoverVirtualDirectory -Identity "swhqex04\Autodiscover (Default Web Site)" (Say Y to remove. It is assumed that the administrator understands websites. Set-ClientAccessServer -identity <servername> https://autodiscover. Correcting SSL Certificate with WebSite (Two separate SSL EXCH Hub) 1. Turn off both guess smart. Make sure that you provide additional IP and DNS addressing internal and external. From the exchange command shell: Get-AutodiscoverVirtualDirectory New-AutodiscoverVirtualDirectory -WebSiteName "Autodiscover Web Site" If you receive an error then remove the old autodiscover first and then re-add. Re-register ASP 2.) 5.exe -i (Note: it will say there may have been errors but that is normal) iisreset 3. Close IISManager and re-open.) (Re-add the default autodiscover and then add the new autodiscover on the website. Create a new Exchange SCP pointing to the site.xml -AutodiscoverServiceInternalUri 6. The autodiscover should be gone. Look at log and you should see two fails and then a succeed. 2.contoso.com/autodiscover/autodiscover. etc. Create a new website named: Autodiscover Web Site Add your SSL certificate at the root.) New-AutodiscoverVirtualDirectory (Check to make sure they are created. directories.0. The above is provided as a framework and does not imply that ALL steps are provided.50 727\aspnet_regiis. Home directory should point to Inetputb\wwwroot default 4.” This article also contains good information regarding the autodiscover service.Scroll down in this section and locate the “Step2: Modify the Service Connection Point.NET\Framework64\v2.

Sign up to vote on this title
UsefulNot useful