Connecting to Exchange over the Internet without VPN

For laptops that are members of a Microsoft Windows Server 2008 Active Directory domain and receive email from an Exchange 2010 server, RPC over HTTP is a huge convenience. This configuration allows users to connect to their Exchange server over any Internet connection without having to connect to the enterprise network by VPN.  One of the tricks to getting this set up correctly, however, is properly configured Autodiscover settings.

The Outlook 2010 Exchange Proxy settings have to be configured correctly for RPC over HTTP to function. If users keep getting an authentication dialog box when Outlook is open, check the proxy settings and make sure that authentication is set to NTLM. If it is set to Basic, the dialog box will keep popping up no matter how many times the user enters their password.  You can change the setting here, but if Autodiscover is not configured correctly, it will reset to Basic Authentication in short order.

If this is happening to you, check to make sure that the EXPR server record on the Exchange server is empty. You can check this with this Exchange Management Shell command:


The server column in the EXPR row should be empty. If a server is listed, fix it using the following EMS command:

Set-OutlookProvider -Identity EXPR -Server $Null

After the change has propagated throughout the organization, the proxy setting will be set to the authentication settings that are listed with this EMS command:

Get-OutlookAnywhere | fl *auth*

If your Outlook Anywhere authentication settings are incorrect, you can modify them with the Set-OutlookAnywhere command in the EMS.

May 17, 2013 by Abe Varughese Category: General IT 0 comments

Recent Posts