Steps to Configure Outlook Anywhere in Exchange 2013

Among all the features supported by Microsoft Exchange Server, Outlook Anywhere is one that was previously known as RPC over HTTP, which came into existence around 2003. It enables Outlook clients to connect to their Exchange Servers anywhere from outside the corporate network as long as there is internet connection using RPC over HTTP Networking component.

In Exchange 2013, Outlook Anywhere feature is enabled by default since it is the primary means to connect Outlook for Exchange, which needed to be enabled manually in case of Exchange 2003 and 2007. However, this feature it needs to be set up correctly to utilize it effectively. The article will be describing detailed steps to configure Outlook Anywhere in Exchange 2013.

Pre-Requisites for Enabling Outlook Anywhere

• RPC over HTTP Feature
  Since Outlook Anywhere comes with Exchange 2013 by default, RPC over HTTP Proxy should also be present. We can verify this by using the steps below.
  1. Go to Start -> Server Manager
  2. Select Features to check if RPC over HTTP Proxy is present
  3. iii. If not, click on Add Features to select it and install
• DNS & Security Certificates
  User need to add mail subdomain that points to CAS server. After setting up the DNS, security certificate for mail..com to CAS server needs to be installed. Hence, it is necessary to have a valid certificate installed on CAS Server to make Outlook Anywhere work properly, if not it will report an error.

How to Configure Outlook Anywhere?

After verifying the pre-requisites for proper working, user can configure Outlook Anywhere in Exchange 2013 by using either Exchange Admin Center (EAC) or Exchange Management Shell (EMS). The steps stated below needs to be followed:

Exchange Admin Center

1. Go to EAC after entering logon credentials, click on Servers on left panel and double-click on Server name
2. User can leave external hostname blank if they want no external clients to connect to Outlook Anywhere through internet. Disabling Outlook Anywhere will ensure only internal users to access Outlook.
3. Go to Outlook Anywhere and ensure that the correct external & internal host name has been specified. Authentication mode can be set to NTLM or Basic
   There are three types of Authentication Exchange supports for Outlook Anywhere feature:
   • Basic Authentication
     Selecting this option will make Outlook prompt for username & password whenever user tries to connect with Exchange.
   • NTLM Authentication
     In this mode, Exchange will not prompt username and password instead current Windows user info is provided by browser through cryptographic exchange using hashing with web server.
   • Negotiate Authentication
     This mode is enabled by default in Exchange 2013 and is the combination of Windows integrated Authentication & Kerberos Authentication. First, Exchange will authenticate using NTLM and if not able to authenticate, will ask client to use username and password.
     Note: Negotiate Authentication can be checked by looking at Outlook Settings -> Account Settings -> More Settings -> Connection -> Exchange Proxy Settings
4. If the user is using SSL Accelerator and needs to use SSL Offloading, tick the option of ‘Allow SSL Offloading’. Otherwise, uncheck the box.
5. Click on Enable to apply the settings for Outlook Anywhere and Finish button to close the wizard.

Exchange Management Shell

Second alternative to configure Outlook Anywhere is through Exchange Management Shell. User will use the following commands and execute it by opening EMS from Start Menu: 
In the above example, CAS named Server1 is enabled for Outlook Anywhere along with external host name as mail.abcd.com, the default authentication mode is set to Basic, and SSL offloading option is selected.

Verify Connectivity of Outlook Anywhere

User can visit the site of Microsoft Remote Connectivity Analyzer to test the connectivity in Exchange such as Outlook Anywhere. Click on Outlook Anywhere (RPC over HTTP) under Exchange Server tab and click on Next. Then, user will fill up the detailed information required and click on Perform Test option. Once completed, a status for successful completion of RPC/HTTP connectivity test will be displayed.

Conclusion

It is necessary to correctly configure Outlook Anywhere in Exchange 2013, as this feature allows clients that use Outlook 2013, 2010 or 2007 have remote access to Exchange Server through internet. The article has described the pre-requisites needed before configuring Outlook Anywhere and the procedures for enabling it, which is possible by using either EAC or EMS.