In this article, we are going to learn about Outlook Anywhere, it’s Evolution and its Functionalities.
Outlook Anywhere was first introduced in way back Exchange 2003 version. This protocol eradicated the traditional way of accessing the corporate email with VPN Connections. This was a huge relief for the remote users and IT Administrators, thus can save the VPN traffic. Basically Outlook Anywhere allows users to access or connect their mailboxes from outside the network without VPN or any other specialized connections. All the other internal (inside the network) users used RPC/MAPI/MAPI over HTTP for connections based on the version of Exchange and Outlook client. This was until Exchange 2010, but in Exchange 2013, Microsoft made a major change to this protocol and made all the outlook to connect using Outlook Anywhere (Both Internal and External). If user using either Outlook or Outlook Anywhere, if recovery is needed we can use a OST 2 PST recovery software
In the Legacy versions of Exchange, Outlook users who are inside the network (Internal Users) used Remote Procedure Call (RPC) through Transmission Control Protocol/Internet Protocol (TCP/IP) and Outlook Anywhere for External connectivity. But after Exchange 2013 this was completely changed, irrespective of the network, Outlook uses Outlook Anywhere (RPC over HTTPS) for the connections. This drastically reduced the RPC traffic inside the network (LAN Connectivity). Outlook Anywhere basically encapsulates RPC traffic inside HTTPS.
Advantages of Outlook Anywhere:
- Remote access of mailbox from Internet is made easy.
- Necessity of VPN is eradicated.
- Apart from the traditional ports, no additional open ports are required for email connectivity.
- Single namespace is enough for configuration. Namespace of Outlook Web App or Exchange ActiveSync can be used.
Deploying Outlook Anywhere:
Before deploying Outlook Anywhere there are certain things that needs to be understood. In Exchange 2010 Outlook Anywhere is used only for external Connections, hence Client Access Servers which are internet facing only should be enabled. But in Exchange 2013, both for Internal and External connections Outlook Anywhere is used. Hence all the Client Access Server should be enabled with Outlook Anywhere.
Similarly if there is a Coexistence of Exchange2007/2010 with Exchange 2013, then all your Client Access Server should have Outlook Anywhere Enabled, this is mainly because of the major change that happened in Exchange 2013. Microsoft has restructured the proxy engine for Outlook Anywhere in Exchange Server 2013. The old proxy engine rpcproxy.dll was replaced with httpproxy.dll. Because of this Exchange 2013 cannot handle the direct RPC traffic and thus it needs to proxy the connection to one of its legacy CAS servers. So this indicates that if you still have 2007/2010 Mailboxes that uses RPC, you should have a legacy Client Access Server.
Outlook Anywhere is by default enabled in Exchange 2013, since all Outlook connections are made through this, but we should exclusively enable Outlook Anywhere in legacy servers. The best way to enable is use the Exchange Powershell. So prior to enabling Outlook Anywhere you should have valid SSL certificate. You can also use a self-signed certificate but you should manually add it into the Trusted Certificate Authority in every client computer which is a tedious process.
Enabling Outlook Anywhere:
To enable Outlook Anywhere open the Exchange Powershell and use the below command.
Enable-OutlookAnywhere -Server “exch2010-cas01” -ExternalHostname “email.datanumen.com” -ClientAuthenticationMethod Basic -SSLOffloading $false –IISAuthenticationMethods “Basic, NTLM”
For any organization that has co-existence, the best practice is to set the IISAuthentication to NTLM & Basic. By now you have understood some basic functionalities and features of Outlook Anywhere and happy learning.
Sophia Mao is a data recovery expert in DataNumen, Inc., which is the world leader in data recovery technologies, including repair pst mail problem and word recovery software products. For more information visit www.datanumen.com