Instagram X-twitter
TL-Logo-small
Github X-twitter Linkedin

Outlook Anywhere – Message: The underlying connection was closed: The connection was closed unexpectedly.

Recent Visitor 82

I ran into this problem a while back and thought I’d share my troubleshooting steps with the other professionals out there.

When trying to configure Outlook Anywhere at Some Company and using the https://www.testexchangeconnectivity.com/ to test, I kept getting the following error:

clip_image002[14] Testing Http Authentication Methods for URL https://mail.domain.ca/rpc/rpcproxy.dll
Http Authentication Test failed
clip_image003[48] Additional Details
Exception Details:
Message: The underlying connection was closed: The connection was closed unexpectedly.
Type: System.Net.WebException
Stack Trace:
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.GetSupportedHttpAuthMethods()
at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.PerformTestReally()

Here’s the detailed test results:

clip_image005[4] Connectivity Test Failed
Test Details
clip_image002[15] Testing RPC/HTTP connectivity
RPC/HTTP test failed
clip_image003[49] Test Steps
clip_image007[12] Attempting to test Autodiscover for mailto:tluk@domain.ca
Successfully tested Autodiscover
clip_image003[50] Test Steps
clip_image007[13] Attempting each method of contacting the AutoDiscover Service
The AutoDiscover Service was successfully tested.
clip_image003[51] Test Steps
clip_image002[16] Attempting to test potential AutoDiscover URL
Failed testing this potential AutoDiscover URL
clip_image003[52] Test Steps
clip_image009[30] Attempting to resolve the host name domain.ca in DNS.
Host successfully resolved
clip_image003[53] Additional Details
IP(s) returned: 99.999.999.99
clip_image009[31] Testing TCP Port 443 on host domain.ca to ensure it is listening and open.
The port was opened successfully.
clip_image002[17] Testing SSL Certificate for validity.
The SSL Certificate failed one or more certificate validation checks.
clip_image003[54] Test Steps
clip_image002[18] Validating certificate name
Certificate name validation failed
clip_image010[4] Tell me more about this issue and how to resolve it
clip_image003[55] Additional Details
Host name domain.ca does not match any name found on the server certificate CN=webmail.domain.ca, OU=Domain Control Validated, O=webmail.domain.ca
clip_image007[14] Attempting to test potential AutoDiscover URL https://autodiscover.domain.ca/AutoDiscover/AutoDiscover.xml
Testing AutoDiscover URL succeeded
clip_image003[56] Test Steps
clip_image009[32] Attempting to resolve the host name autodiscover.domain.ca in DNS.
Host successfully resolved
clip_image003[57] Additional Details
IP(s) returned: 99.999.999.99
clip_image009[33] Testing TCP Port 443 on host autodiscover.domain.ca to ensure it is listening and open.
The port was opened successfully.
clip_image007[15] Testing SSL Certificate for validity.
The certificate passed all validation requirements.
clip_image003[58] Test Steps
clip_image009[34] Validating certificate name
Successfully validated the certificate name
clip_image003[59] Additional Details
Found hostname autodiscover.domain.ca in Certificate Subject Alternative Name entry
clip_image012[6] Validating certificate trust
The test passed with some warnings encountered. Please expand additional details.
clip_image003[60] Additional Details
Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ’s from your Certificate Authority for more information.
clip_image009[35] Testing certificate date to ensure validity
Date Validation passed. The certificate is not expired.
clip_image003[61] Additional Details
Certificate is valid: NotBefore = 5/6/2010 3:34:15 PM, NotAfter = 5/6/2013 3:34:15 PM”
clip_image009[36] Attempting to send AutoDiscover POST request to potential autodiscover URLs.
Successfully Retrieved AutoDiscover Settings by sending AutoDiscover POST.
clip_image003[62] Test Steps
clip_image009[37] Attempting to Retrieve XML AutoDiscover Response from url https://autodiscover.domain.ca/AutoDiscover/AutoDiscover.xml for user mailto:tluk@domain.ca
Successfully Retrieved AutoDiscover XML Response
clip_image003[63] Additional Details
AutoDiscover Account Settings
XML Response:
<?xml version=”1.0″?>
<Autodiscover xmlns:xsi=”https://www.w3.org/2001/XMLSchema-instance” xmlns:xsd=”https://www.w3.org/2001/XMLSchema” xmlns=”https://schemas.microsoft.com/exchange/autodiscover/responseschema/2006″>
<Response xmlns=”https://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a”>
<User>
<DisplayName>Terence Luk</DisplayName>
<LegacyDN>/o=domain/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=TLuk</LegacyDN>
<DeploymentId>86ca6927-bc9f-43d0-8d7a-2b694bd93d75</DeploymentId>
</User>
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>EXCH</Type>
<Server>hq-exch1.domain.local</Server>
<ServerDN>/o=Domain/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=HQ-EXCH1</ServerDN>
<ServerVersion>720280B0</ServerVersion>
<MdbDN>/o=Domain/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=HQ-EXCH1/cn=Microsoft Private MDB</MdbDN>
<ASUrl>https://hq-exch1.domain.local/EWS/Exchange.asmx%3c/ASUrl>
<OOFUrl>https://hq-exch1.domain.local/EWS/Exchange.asmx%3c/OOFUrl>
<OABUrl>https://hq-exch1.domain.local/OAB/0fa5be65-3c78-4ad4-826d-0775ea7cbc91/%3c/OABUrl>
<UMUrl>https://hq-exch1.domain.local/UnifiedMessaging/Service.asmx%3c/UMUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<PublicFolderServer>hq-exch1.domain.local</PublicFolderServer>
<AD>hq-dc2.domain.local</AD>
<EwsUrl>https://hq-exch1.domain.local/EWS/Exchange.asmx%3c/EwsUrl>
</Protocol>
<Protocol>
<Type>EXPR</Type>
<Server>mail.domain.ca</Server>
<OABUrl>https://mail.domain.ca/OAB/0fa5be65-3c78-4ad4-826d-0775ea7cbc91/%3c/OABUrl>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<SSL>On</SSL>
<AuthPackage>Basic</AuthPackage>
</Protocol>
<Protocol>
<Type>WEB</Type>
<Port>0</Port>
<DirectoryPort>0</DirectoryPort>
<ReferralPort>0</ReferralPort>
<External>
<OWAUrl AuthenticationMethod=”Fba”>https://webmail.domain.com/owa%3c/OWAUrl>
<OWAUrl AuthenticationMethod=”Fba”>https://webmail.domain.ca/owa%3c/OWAUrl>
</External>
<Internal>
<OWAUrl AuthenticationMethod=”Basic, Fba”>https://hq-exch1.domain.local/owa%3c/OWAUrl>
<OWAUrl AuthenticationMethod=”Basic, Fba”>https://hq-exchange1.domain.local/owa%3c/OWAUrl>
<Protocol>
<Type>EXCH</Type>
<ASUrl>https://hq-exch1.domain.local/EWS/Exchange.asmx%3c/ASUrl>
</Protocol>
</Internal>
</Protocol>
</Account>
</Response>
</Autodiscover>
clip_image009[38] Validating Autodiscover Settings for Outlook Anywhere
Outlook Anywhere Autodiscover Settings validated
clip_image009[39] Attempting to resolve the host name mail.domain.ca in DNS.
Host successfully resolved
clip_image003[64] Additional Details
IP(s) returned: 99.999.999.99
clip_image009[40] Testing TCP Port 443 on host mail.domain.ca to ensure it is listening and open.
The port was opened successfully.
clip_image007[16] Testing SSL Certificate for validity.
The certificate passed all validation requirements.
clip_image003[65] Test Steps
clip_image009[41] Validating certificate name
Successfully validated the certificate name
clip_image003[66] Additional Details
Found hostname mail.domain.ca in Certificate Subject Alternative Name entry
clip_image012[7] Validating certificate trust
The test passed with some warnings encountered. Please expand additional details.
clip_image003[67] Additional Details
Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ’s from your Certificate Authority for more information.
clip_image009[42] Testing certificate date to ensure validity
Date Validation passed. The certificate is not expired.
clip_image003[68] Additional Details
Certificate is valid: NotBefore = 5/6/2010 3:34:15 PM, NotAfter = 5/6/2013 3:34:15 PM”
Http Authentication Test failed
clip_image003[69] Additional Details
Exception Details:
Message: The underlying connection was closed: The connection was closed unexpectedly.
Type: System.Net.WebException
Stack Trace:
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.GetSupportedHttpAuthMethods()
at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.PerformTestReally()

As it turns out, when the RPC Windows component is installed, “Enable anonymous access” is enabled. The correct setting should be “Integrated Windows authentication” and “Basic authentication”.

clip_image014[4]

Once the proper settings were checked and iisreset was ran, the test ran correctly with:

clip_image009[43] Testing Http Authentication Methods for URL https://mail.domain.ca/rpc/rpcproxy.dll
Http Authentication Methods are correct
clip_image003[70] Additional Details
Found all expected authentication methods and no disallowed methods. Methods Found: Basic, Negotiate, NTLM
Back to Blogs

Hello! My name is Terence Luk and welcome to my blog.

About me

Follow me:

Github X-twitter Linkedin

Categories

Related Posts

10 Responses

  1. Thank you very much for this information. I recently worked on an active sync issue which was resolved after installing sp2 for exchange 2003. Unfortunately this broke RPCoverHTTP. I had searched several webistes prior to with no success. Your permissions on the RPC directory was spot on!

  3. Just helped me out as well. Much appreciated Terence. I had ripped out IIS and client access and reinstalled them, and set up virtual directories again. RPC over HTTP had defaulted to anonymous after reinstalling just like you said.

    Thanks for posting!

  4. Thank you for taking the time to post this.

    I had already checked a bunch of IIS settings (including this one) from the excellent article at https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_1798-Exchange-2003-Activesync-Connection-Problems-FAQ.html. The settings was right, and after a reboot the problem persisted. I wouldn't have checked the settings again except for you having the exact cause listed here. I checked again and sure enough anonymous was set! It's as though the change was made but the UI didn't update until a restart. In any event unticking it fixed the issue.

  6. Greatly appreciated! Worked for me as well. Exchange 2003 on Windows 2003 Server Standard Edition SP2.

  10. Thank you so much for leaving this topic live on your blog. It just saved my bacon. You da man!

Subscribe to the mailing list to receive posts updates!

Sign up for my newsletter to see new photos, tips, and blog posts. Do not worry, we will never spam you.

Dive deep into the world of cloud computing with expert insights, tips, and tutorials tailored specifically for architects, engineers, and developers.

Github X-twitter Linkedin

Categories

Recent Posts

  • 2025 Terence Luk. All rights reserved.