Microsoft dramatically improved the administration capabilities and simplified the preparation and installation of Microsoft Exchange 2007. I am only covering one specific issue in this blog as I could go on for days about the features of 2007 Exchange Server.
In 2007, they renamed the RPC over HTTP feature that was available on Front End Exchange servers in 2003, to Outlook Anywhere. In all of Microsoft’s documentation they sell this feature as a turn on and and configure within the client feature, however this is not the case as many have discovered. If you simply follow the documentation provided by Microsoft, you will quickly find that it fails to connect using RPC over HTTP even though you have all the settings and your network configured properly.
I banged my head against the wall for weeks searching for the problem to fix this. Luckily there is a great tool provided on the web to help troubleshoot connectivity issues at https://www.testexchangeconnectivity.com/. Using this tool and some other resources I found the root of the problem.
Many sites would say the answer is to simply disable IPv6 all together in order to cure your connection issue. This however, as some might find out the hard way, can cause your information stores to fail to mount. IPv6 is required by Exchange Server to operate and communicate with other Servers in the network. It is only required by certain roles (I am not listing those here), so if you have multiple Exchange servers serving the separate roles, you can get away with this, but in most cases all roles exist on 1 or 2 servers. I also don’t like the “disable” workaround.
The problem is that Server 2008 by default gives priority in the TCP/IP stack to IPv6 addresses. If you ping your server from a command prompt using ping localhost you will notice the reply is from ::1 as opposed to replying with the local loopback IP of 127.0.0.1. Exchange listens on ports 6001, 6002, and 6004 for RPC over HTTP requests, but will not work on IPv6 for some reason. If you perform the netstat command you can see these entries are listening as ::1. They in fact need to listen on IPv4 at the 127.0.0.1 in order for RPC over HTTP to work.
The solution is so simple it makes me sick to my stomach.
1. Open your hosts file at %rootdrive%:\windows\system32\drivers\etc\hosts
It will look like this
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
2. Comment out the last line so that it looks like this
127.0.0.1 localhost
#::1 localhost
3. Add the following entries
<IP of your server here> <FQDN of your server>
<IP of your server here> <Netbios name of your server>
4. Your hosts file now looks like this
127.0.0.1 localhost
#::1 localhost
<Lan IP of your server> <server name>
<Lan IP of your server> <FQDN of server>
5. Ping localhost and you should get reply from 127.0.0.1
Try the connectivity test again and as long as your certificate is correct and from an authorized CA, you now have fixed your Outlook Anywhere issue.
RansomWare-This type of virus is one that is typically distributed through a fake email claiming to have a greeting, card, invoice, check, PO, or something of the sort attached. It can also be published as a fake adobe or java update. In case you aren’t familiar with the utter destruction, you should read here http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/
Basically if you don’t have backup, you have likely lost all of your files. In some iterations it is even smart enough to remove previous versions saved by Windows using VSS so that you can’t simply restore them to yesterday. In 95% of cases, you better have a good backup, I prefer Crashplan, I feel like it is the best backup solution on the market and is very very inexpensive. I have it on every device I own.