KB ID 0001548
Problem
Note: Applies to Exchange 2019, 2016, and 2013.
This is pretty much PART TWO, of presenting ‘Exchange Web Services’ using Web Application Proxy. Back in PART ONE we looked at publishing OWA and ECP, and that required having an ADFS server. To present the other web services, e.g Outlook Anywhere, Exchange Active Sync, Offline address book etc. You don’t need ADFS, you simply use ‘pass through‘ authentication with your WAP Server, directly to Exchange.
Solution
Before you start, you need to make sure in addition to the DNS records we used for OWA and ECP, you also need to be able to publicly resolve your Autodiscover record. I prefer doing this with public SRV records, see the following article for clarification;
Creating an AutoDiscover SRV Record
You now need, to make sure that the URLs that Exchange uses for it’s web services are set correctly, to do that use the following PowerShell commands;
[box]
Get-OutlookAnywhere |select InternalHostname,ExternalHostname Get-OABVirtualDirectory |select InternalUrl,ExternalUrl Get-ActiveSyncVirtualDirectory |select InternalUrl,ExternalUrl Get-WebServicesVirtualDirectory |select InternalUrl,ExternalUrl Get-MapiVirtualDirectory |select InternalUrl,ExternalUrl Get-ClientAccessService |select AutoDiscoverServiceInternalUri
[/box]
Make sure your internal URLS are resolvable inside and your external/public URL’s are resolvable outside, (To the public IP address of your WAP Server).
Exchange URLS To Publish with WAP
As with the URLs we published previously remember to publish them with a trailing ‘slash’. You need to publish and ‘Reverse Proxy‘ the following URLs;
Outlook Anywhere: https://mail.ubique.com/rpc/
Offline Address Book: https://mail.ubique.com/oab/
Active-Sync: https://mail.ubique.com/Microsoft-Server-ActiveSync/
Exchange Web Services: https://mail.ubique.com/EWS/
MAPI: https://mail.ubique.com/MAPI/
Autodiscover: https://mail.ubique.com/Autodiscover/
Note: Obviously your domain will have a different name!
Publish Outlook Anywhere with WAP
From the ‘Remote Access Management Console’ > Publish > Next.
Give the Published rule a sensible name like “Outlook Anywhere” > Enter the URL’s, and select your public certificate > Next.
Publish.
Close
Publish Active Sync with WAP
Active Sync is required for phones and mobile devices that cannot use Outlook Anywhere. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Offline Address Book with WAP
Offline Address Book is required by devices to download a cached copy of the global address list. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Exchange Web Services with WAP
Exchange Web Services allow clients to access calendars, contacts and scheduling information remotely. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Exchange MAPI with WAP
Mail Application Programming Interface (over HTTPS) if the default connection protocol in modern Exchange deployments. To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Publish Exchange Web Services with WAP
If you’ve used Exchange since version 2007, you will know how important Autodiscover is, (probably because of the headaches caused when it’s not setup correctly!) To publish this rule repeat the procedure above, but at the Publishing Setting page use the following settings.
Final Sanity Check
When complete, your WAP settings should look like this, (this is for all the pass-through, AND ADFS published settings).
Once setup correctly, Outlook should work fine externally, like so;
Related Articles, References, Credits, or External Links
NA