After a full night we have come to the conclusion, Outlook Anywhere and IPv6 is a tricky combination.
We had successfully used RPC/HTTP service on our Exchange 2003 Exchange server and now were going through the migration process to 2007. We tend to use old software and update later mainly due to two reasons. a) Stability and b) The old versions has a smaller footprint. This is important since all the servers are actually VM’s supported by VMWARE.
Original Setup:
Windows 2003 Domain Controller x2
ISA 2006 on Windows 2003 Server x1
Exchange 2003 on Windows 2003 Server NonDC x1
Proposed Setup:
Windows 2003 Domain Controller x2
ISA 2006 on Windows 2003 Server x1
Exchange 2007 on Windows 2008 Server NonDC x1
We transferred mailboxes and public folders to the new server using the following link, probably the best description out the vast majority of documents available if you Google
http://www.msexchange.org/tutorials/Transitioning-Exchange-2000-2003-Exchange-Server-2007-Part1.html
Then there was the removal of the last Exchange 2003 Server, since there was only one it is the removal of Exchange 2003 from that server.
The following article was used.
http://technet.microsoft.com/en-us/library/bb288905(EXCHG.80).aspx
Now this is where we had fun re-establishing Outlook Anywhere to work. We had existing users working but could not add new users. We have provided a list following steps that hopefully may help someone else life a little easier.
Exchange 2007 is service Pack 1, this is where the majority of the articles on the internet describe 2007 main problem with IPv6. However there are so many articles and some have a few more tweaks then others.
Some of the steps we tried but were still unsuccessful, the two ways I tested the success rating was https://www.testexchangeconnectivity.com and trying it with an External Outlook profile and Internal Outlook profile.
(The changes were made offsite, logging into the server remotely, also a desktop remotely in the LAN, so it made the offsite testing easier)
Disable IPv6: IPv6 is how Windows AD now communicate by default, but it also what causes the Exchange 2007 SP1 Outlook Anywhere issue. Now from my tests we knew the RPC was working via existing users, this meant that listening PORT 6001 and 6002 was working correctly but 6004 which is the DSproxy and gives the Outlook Clients the directory services was not. This explains why we could not create new users. – Still Unsuccessful
Host File Modification: Disabling was not enough in the Network Interface Card to stop IPv6, since you only disabling from the nic you are not disabling it from looking at localhost IPv6 is still the main process for Directory Services- change made were to REM out ::1, and add mail.domain.com and mailserver.domain.local to 127.0.0.1 – Still Unsuccessful
We will not go into detail in bypassing the DS Proxy service, it was still not working as intended and there are many articles on the internet. We cannot tell you the best article as we could not get them to fix our situation.
We explained the steps above primary to illustrate, how critical IPv6 is. We decided then to upgrade to Exchange Service Pack 3. Still with the options described above. The Exchange Service Pack upgrade failed at restarting the ‘system attendant’. After reviewing the log file the follow was populated MSExchange ADaccess EventID 2114 “Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=5716). Topology discovery failed, error 0x80040a02 (DSC_E_NO_SUITABLE_CDC).” A reboot did not fix the issue, it however slowed the process as we could only boot in safe mode due to Exchange not loading. After disabling the Exchange services, it ‘clicked’ that perhaps IPv6 was again once needed. Reversing the above decisions (including registry edits) and re-joining the Exchange Server to the domain and reboot, indeed fixed the Exchange 2007 Services starting.
– Lesson learned: Always reenable IPv6 before applying a Service Packs.
We then reinstalled Service Pack 3 to make sure there was no missing functionality
Installing Service Pack 3 did fix the issue, but Test Exchange Connectivity still fails. However we can add new outlook clients and these clients can see Directory Services. Perhaps ISA is interfering with the connectivity tester.