No one has responded to this discussion for at least a year, so this information may be out of date. If you're looking for information about this topic, please search for a more recent discussion or post a new question.

ADFS Proxy required???

  • 2 Followers
  • 4 Replies |
  • This post has 1 verified answer |
Answered (Verified) This question is answered
Hi,

I'm trying to configure my Exchange profile from my computer at home. I've tried with auto discover, entering only my name, email address and password.

I click next and it prompts me for a login, so i enter:

christian.summerfield@creatormail.co.uk
*****

After pressing OK, it asks me again for my username/password. I try again, knowing this is my password. After several attempts, it finally disappears and the process ends with "An encrypted connection to your mail server is not available. Click Next to attempt using an unencrypted connection." It then tries to connect and eventually fails on "Search for christian.summerfield@creatormail.co.uk server settings (unencrypted). It asks me to verify my email address and 'connect using'. 

Earlier this week i was able to connect on my Mac computer with Mac mail but now realise i was also connected to our corporate VPN.

Do i need to implement a proxy server with my Active Directory Federation server?

Thanks,
Christian
  • Post Points: 20
Verified Answer
  • Hi Christian,

    I noticed that the service request has been closed, and the issue has been resolved by ensuring the User UPN was entered correctly for Outlook to Autodiscover setup.

    Since you have connected Outlook to Office 365 successfully at home, it is obvious that your ADFS service is working well for both internal and external environments. Based on the situation, there is no need to set up additional proxy federation server for you.

    Thanks,
    Reken Liu

    • Top 50 Contributor
    • Male
    • Post Points: 0
All Replies
  • Hi Christian,

    Based on my query, the autodiscover cname record for your domain has been configured well, and you can test the autodiscover with the Remote Connectivity Analyzer to see if it works well.

    If you have set up SSO with your domain, it is needed to implement a federation proxy server for external using. The ADFS server you set up in your corporate can only provide SSO for internal users, this is the reason that you can login by connecting to your company with VPN.

    For more information about deploying ADFS, please visit Plan for and deploy Active Directory Federation Services 2.0 for use with single sign-on, and you should be able to find the steps and instructions for deploying ADFS proxy server.

    Thanks,
    Reken Liu

    • Top 50 Contributor
    • Male
    • Post Points: 0
    Suggested by
  • Hi Reken,

    Actually, i opened a Service Request for this question and the engineer claims i do not need a proxy on AD FS 2.0 to get Outlook connected to my home computer.

    See his response below:-

    I am just following up on your Service Request, asking whether an additional proxy is needed for your ADFS.

    You should not require an additional proxy server. I am going to provide some information on manually creating an Outlook profile below. I also used the testexchangeconnectivity.com tool, to check two of your accounts; the first, christian.summerfield.creatormail.co.uk, returned Error 421. On MX exchanger, cluster5a eu.messagelabs.com. The other Christian@365.schristian.eu appears to be a cloud based Mailbox with office 365 Exchange records, and has no errors.

    User Experience with Single Sign On. onlinehelp.microsoft.com/.../ff652540.aspx

    Setup Manually:

    1.  Determine the mailbox server name and the proxy server URL. To do this, follow these steps:

                   a. Sign in to the Office 365 portal.

                   b. Click Outlook to open Microsoft Outlook Web App.

                   c. In the upper-right corner of the page, click the Help icon (the question mark), and then click about.

                   d. On the about page, locate and then note the following item:

                                   * Host Address: This will look like "xxxxxxxxxx.outlook.com/owa", where the X's has values.

    2.  Manually configure Outlook to connect to Exchange Online. To do this, follow these steps:

                   a. Click Start, click Control Panel, and then click Mail.

                   b. Click Show Profiles and then click Add.

                   c. Type a name for the profile, and then click OK.

                   d. Click to select the Manually configure server settings or additional server types check box, and then click Next.

                   e. Select Microsoft Exchange, and then click Next.

                   f. In the Server box, type the mailbox server name that you noted in step 1d.

                                   Note: Change the address from "xxxxxxxxxx.outlook.com/owa" into "XXXXXXXXXX.mailbox.outlook.com"

                   g.  Make sure that the Use Cached Exchange Mode option is selected.

                   h.  In the User Name box, type your user name (for example, alias@contoso.com), and then click More Settings.

                   i.  Click the Connection tab.

                   j.  Make sure that the Connect to Microsoft Exchange using HTTP check box is selected, and then click Exchange Proxy Settings.

                   k.  In the Use this URL to connect to my proxy server for Exchange box, type the proxy server URL that you noted in step 1d.

                                   Note: Put in there "XXXXXXXXXX.outlook.com"

                   l.  Make sure that the Only connect to proxy servers that have this principal name in their certificate check box is selected, and then type msstd:outlook.com.

                   m.  Click to select the On fast networks, connect using HTTP first, then connect using TCP/IP check box, and then click to select the On slow networks, connect using HTTP first, then connect using TCP/IP check box.

                   n.  Under Proxy authentication settings, select Basic Authentication.

                   o.  Click OK two times.

                   p.  Click Check Names. When the server name and the user name are displayed with an underline, click Next.

                   q.  Click Finish.

    Can you validate this?

    Thanks,

    Christian

    • Not Ranked
    • Post Points: 0
  • Hi Christian,

    You can try the solution provided by the support engineer. To avoid duplicated support, I would like to ask for the service request number from you, and monitor it in my side. I have sent a private message to you to get the number. Would you please send this ticket number to my by replying my private message? You can read and reply me with the following steps:

    • Go to the Your details section on the right side of the community site.
    • Click Private messages.
    • Click the subject title of the response to read the message.
    • You can reply by using the form in this display."
    • Click Submit Reply.

    Thanks,
    Reken Liu

    • Top 50 Contributor
    • Male
    • Post Points: 0
  • Hi Christian,

    I noticed that the service request has been closed, and the issue has been resolved by ensuring the User UPN was entered correctly for Outlook to Autodiscover setup.

    Since you have connected Outlook to Office 365 successfully at home, it is obvious that your ADFS service is working well for both internal and external environments. Based on the situation, there is no need to set up additional proxy federation server for you.

    Thanks,
    Reken Liu

    • Top 50 Contributor
    • Male
    • Post Points: 0
Page 1 of 1 (5 items)