ITS Exchange Service

Modifying Outlook 2003 to Work with Exchange 2010

With the transition of the ITS Exchange Service to Microsoft Exchange 2010, Outlook 2002/2003 clients will no longer be supported. Ideally, departments should move to using Outlook 2007 or Outlook 2010 clients. However, for technical reasons, some departments may not be able to make this move immediately.

If you need to stay with Outlook 2003 for now, you can use it by enabling encryption in Outlook 2003. Following are two possible methods for accomplishing this:

Method 1: Manually update or create your Outlook profile with RPC encryption

To manually update an existing Outlook 2003 profile so that it uses RPC encryption with Exchange 2010, follow these steps:

  1. In Control Panel, open the Mail item.
  2. Click Show Profiles.
  3. Select your profile, and then click Properties.
  4. Click E-mail Accounts.
  5. Select View or change existing e-mail accounts, and then click Next.
  6. Select the Microsoft Exchange Server account, and then click Change.
  7. In the dialog box that contains your mailbox server and user name, click More Settings.
  8. In the Microsoft Exchange Server dialog box, click the Security tab.
  9. Click to select the Encrypt data between Microsoft Office Outlook and Microsoft Exchange Server check box, and then click OK.
  10. Click Next, and then click Finish.
  11. Click Close, and then click OK.

To manually create a new Outlook 2003 profile so that it uses RPC encryption with Exchange 2010, follow these steps:

  1. In Control Panel, open the Mail item.
  2. Click Add to create a new profile.
  3. Enter a name for your profile, and then click OK.
  4. In the E-mail Accounts dialog box, select Add a new e-mail account, and then click Next.
  5. On the Server Type page of the E-mail Accounts dialog box, select Microsoft Exchange Server, and then click Next.
  6. On the Exchange Server Settings page of the E-mail Accounts dialog box, enter the name of your Exchange 2010 server that has the Client Access Server role.
    Note: This server may differ from the server that hosts your mailbox.
  7. Click More Settings.
  8. Click OK when you receive a "The action could not be completed" error message.
  9. In the Microsoft Exchange Server dialog box that contains the Check Name button, click Cancel.
  10. In the Microsoft Exchange Server dialog box, click the Security tab.
  11. Click to select the Encrypt data between Microsoft Office Outlook and Microsoft Exchange Server check box, and then click OK.
  12. Click Next, and then click Finish.

Method 2: Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

From a client perspective, deploying the Outlook-Exchange encryption setting is probably the simplest solution for organizations that have many Outlook clients. This solution involves a single change on a server (domain controller), and your clients are automatically updated after the policy is downloaded to the client.

The default Group Policy template (Outlk11.adm) for Outlook 2003 Service Pack 3 (SP3) does not contain the policy setting that controls the setting for encryption between Outlook and Exchange. Therefore, you must use a custom Group Policy template to update existing Outlook 2003 profiles so that RPC encryption is used in Outlook-Exchange communication.

To use a custom Group Policy template file (.adm) and to update existing Outlook 2003 profiles by using Group Policy, follow these steps.

  1. Download the following file from the Microsoft Download Center:

    Download the Outlook_2003-Exchange_RPC_Encryption.adm package now.

    Note: The custom .adm template contains the following text.

    CLASS USER

    CATEGORY "Outlook 2003 RPC Encryption"
    CATEGORY "Exchange settings"

    POLICY "Enable RPC Encryption"
    KEYNAME Software\Policies\Microsoft\Office\11.0\Outlook\RPC
    PART "Encrypt data between Microsoft Office Outlook and Microsoft Exchange" CHECKBOX
        VALUENAME EnableRPCEncryption
        VALUEON NUMERIC 1 DEFCHECKED
        VALUEOFF NUMERIC 0
    END PART
    END POLICY

    END CATEGORY
    END CATEGORY
  2. Add the .adm file to your Group Policy Object Editor.

    Note: The steps to add the .adm file to the Group Policy Object Editor vary, depending on the version of Windows that you are running. Also, because you may be applying the policy to an organizational unit (OU) and not to the entire domain, the steps may also vary in this aspect of applying a policy. Therefore, check your Windows documentation for details.

    Go to step 3 after you add the .adm template to the Group Policy Object Editor.

  3. In the Group Policy Object Editor, under User Configuration, expand Classic Administrative Templates (ADM) to locate the policy node for your template. By using the custom .adm template that is provided in step 1, this node will be named "Outlook 2003 RPC Encryption."

  4. Under Outlook 2003 RPC Encryption, select the Exchange settings node.

  5. In the details pane, double-click Enable RPC Encryption.

  6. On the Setting tab, click Enabled, and then leave the Encrypt data between Microsoft Office Outlook and Microsoft Exchange check box selected.

  7. Click OK.

At this point, the policy setting will be applied on your Outlook client workstations when the Group Policy update is replicated. To test this change, run the following command at a command prompt on a client workstation:

gpupdate /force

After you run this command, start Registry Editor on the client workstation to make sure that the following registry data exists on the client:

Key:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Outlook\RPC
DWORD: EnableRPCEncryption
Value: 1

If you see this registry data in the registry, the Group Policy setting has been applied to this client. Start Outlook to verify that this change resolves the errors that are described in the "Symptoms" section.


(Note: these methods have been sourced from methods 2 and 3 of Outlook connection issues with Exchange 2010 mailboxes because of the RPC encryption requirement)


return to the Exchange 2010 Update page