Monday, 21 May 2007

Connecting to Exchange

I have to admit that this was the job I was dreading. I had visions of having to set up an IMAP connection to Exchange, with all the horrors of having to configure both Exchange and Fedora. In fact, it didn't turn out that way. Connecting to Exchange was relatively easy: the problems came after...

The Linux email client is Evolution. Despite being an open source application, Evolution seems to have been primarily developed by Novell who "sponsor" openSUSE and sell SUSE Linux Enterprise. The recommended way to connect Evolution to Exchange is via Outlook Web Access (OWA.) OWA is the Exchange webmail service and has been available since Exchange Server 5.0. OWA is enabled by default.

In order to connect Evolution to your Exchange server you need to install the Evolution Exchange connector. This is not installed by default on Fedora 6. Fortunately, with yum it is simple to install it:

yum install evolution-connector

Once the connector is installed, you can start Evolution.

If you are starting Evolution for the first time, the Evolution Account Assistant "Mail Configuration" Wizard will fire up to guide you through setting up your mail account. You click "Forward" to begin, and then enter your name and email address on the "Identity" page. Now the interesting bit. on the "Receiving Email" page you need to select "Microsoft Exchange" as the Server Type. If you haven't installed the Exchange connector, "Microsoft Exchange" will not be listed. You need to enter your user name and the OWA URL. This is not as scary as it sounds; the OWA URL is generally just something like:

Click the "Authenticate" button to enter your password and make sure that you can connect to your Exchange server. You can't click "Forward" until you do.

On the "Receiving Options" page, you need to add your GC (Global Catalog) server name. This is probably your Domain Controller, but depending on your domain architecture might not be. There are then some options to select. Perhaps the most crucial is "Automatically synchronize account locally." In other words, keep a copy of your email account on the machine so that you can read your email off line.

Why wouldn't you select this? After all, if you didn't want to access your email off line you could just type your OWA URL into Firefox and view your email that way - that's what it's for after all. The answer is that Evolution allows you per folder synchronization. In other words you can just keep email in specific mail folders locally on the machine. I would like my whole email account available offline, so I ticked the option. To finish setting up your account, you just need to click "Forward", give your account a name, click "Forward" again, and click "Apply" to finish. Evolution creates a new "Exchange" folder and then tries to connect to Exchange.

Unfortunately, it didn't work. What I got was "Error while scanning folders... Could not authenticate to server":

I quick check with Wireshark showed that once again the problem related to authenticating via NTLMSSP. There is obviously a problem with the way I have things set up on Fedora that I will have to investigate. To get things to work I edited my account settings (via "Preferences" on the "Edit" menu) and changed the "Authentication Type" on the "Receiving Email" tab to "Plaintext Password" instead of "Secure Password." I restarted Evolution; Evolution connected to Exchange, and began to synchronize my mail.

And that was when my problems began...

nick said...

Hi David,
I had these issues too. I seem to have resolved them, by deleting my exchange account and recreating with the username defined as domain/username. Others were resolving by deleting the cached local files. My issues seemed to start when I had an exception while some mails were being moved between folders. I could see these emails in their old folders on OWA, but Evolution thought they were in their destination folders. I suspect there is a problem with the corruption of the local cache when Evolution then tries to get properties for emails not on the server etc.

Hope this is useful. A link: