1

I am trying to allow access to Outlook(MS Office Standard 2016) access through an Active Directory Group Policy proxy I have created.

I am allowing a specific set of websites to a specific set of workstations. I have made this work by:

a) removing Firefox, Chrome, and IE11 from the workstation, leaving only Edge, and

b) in Group Policy(User Config->Preferences->Windows Settings->Registry), I have configured registry keys to set up a dummy proxy server, and then override it to allow the specific websites through. It may not be pretty, but it is working.

When I have set up the above configuration, I find that Outlook is showing a "Disconnected" status with this Group Policy. What parameters in the ProxyOverride need to be configured to allow Outlook access through the proxy?

Windows Server 2016/Active Directory -- Windows 10 environment -- Outlook(MS Office Standard 2016)

Thanks for your input!

Clyde

Clyde Reed
  • 11
  • 1
  • What email server is Outlook connecting to and where? An on premises server or something such as Office 365, Gmail, etc.? – joeqwerty Jan 20 '21 at 01:03
  • Sorry, missed that detail--we are connecting to our Exchange Server. We are an offsite location with our own domain connecting to our parent domain and Exchange Server. – Clyde Reed Jan 20 '21 at 16:47
  • Run a packet capture on one of the affected machines and launch Outlook and find out what endpoints Outlook is trying to connect to. Than add that to your bypass list. You can also use Outlooks email autoconfiguration test to find out what endpoints it's trying to connect to. – joeqwerty Jan 21 '21 at 01:48
  • Joe, thank you for that--just as you outlined here, I ran a packet capture, found the endpoints Outlook was using, and plugged them into my bypass list, and now I can access Outlook through the proxy settings. – Clyde Reed Jan 21 '21 at 23:32
  • Glad to help... – joeqwerty Jan 22 '21 at 00:59

1 Answers1

0

If your Outlook is connecting to Exchange server internally, you should add the SCP record to the override list. Run the following command on your server to check the URL: Get-ClientAccessServer | fl AutoDiscoverServiceInternalUri

Eric
  • 61
  • 1
  • We are not connecting to our Exchange server internally, we are an off-site branch of our parent with our own separate domain. Essentially we are an "outside" organization accessing the Exchange server. – Clyde Reed Jan 20 '21 at 16:49