Understanding RPC Client Access

In Microsoft Exchange Server 2010, the Client Access server role includes a task that wasn't included in Exchange Server 2007. That new task handles the processing from MAPI clients such as Microsoft Office Outlook. In Exchange 2007, Outlook clients connecting to an Exchange server from inside an organization's firewall would connect directly to the Exchange 2007 Mailbox server. In Exchange 2010, that processing has been moved to the Exchange 2010 Client Access server.

RPC Client Access

The change in Exchange 2010 to move all processing to the Client Access server was implemented to provide all data access through a single, common path of the Client Access server. This change improves consistency for applying business logic to clients, and provides a better client experience when failover occurs. This change also allows a higher number of concurrent connections per server and a higher number of mailboxes per server.

In addition to moving processing of incoming Outlook connections to the Client Access server, in Exchange 2010, directory access is also handled by the Client Access server. For more information about directory access, see Understanding the Address Book Service.

MAPI Client Connections

In Exchange 2007, Outlook and other MAPI clients communicated with the RPC Proxy component installed on the Client Access server for HTTP connections such as Outlook Anywhere, but communicated directly with the MAPI RPC component on the Mailbox server and the NSPI endpoint in Active Directory for Directory Service inquiries.

In Exchange 2010, these connections are made to the MAPI RPC connection point on the Client Access server or the Client Access server array.

Performance Improvements

One of the main improvements with this architecture change is in the client experience. When failover occurred in Exchange 2007, Outlook clients would be disconnected from the mailbox server for between one and fifteen minutes. In Exchange 2010, if a single Client Access server in a Client Access server array fails, the client will immediately reconnect to another Client Access server in the array. If a Mailbox server fails, the client is disconnected for only 30 seconds.

Outlook Client Configuration

When you upgrade your organization to Exchange 2010, your clients running Outlook 2007 or later versions will automatically be compatible with the change to RPC Client Access, since they support RPC encryption by default. Outlook 2003 doesn’t use RPC encryption, however, and RPC Client Access requires it by default. If you haven't turned off RPC encryption, your users will need to configure Outlook 2003 for RPC encryption or you'll need to use a Group Policy to force Outlook 2003 to use RPC encryption.

Symptoms of this problem include the following error messages:

  • Cannot start Microsoft Office Outlook. Unable to open the Office window. The set of folders could not be opened.
  • Unable to open your default e-mail folders. The information store could not be opened.

If your users are using Cached Exchange Mode, Office won't display an error, but will start in disconnected mode.

For more information about this issue, including workarounds, see Outlook Connection Issues with Exchange 2010 Mailboxes.

In addition, UDP notification support was removed from Exchange 2010. As a result, Outlook 2003 can only use polling notifications in online mode. This will result in a slight delay in updates to item status (30 seconds on average with up to a one-minute delay) when changes are made to items in a mailbox accessed by Outlook 2003. There are two workarounds for this issue:

  • Use Outlook 2003 in Cached Exchange Mode.
  • Adjust the polling interval on the Client Access server. This will impact the performance of the Client Access server.

For more information about this issue, see E-mail messages take a long time to send and receive.

Configure Outlook 2003 to Use RPC Encryption

To configure Outlook 2003 to use RPC encryption, use the following steps.

  1. Click Tools > E-Mail Accounts > View or Change an Existing Account.
  2. Select the account and click More Settings.
  3. Select the Security tab.
  4. Select Encrypt data between Microsoft Office Outlook and Microsoft Exchange Server.
  5. Click OK.