Exchange 2010 SP2 Client Access Outlook profile RPC endpoint changes

There are some fundamental changes after installation of Exchange 2010 SP2 Update Rollup 3 (RU3) or later. Description of Update Rollup 3 for Exchange Server 2010 Service Pack 2.


RPC Client Access – The RPC Client Access service provides data access to any mailbox server through a single, common path of the Client Access server
RPC endpoint – This relates to the Outlook profile RPC endpoint, the client access server in which Outlook connects to, see screenshot below. This hostname is internally resolvable only.



In earlier versions of Exchange Server 2010, client connection requests were not redirected to other CAS servers. Therefore, the endpoints were not used in a site that was not exposed to the Internet. The CAS server to which the client connected would connect directly to the mailbox server. Additionally, the user Outlook profiles were not updated. Because the user Outlook profiles were not updated, availability issues might occur if a mailbox was moved to a different site.

After installation of Exchange Server 2010 SP2 RU3, Exchange Server tries to redirect connection requests and update the user profile intelligently. This can result in better performance and increased availability.

Two primary changes:


With Cross-Site Database Switchover/Failover (*over) Events

  • Prior to this rollup changing the property AllowCrossSiteRPCClientAccess (using Set-DatabaseAvailabilityGroup) to true of false didn’t have any effect on the client behavior.
  • The AllowCrossSiteRPCClientAccess property now controls whether cross-site RPC client access is allowed with database switchover/Failover.
  • With this rollup the default value of AllowCrossSiteRPCClientAccess property is $False, the Outlook profile’s RPC endpoint will be updated to be the RPC Client Access Server array that is in the same AD site where the database is active and mounted.
  • If you set the AllowCrossSiteRPCClientAccess property value to $true, in the event that the database is activated cross site, the users will continue to leverage the RPC Client Access array in the AD site where the mailbox database with the lowest activation preference value resides as their connectivity endpoint.

To see current settings:

Get-DatabaseAvailabilityGroup | fl AllowCrossSiteRPCClientAccess

To change the setting to true:

Get-DatabaseAvailabilityGroup | Set-DatabaseAvailabilityGroup -AllowCrossSiteRPCClientAccess:$true


When moving mailboxes between Active Directory sites, all versions of Outlook will get prompted to restart and the Outlook profile’s RPC endpoint will be updated "The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook".

To disable this behavior and move mailboxes between active directory sites without having the outlook profile updated (thus no outlook restart prompt), add this registry setting to the Client Access server(s):

Value Name: EnablePreferredSiteEnforcement
Data Type: REG_DWORD
Value: 0ddddd

Add this registry setting with PowerShell:
New-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\MSExchangeRPC\ParametersSystem -Name EnablePreferredSiteEnforcement -PropertyType DWord -Value 0

To remove this registry setting:
Remove-ItemProperty -path HKLM:\System\CurrentControlSet\Services\MSExchangeRPC\ParametersSystem -Name EnablePreferredSiteEnforcement

To get same functionality that you had prior to installing Exchange 2010 SP2 Update Rollup 3 (RU3) or later, two things need to be done:

  • Set AllowCrossSiteRPCClientAccess to $true (no change to RPC endpoint with Cross-Site Database *over Events)
  • Use the registry entry EnablePreferredSiteEnforcement and set it to 0 on Client Access servers. (no change to RPC endpoint with mailbox moves)


Restart Outlook prompt post Exchange 2010 SP2 rollup 3+
Outlook Anywhere clients cannot connect to a CAS server after you apply Exchange Server 2010 SP2 RU3

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s