Download one of these versions of Office to your computer: Office Home & Student. Office Home & Business. Office Professional. Office Professional Plus. You will be asked for your Product Key as part of the next steps. Download and install or reinstall Office for Mac 2011. Support ended for Office for Mac 2011 as of September 22, 2016. Open a browser and go to the Office 365 portal ( ). Logon as a (global) administrator. Open the administrator portal and go to Active Users. On the right side, select the user with the activation issues. After selecting the user, go to the section Office installs and select Edit. Remove all invalid registered Office.

-->

Original KB number: 3032395

The article only applies to the Microsoft Outlook connection issues that are caused by the RPC encryption requirement.

Microsoft Office 2011 Activation Server Unavailable

Symptoms

When you start Microsoft Office Outlook by using a profile that includes a mailbox on a server that's running Microsoft Exchange Server 2010, Exchange Server 2013, or Exchange Server 2016, you may receive the following error messages:

Cannot start Microsoft Office Outlook. Unable to open the Outlook window. The set of folders could not be opened.

Unable to open your default e-mail folders. The Microsoft Exchange Server computer is not available. Either there are network problems or the Microsoft Exchange Server computer is down for maintenance.

The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

Unable to open your default e-mail folders. The information store could not be opened.

Outlook could not log on. Check to make sure you are connected to the network and are using the proper server and mailbox name. The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

However, if you're using a cached mode profile, Outlook doesn't display an error. You may experience the following symptoms:

  • Outlook starts in the Disconnected state (the lower-right corner of the Outlook windows displays 'Disconnected,' the screenshot for the state is shown below).

  • Outlook starts and you can send and receive email messages. However, you only see two connections within the 'Microsoft Exchange Connection Status' and you may see the Type Directory displayed as Disconnected/Connecting.

When you try to create a new Outlook profile for a mailbox on a server that's running Exchange 2010 or Exchange Server 2013, you may receive the following error messages:

The action could not be completed. The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

Microsoft Office 2011 Activation Server Unavailable Download

The name could not be resolved. The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

Outlook could not log on. Check to make sure you are connected to the network and are using the proper server and mailbox name. The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

The name could not be resolved. The action could not be completed.

Your Server or Mailbox names could not be resolved.

Resolution

Note

If you are using one of the automated methods (Group Policy or a .prf file), make sure that you fully test the method before you deploy it on a large scale.

Method 1: Update or create your Outlook profile with RPC encryption

Manually update an existing profile

To manually update an existing Outlook profile so that it uses RPC encryption, follow these steps:

  1. In Control Panel, open the Mail item.

  2. Select Show Profiles.

  3. Select your profile, and then click Properties.

  4. Select E-mail Accounts.

  5. Select Microsoft Exchange (send from this account by default) account > Change.

  6. In the dialog box that contains your mailbox server and user name, select More Settings.

  7. In the Microsoft Exchange dialog box, select the Security tab.

  8. Select Encrypt data between Microsoft Office Outlook and Microsoft Exchange > OK (A screenshot for this step can be seen here).

  9. Select Next > Finish.

  10. Select Close > Close > OK.

Deploy a Group Policy setting to update existing Outlook profiles with RPC encryption

From a client perspective, deploying the Outlook-Exchange encryption setting is probably the simplest solution for organizations that have many Outlook clients. This solution involves a single change on a server (domain controller), and your clients are automatically updated after the policy is downloaded to the client.

2011
Outlook 2010

By default, the RPC encryption setting is enabled in Outlook 2010. So you should only deploy this setting by using Group Policy for either of the following reasons:

  • Your original Outlook 2010 deployment disabled RPC encryption between Outlook and Exchange.
  • You want to prevent users from changing the RPC encryption setting in their Outlook profile.

The default Group Policy template for Outlook 2010 contains the Group Policy setting that controls Outlook-Exchange RPC encryption. To update existing Outlook 2010 profiles by using Group Policy, follow these steps:

  1. Download the latest version of the Outlk14.adm Group Policy template.

  2. Add the .adm file to your domain controller.

    Note

    The steps to add the .adm file to a domain controller vary according to the version of Windows that you are running. In addition, because you may be applying the policy to an organizational unit and not to the domain, the steps may also vary for this aspect of applying a policy. Therefore, check your Windows documentation for detailed information.

    Go to step 3 after you add the .adm template to the Local Group Policy Editor.

  3. Under User Configuration, expand Administrative Templates (ADM) to locate the policy node for your template. By using the Outlk14.adm template, this node will be named Microsoft Outlook 2010.

  4. Under Account Settings, select the Exchange node (A screenshot for this step can be seen here).

  5. Double-click the Enable RPC encryption policy setting.

  6. On the Setting tab, select Enabled.

  7. Select OK.

At this point, the policy setting will be applied on your Outlook client workstations when the Group Policy update is replicated. To test this change, run the following command:

After you run this command, start Registry Editor on the workstation to make sure that the following registry data exists on the client:

If you see this registry data in the registry, the Group Policy setting is applied to this client. Start Outlook to verify that the change resolves the problem.

Outlook 2013

By default, the RPC encryption setting is enabled in Outlook 2013. So you should only deploy this setting by using Group Policy for either of the following reasons:

  • Your original Outlook 2013 deployment disabled RPC encryption between Outlook and Exchange.
  • You want to prevent users from changing the RPC encryption setting in their Outlook profile.

The default Group Policy template for Outlook 2013 contains the Group Policy setting that controls Outlook-Exchange RPC encryption. To update existing Outlook 2013 profiles by using Group Policy, follow these steps:

  1. Download the Office 2013 ADM templates.

  2. Add the .admx and .adml files to your domain controller. This adds the Outlook ADM template to make it available in the Local Group Policy Editor.

    Note

    The steps to add the .admx and adml files to a domain controller vary according to the version of Windows that you are running. In addition, because you may be applying the policy to an organizational unit and not to the domain, the steps may also vary for this aspect of policy application. Therefore, check your Windows documentation for detailed information. (This article is labeled for Office 2010. However, it also applies to Office 2013.)

  3. Start the Local Group Policy Editor.

  4. Under User Configuration, expand Administrative Templates (ADM) to locate the policy node for your template. When you use the Outlk15.admx template, this node will be named Microsoft Outlook 2013.

  5. Under Account Settings, select the Exchange node (A screenshot for this step can be seen here).

  6. Double-click the Enable RPC encryption policy setting.

  7. On the Setting tab, select Enabled.

  8. Select OK.

At this point, the policy setting will be applied on your Outlook client workstations when the Group Policy update is replicated. To test this change, run the following command on a workstation:

After you run this command, start Registry Editor on the workstation to make sure that the following registry data exists on the client:

If you see this registry data in the registry, the Group Policy setting is applied to this client. Start Outlook to verify that the change resolves the problem.

Method 2: Disable the encryption requirement on all CAS servers

Important

Microsoft strongly recommends you leave the encryption requirement enabled on your server, and to use one of the other methods listed in this article. Method 2 is only provided in this article for situations where you cannot immediately deploy the necessary RPC encryption settings on your Outlook clients. If you use Method 2 to allow Outlook clients to connect without RPC encryption, please re-enable the RPC encryption requirement on your CAS servers as quickly as possible to maintain the highest level of client-to-server communication.

To disable the required encryption between Outlook and Exchange, follow these steps:

  1. Run the following command in the Exchange Management Shell:

    Note

    The Exchange_server_name placeholder represents the name of an Exchange Server that has the Client Access Server role.

    You must run this cmdlet for all Client Access servers that are running Exchange Server 2010 or later version.

  2. Rerun this command for each Exchange server that has the Client Access Server role. The command also needs to be run on each Mailbox Server role that contains a Public Folder Store. Public Folder connections from the MAPI client go directly to the RPC Client Access Service on the Mailbox server.

  3. After your Outlook clients are updated with the setting to enable encrypted RPC communication with Exchange (see steps provided below), you can re-enable the RPC encryption requirement on your Exchange servers that have the Client Access Server role.

    To re-enable the RPC encryption requirement on your Exchange servers that have the Client Access Server role, run the following command in the Exchange Management Shell:

    Note

    The Exchange_server_name placeholder represents the name of an Exchange server that has the Client Access Server role.

    You must run this cmdlet for all Client Access servers that are running Exchange Server 2010 or later version.

Microsoft Office 2011 Activation Server Unavailable List

Cause

One possible cause is that you're using Outlook and you disable the Encrypt data between Microsoft Office Outlook and Microsoft Exchange profile setting. The default configuration for Exchange Server 2013 requires RPC Encryption from the Outlook client. This prevents the client from being able to connect.

Note

The default Exchange Server 2010 Release to Manufacturing (RTM) configuration requires RPC encryption. This behavior is a change from Exchange Server 2010 Service Pack 1 where the RPC encryption requirement is disabled by default. However, any Client Access Server (CAS) deployed prior to Service Pack 1, or upgraded to Service Pack 1, will retain the existing RPC encryption requirement setting which could still prevent the client from being able to connect.

-->

Note

Office 365 ProPlus is being renamed to Microsoft 365 Apps for enterprise. For more information about this change, read this blog post.

Summary

This article discusses how to troubleshoot the activation issues in Microsoft Office from Office 365. Activation fails and you receive one the following error messages:

We are unable to connect right now. Please check your network and try again later.

Sorry, we can't connect to your account. Please try again later.

More information

This issue might be caused by one of several circumstances. Follow these steps to help troubleshoot the issue. After each step, check to see whether the issue is fixed. If not, proceed to the next step.

Step 1. Identify and fix activation issues by using the Support and Recovery Assistant for Office 365

The Support and Recovery Assistant app runs on Windows PCs and can help you identify and fix activation issues with Office 365. Office 365: Use the Support and Recovery Assistant for Office 365

Step 2. Check whether you're behind a proxy server

Are you behind a proxy server? If you're not sure, ask your administrator. If so, you (or your administrator) might have to change the proxy settings for Windows HTTP clients. To do this, follow these steps:

  1. Open a Command Prompt window as an administrator. To do this, click Start, type cmd.exe in the search box, right-click cmd.exe in the list, and then click Run as administrator.
  2. Type the following command, and then press Enter:

Step 3. Check whether you're behind a firewall

Are you behind a firewall? If you're not sure, ask your administrator. If you're behind a firewall, it might have to be configured to enable access to the following:

  • https://officecdn.microsoft.com
  • https://ols.officeapps.live.com/olsc
  • https://activation.sls.microsoft.com
  • https://odc.officeapps.live.com
  • https://crl.microsoft.com/pki/crl/products/MicrosoftProductSecureServer.crl
  • https://crl.microsoft.com/pki/crl/products/MicrosoftRootAuthority.crl
  • https://crl.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunicationsPCA.crl
  • https://www.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunicationsPCA.crl
  • go.microsoft.com
  • office15client.microsoft.com

Each firewall will have a different method for enable access to these URIs. Check your software's documentation for instructions or ask your administrator to do this for you.

For more information about Microsoft 365 Apps for enterprise URLs and IP addresses, see the following Microsoft article: Office 365 URLs and IP address ranges

Step 4. Check whether you have the appropriate license

  1. Sign in to the Office 365 portal.
  2. Click Settings (), and then click Office 365 settings.
  3. Locate the Assigned licenses area.
  4. If you see The latest desktop version of Office, then you have an Office subscription assigned correctly.
  5. If you don't see The latest desktop version of Office, contact your administrator or see the Office article What Office 365 business product or license do I have?

Step 5. If you previously activated an Office 2013 program on the computer, try to remove the existing product key

To manually remove existing product keys for an Office 2013 program, follow these steps:

  1. Open a Command Prompt window, type one of the following commands, and then press Enter:

    • If you're running 64-bit Windows with 32-bit Office:

    • If you're running 32-bit Windows, or running 64-bit Office with 64-bit Windows:

  2. Examine the output. Look for and locate the last five characters of the installed product key.

  3. Remove all product keys. To remove a product key, type the following command and then press Enter:

Here's an example of the output of steps 5a through 5c:

For more information, see the following Microsoft Knowledge Base articles:

Microsoft Office 2011 Activation Server Temporarily Unavailable

Still need help? Go to Microsoft Community.