Since I couldn't find anything on the internet that describes how to do a complete Autodiscover reset, I thought I'd write one...
I have spent quite a bit of time testing this in an Exchange 2007 SP3 lab and have fixed an Autodiscover problem on an Exchange 2010 SP1 production environment with the following steps, so it should also work for you. Please try and be on the latest Service Packs for Windows and Exchange as this will solve lots of issues for you and is better for supportability.
This is my first article, so bear with me. If you find this article useful then please vote for it.
Autodiscover complete reset:
Open EMS and do "Get-AutoDiscoverVirtualDirectory | Remove-AutodiscoverVirtualDirectory
Open windows Explorer and rename the ":\Program Files\Microsoft\Exchange Server\ClientAccess\autodiscover
" folder on your CAS server/s
folder from <Exchange install or SP source files, whatever version you have installed>\setup\serverroles\clientaccess\autodiscover
to the ClientAccess
folder mentioned in Step 2
Edit the web.config
file in the ":\Program Files\Microsoft\Exchange Server\ClientAccess\autodiscover"
folder on your CAS servers and replace "%ExchangeInstallDir%
" with "<drive>:\Program Files\Microsoft\Exchange Server\
" or whereever you have your "Exchange Server
" Folder is. If you are running Exchange 2010 then replace it with "<drive>:\Program Files\Microsoft\Exchange Server\V14\
". Be sure to replace <drive>
with the drive letter where Exchange is installed.
On the CAS server/s open Windows Explorer and right-click on the ":\Program Files\Microsoft\Exchange Server\ClientAccess\autodiscover
" folder and the go into it's Properties-->Security-->Permissions
and Add 'Authenticated Users'
to the Autodiscover folder NTFS Permissions with 'Read
', 'Read & Execute'
and 'List folder contents'
permissions. Press OK.
Open EMS and do "New-AutoDiscoverVirtualDirectory
" (you shouldn't have to specify any additional parameters to create it on a single CAS)
Open and Command Prompt and do "IISReset
" (I am not sure you have to do this, but I always like to after so many changes)
Now going to your server on https://<Internal_CAS_Name_on_Certificate>/autodiscover/autodiscover.xml
should result in a credentials prompt, after typing in valid credentials you should get a "ErrorCode=600 Invalid Request page
". Which is what you want and means things are working as they should do. "Test-OutlookWebServices |fl
" in EMS should now work too.
Other Useful info:
If "get-ClientAccessServer |fl
" show the AutoDiscoverServiceInternalUri
is blank(Null) then Test-OutlookWebServices
will give you a "Index was out of range"
error. So basically this means your SCP (Service Connection Point) is blank and doesn't know where to forward your Autodiscover Service request to. So be sure to set a valid internal URL with "get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri "https://<Internal_CAS_Name_on_Certificate>/autodiscover/autodiscover.xml"
If the AutoDiscoverSiteScope value is empty(Null) or assigned to an invalid site then this appears not to cause any issues (in a test environment).
If you are really struggling with your SCP you can delete it and the setting the value of AutoDiscoverServiceInternalUri like in the above bullet point will recreate it for you OR use Split DNS and an internal SRV record
HTTP logs are under C:\Inetpub\logs\logfiles\w3svc1 on Windows 2008, but you shouldn't need them after the reset
If you want detailed Error display in IE when testing from the CAS server = add reg key HKLM\SOFTWARE\Microsoft\Fusion\EnableLog (DWORD) =1 to the registry on the CAS server
By now you should be rid of your Error 500, Error 404 etc. If not, drop a post on this article and I will try and help you.
If you have any questions or queries or additional info then feel free to post it below.