Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 962
  • Last Modified:

Exchange 2007 AutoDiscover

HI

I have set up an exchange server with the following.

Windows Server 2008 Enteprise on a 2003 Server Domain with 2 domain controllers.
Exchange seemed to be working fine until i reinstalled network card drivers to make use of jumbo frames on one nic, and ever since i have been getting asked for a password in outlook 2007. test-outlookwebservices failed with error 1013 and 1006. Outlook anywhere is enabled and i have a valid godaddy ucc certificate for autodiscover.mydomain.com and webmail.mydomain.com.

My internal dns server points clients to webmail.mydomain.com for everything and when testing autodiscover in outlook 2007 everything looks fine. I wned to test get-webservicesvirtualdirectory | fl name,internalurl,externalurl and i get an access is denied error. I am thinking it is something to do with authentication on iis7 to the 2003 domain controllers.

Can anyone offer any advice?
0
dogsnaps
Asked:
dogsnaps
  • 6
  • 6
1 Solution
 
dogsnapsAuthor Commented:
hi all i have managed to fix the test get-webservices error if i was to open ems as administrator. However i still get the error 1013 when testing outlook web services.
0
 
LegendZMPrincipal Security ArchitectCommented:
0
 
dogsnapsAuthor Commented:
hi

i have tried that, and added the registry edit, set the binary to 0xff and still have the error. thanks for the suggestions though.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LegendZMPrincipal Security ArchitectCommented:
0
 
dogsnapsAuthor Commented:
hi, i have tried that an still get an error going to https://localhost/autodiscover/autodiscover.xml. when going to local host i get a certificate error but i dont with my fqdn, meaning my certificate is properly loaded. the output is errorcode 600 invalid request.

i am assuming this is not correct? From this i figured that it is more than a loobback issue.
0
 
LegendZMPrincipal Security ArchitectCommented:
I believe the 600 error code is normal when accessing the autodiscover address internally, What happens if you try to use a real outlook 2007 client?
0
 
dogsnapsAuthor Commented:
outlook 2007 works fine when on the domain and i originally had a heap of password issues with connecting over  https (outlook anywhere) but seem to have resolved those, yet i still cannot test-outlookwebservices.
0
 
LegendZMPrincipal Security ArchitectCommented:
What are your authentication settings on IIS7?
0
 
dogsnapsAuthor Commented:
on the default website they are this:
anonymous and windows
on the autodiscover they are:
basic and windows
on the iis server
anonymous and windows.
should i add basic here or not?
0
 
LegendZMPrincipal Security ArchitectCommented:
Try adding basic to default website, also try removing windows,
Try adding anonymous for auto discover
try adding basic to iis server
0
 
LegendZMPrincipal Security ArchitectCommented:
If that doesn't work, try removing / re-adding the CAS role, would probably fix it up
0
 
dogsnapsAuthor Commented:
Thanks for that it worked a treat!
0
 
FrenchWalkerCommented:
I Solved it. You can try disabling ASP.NET Impersonation, Disable Anonymous, Digest and Forms. Enable Windows and Basic ONLY for autodiscover and EWS.

After numerous forums, pulling hair out this definately resolved for us.

We have a Communications CERT, set the internal to local domain ie domain.local, external to public domain ie domain.com.au and all works well.

Good luck.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now