Link to home
Create AccountLog in
Avatar of Mandev23
Mandev23

asked on

How do you solve autodiscover issues in Exchange 2007?

I have recently been configuring Exchange server 2007. However i am facing a few issues, which all seem to be related to the 'autodiscover' service.. when clients open Outlook 2007 they have a security alert related to 'autodiscover.our-local-domain.co.uk' which says the certificate does name does not match, do you want to continue, click yes/no.. ??

When configuring outlook 2007 in 'offline' mode, users get the error '(0x8004010F) The operation failed: An object cannot be found' which again is related to the OAB...

Test email auto-configuation does not work, yet i've set the internal/external OWA, OAB, webservices in the exchange command shell

I am using IIS 6.0, i have 1 default website, with one certificate pointing to the FQDN of the server, so users on the network can authenticate to (https://apple.romgroup.com/owa) however externally users access OWA via https://apple.romgroup.co.uk/owa, so i get a certificate name error again, i'm hoping this can be solved by purchasing a SAN certificate?
Avatar of Carol Chisholm
Carol Chisholm
Flag of Switzerland image

You will need a SAN certificate with multiple FQDNs.
http://www.digicert.com/subject-alternative-name.htm
Or you can make your own if you are prepared to have your users trust a private certificate.
Avatar of Mandev23
Mandev23

ASKER

Ok, i will look into this. I am currently trialing one by Verisign. but how can i solve errors like (0x8004010F) The operation failed: An object cannot be found' (when using outlook in offline mode)  and the autodiscover security alert when outlook 2007 opens? unless i solve the autodiscover issue users will have problems with out-of-hours service as well....

i have also read i need a windows DNS entry for autodiscover.rom.co.uk (rom being our local domain), so i created a new zone and added that in pointing it to the internal IP our Exchange server.... also we would need a public DNS pointing to Exchange servers public IP i would have thought..?
I have added the public DNS entry. I think the problem i have is to with public folder replication on server, i cannot replicate the OAB. Can anyone help me diagnose this so i dont get the error (0x8004010F) The operation failed: An object cannot be found'.  
hello, does anyone else have a solution on the above please....?
Or else
http://msexchangeteam.com/archive/2007/04/19/437902.aspx

This is a very common and vague error.
ASKER CERTIFIED SOLUTION
Avatar of Carol Chisholm
Carol Chisholm
Flag of Switzerland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Hi carolchi

Thanks for the replies, following your recent reply, is it possible to create an SSL create certificate for two domains? - if so how do you do this?, rather than purchasing a SAN cert, i got active sync working with a PDA with an SSL certificate?
My second question is, i believe the reason i am still getting the (0x8004010F) error is becasue public folder replication is not working on the Exchange serve, below is the error i get when i click on update OAB Version2 in the public folder management console, how can i troubleshoot this?

--------------------------------------------------------
Microsoft Exchange Error
--------------------------------------------------------
Action 'Update Content' could not be performed on object 'OAB Version 2'.

OAB Version 2
Failed
Error:
Cannot start content replication against public folder '\NON_IPM_SUBTREE\OFFLINE ADDRESS BOOK\/o=ROM Group Limited/cn=addrlists/cn=oabs/cn=Address book\OAB Version 2' on public folder database 'APPLE\Public Folders\Public Folder Database'.

MapiExceptionNoReplicaAvailable: StartContentReplication failed. (hr=0x80004005, ec=1129)
Diagnostic context:
    Lid: 1494    ---- Remote Context Beg ----
    Lid: 31229   Error: 0x0
    Lid: 21970   StoreEc: 0x8004010F PropTag: 0x66980102
    Lid: 9206    StoreEc: 0x469    
    Lid: 9206    StoreEc: 0x469    
    Lid: 9206    StoreEc: 0x469    
    Lid: 9206    StoreEc: 0x469    
    Lid: 9206    StoreEc: 0x469    
    Lid: 1267    StoreEc: 0x469    
    Lid: 19865   StoreEc: 0x469    
    Lid: 27225   StoreEc: 0x469    
    Lid: 1750    ---- Remote Context End ----
    Lid: 26322   StoreEc: 0x469    




--------------------------------------------------------
OK
--------------------------------------------------------
I'd suggest opening a new question on this, with a more appropriate title. This is not about autodiscover any more. You'll get a better respose  if the question title is accurate.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
hi

i used the below syntax to create a SAN cert with multiple names, the output being c:\romgroup.req which i believe is not a viewable file, what is the next step in using this cert?

i'm hoping to use it so OWA users both internally/externally can authenticate to the FQDN of the server; apple.romgroup.com and the external address of apple.romgroup.co.uk

New-ExchangeCertificate -DomainName apple.romgroup.com, apple.romgroup.co.uk, autodiscover.rom.co.uk, autodiscover.rom-tech.co.uk, autodiscover.rfa-tech.co.uk, -FriendlyName
 RomGroup -GenerateRequest:$True -Keysize 1024 -path c:\romgroup.req -privatekeyExportable:$true -subjectName "c=uk, o=Rom, CN=apple.romgroup.com"

or if someone can show me how to setup exchange 2007 to use one URL for OWA which is the server name; for both internal and external access, please? -  this would be better...