Mandev23
asked on
How do you solve autodiscover issues in Exchange 2007?
I have recently been configuring Exchange server 2007. However i am facing a few issues, which all seem to be related to the 'autodiscover' service.. when clients open Outlook 2007 they have a security alert related to 'autodiscover.our-local-do main.co.uk ' which says the certificate does name does not match, do you want to continue, click yes/no.. ??
When configuring outlook 2007 in 'offline' mode, users get the error '(0x8004010F) The operation failed: An object cannot be found' which again is related to the OAB...
Test email auto-configuation does not work, yet i've set the internal/external OWA, OAB, webservices in the exchange command shell
I am using IIS 6.0, i have 1 default website, with one certificate pointing to the FQDN of the server, so users on the network can authenticate to (https://apple.romgroup.com/owa) however externally users access OWA via https://apple.romgroup.co.uk/owa, so i get a certificate name error again, i'm hoping this can be solved by purchasing a SAN certificate?
When configuring outlook 2007 in 'offline' mode, users get the error '(0x8004010F) The operation failed: An object cannot be found' which again is related to the OAB...
Test email auto-configuation does not work, yet i've set the internal/external OWA, OAB, webservices in the exchange command shell
I am using IIS 6.0, i have 1 default website, with one certificate pointing to the FQDN of the server, so users on the network can authenticate to (https://apple.romgroup.com/owa) however externally users access OWA via https://apple.romgroup.co.uk/owa, so i get a certificate name error again, i'm hoping this can be solved by purchasing a SAN certificate?
ASKER
Ok, i will look into this. I am currently trialing one by Verisign. but how can i solve errors like (0x8004010F) The operation failed: An object cannot be found' (when using outlook in offline mode) and the autodiscover security alert when outlook 2007 opens? unless i solve the autodiscover issue users will have problems with out-of-hours service as well....
i have also read i need a windows DNS entry for autodiscover.rom.co.uk (rom being our local domain), so i created a new zone and added that in pointing it to the internal IP our Exchange server.... also we would need a public DNS pointing to Exchange servers public IP i would have thought..?
i have also read i need a windows DNS entry for autodiscover.rom.co.uk (rom being our local domain), so i created a new zone and added that in pointing it to the internal IP our Exchange server.... also we would need a public DNS pointing to Exchange servers public IP i would have thought..?
You are correct that you also need a public DNS.
http://msexchangeteam.com/archive/2007/04/30/438249.aspx
http://technet.microsoft.com/en-us/library/bb332063.aspx
http://msexchangeteam.com/archive/2007/04/30/438249.aspx
http://technet.microsoft.com/en-us/library/bb332063.aspx
ASKER
I have added the public DNS entry. I think the problem i have is to with public folder replication on server, i cannot replicate the OAB. Can anyone help me diagnose this so i dont get the error (0x8004010F) The operation failed: An object cannot be found'.
ASKER
hello, does anyone else have a solution on the above please....?
Or else
http://msexchangeteam.com/archive/2007/04/19/437902.aspx
This is a very common and vague error.
http://msexchangeteam.com/archive/2007/04/19/437902.aspx
This is a very common and vague error.
http://www.eggheadcafe.com/software/aspnet/32135617/0x8004010f-downloading-oa.aspx
Another set of possble solutions.
Another set of possble solutions.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Hi carolchi
Thanks for the replies, following your recent reply, is it possible to create an SSL create certificate for two domains? - if so how do you do this?, rather than purchasing a SAN cert, i got active sync working with a PDA with an SSL certificate?
Thanks for the replies, following your recent reply, is it possible to create an SSL create certificate for two domains? - if so how do you do this?, rather than purchasing a SAN cert, i got active sync working with a PDA with an SSL certificate?
ASKER
My second question is, i believe the reason i am still getting the (0x8004010F) error is becasue public folder replication is not working on the Exchange serve, below is the error i get when i click on update OAB Version2 in the public folder management console, how can i troubleshoot this?
-------------------------- ---------- ---------- ----------
Microsoft Exchange Error
-------------------------- ---------- ---------- ----------
Action 'Update Content' could not be performed on object 'OAB Version 2'.
OAB Version 2
Failed
Error:
Cannot start content replication against public folder '\NON_IPM_SUBTREE\OFFLINE ADDRESS BOOK\/o=ROM Group Limited/cn=addrlists/cn=oa bs/cn=Addr ess book\OAB Version 2' on public folder database 'APPLE\Public Folders\Public Folder Database'.
MapiExceptionNoReplicaAvai lable: StartContentReplication failed. (hr=0x80004005, ec=1129)
Diagnostic context:
Lid: 1494 ---- Remote Context Beg ----
Lid: 31229 Error: 0x0
Lid: 21970 StoreEc: 0x8004010F PropTag: 0x66980102
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 1267 StoreEc: 0x469
Lid: 19865 StoreEc: 0x469
Lid: 27225 StoreEc: 0x469
Lid: 1750 ---- Remote Context End ----
Lid: 26322 StoreEc: 0x469
-------------------------- ---------- ---------- ----------
OK
-------------------------- ---------- ---------- ----------
--------------------------
Microsoft Exchange Error
--------------------------
Action 'Update Content' could not be performed on object 'OAB Version 2'.
OAB Version 2
Failed
Error:
Cannot start content replication against public folder '\NON_IPM_SUBTREE\OFFLINE ADDRESS BOOK\/o=ROM Group Limited/cn=addrlists/cn=oa
MapiExceptionNoReplicaAvai
Diagnostic context:
Lid: 1494 ---- Remote Context Beg ----
Lid: 31229 Error: 0x0
Lid: 21970 StoreEc: 0x8004010F PropTag: 0x66980102
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 9206 StoreEc: 0x469
Lid: 1267 StoreEc: 0x469
Lid: 19865 StoreEc: 0x469
Lid: 27225 StoreEc: 0x469
Lid: 1750 ---- Remote Context End ----
Lid: 26322 StoreEc: 0x469
--------------------------
OK
--------------------------
I'd suggest opening a new question on this, with a more appropriate title. This is not about autodiscover any more. You'll get a better respose if the question title is accurate.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
hi
i used the below syntax to create a SAN cert with multiple names, the output being c:\romgroup.req which i believe is not a viewable file, what is the next step in using this cert?
i'm hoping to use it so OWA users both internally/externally can authenticate to the FQDN of the server; apple.romgroup.com and the external address of apple.romgroup.co.uk
New-ExchangeCertificate -DomainName apple.romgroup.com, apple.romgroup.co.uk, autodiscover.rom.co.uk, autodiscover.rom-tech.co.u k, autodiscover.rfa-tech.co.u k, -FriendlyName
RomGroup -GenerateRequest:$True -Keysize 1024 -path c:\romgroup.req -privatekeyExportable:$tru e -subjectName "c=uk, o=Rom, CN=apple.romgroup.com"
or if someone can show me how to setup exchange 2007 to use one URL for OWA which is the server name; for both internal and external access, please? - this would be better...
i used the below syntax to create a SAN cert with multiple names, the output being c:\romgroup.req which i believe is not a viewable file, what is the next step in using this cert?
i'm hoping to use it so OWA users both internally/externally can authenticate to the FQDN of the server; apple.romgroup.com and the external address of apple.romgroup.co.uk
New-ExchangeCertificate -DomainName apple.romgroup.com, apple.romgroup.co.uk, autodiscover.rom.co.uk, autodiscover.rom-tech.co.u
RomGroup -GenerateRequest:$True -Keysize 1024 -path c:\romgroup.req -privatekeyExportable:$tru
or if someone can show me how to setup exchange 2007 to use one URL for OWA which is the server name; for both internal and external access, please? - this would be better...
http://www.digicert.com/subject-alternative-name.htm
Or you can make your own if you are prepared to have your users trust a private certificate.