Autodiscover connecting to internal AD

Posted on 2009-04-06
Last Modified: 2012-05-06
A quick one for you guys, but I'm going around in circles trying to find a fix.

I've taken on a job to troubleshoot an Exchange 2007 Server on a Server 2008 Standard Edition machine. A SAN certificate has been installed, which has the domains, servername, and listed. ( being the Common Name, the others being Subject Alternate Names).

The firewall has already been configured to allow port 443 through to the server, URLs updated in Exchange and the SSL certificate installed. Outlook (on a non-domain joined machine) does seem to work. However, it is painfully slow in the initial discovery and start-up phases.

What seems to be happening is Outlook is attempting to connect to the internal server name ( rather than the external name ( I've checked every location in Exchange but cannot find where the wrong URL is located.

Any insight would be appreciated as I'm going round in circles. Thanks.
Question by:tigermatt
LVL 10

Assisted Solution

kevala earned 125 total points
ID: 24082733
Can you post a "Test E-Mail AutoConfiguration" with only "Use AutoDiscover" enabled?

Hold CTRL, right-click the Outlook icon, select Test E-mail.....
Check only "Use Autodiscover"
Click Test

Look through the connections on all tabs, post results of results tab and log tab if possible.
LVL 65

Accepted Solution

Mestha earned 250 total points
ID: 24082908
Standard first test:
See what that throws up. It will show you everything the process goes through.
There is an initial connection on the AD name, because Outlook Anywhere doesn't kick in until after that has failed, so a slight delay in connecting is to be expected. However if the Outlook install is in cached mode then Outlook should start correctly.

Where you can get odd things happening is if the server's FQDN resolves externally due to a wildcard on the domain. That will cause things to take longer to time out because it is now a connectivity rather than a name resolution time out.

LVL 13

Assisted Solution

FearNoMore earned 125 total points
ID: 24083194
Hmmm.....have you checked the SCP (Service Connection Point) in ADSIedit?
 DC=<domain>, CN=Configuration, CN=Services, CN=Microsoft Exchange, CN=First Organization, CN=Administrative Groups, CN=Exchange Administrative Group, CN=Servers, CN=<CAS Name>, CN=Protocols, CN=AutoDiscover, CN=<CAS Name
 A similar problem is posted here
LVL 58

Author Comment

ID: 24086211
Well, I've advanced a lot in the last 12 hours. This server had been completely incorrectly configured, which was the cause for Autodiscover to be very slow.

In short, this is what I've now done:

Re-keyed the SSL certificate with the supplier and re-applied the SSL certificate
Reset the configuration of the various Exchange Virtual Directories
Fixed the EAPs and Accepted Domains lists, to include only the client's main domains and none of the other rubbish which was in there
Disabled Autodiscover, rebooted, re-enabled.

And it is now much, much quicker - in fact, whereas configuration in Outlook could take upwards of 5 minutes to detect and make the initial connection, I just made a connection in less than 15 seconds. So, a lot quicker!

Thanks for your help guys. Simon, that test site is particularly useful and is now in my bookmarks. Thanks!

LVL 58

Author Closing Comment

ID: 31567277
All useful information, thank you!

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Distribution List Owner Permissions Lost 2 19
Exchange powershell help 4 25
Email Header Detail 12 54
Exchange Reports 4 25
We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question