Solved

Exchange 2007 Autodiscover Help

Posted on 2009-07-01
5
883 Views
Last Modified: 2012-05-07
I am having a devil of a time making Autodiscover work on an Exchange 2007 CAS server.  

I've been over the settings, UCC cert domains and URLs until my eyes are bleeding.  The worst part is that I *think* the tests all look good, but I still cannot get Autodiscover, or even Outlook Anywhere, to work on a non-domain member Outlook.

Any help is GREATLY appreciated!  I am at a total loss.  Data is below


DOMAINS & SERVERS:

internal=IntDomain.corp
external=ExtDomain.com
CAS=svr-exch-01


GODADDY 3RD PART CERT SANS:
DNS Name=office.ExtDomain.com
DNS Name=www.office.ExtDomain.com
DNS Name=autodiscover.ExtDomain.com
DNS Name=svr-exch-01
DNS Name=svr-exch-01.IntDomain.corp
DNS Name=mail.ExtDomain.com


OUTLOOK E-MAIL AUTOCONFIGURATION TEST:
Autodiscover to https://ExtDomain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://ExtDomain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
Autodiscover to https://autodiscover.ExtDomain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://autodiscover.ExtDomain.com/autodiscover/autodiscover.xml succeeded (0x00000000)


TEST-OUTLOOKWEBSERVICES | FL:

[PS] C:\>test-outlookwebservices -identity administrator | fl

Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address Administrator@ExtDomain.com.

Id      : 1006
Type    : Information
Message : The Autodiscover service was contacted at https://svr-exch-01.IntDomain.corp/Autodiscover/Autodiscover.xml.

Id      : 1016
Type    : Success
Message : [EXCH]-Successfully contacted the AS service at https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx. The elapsed time was 437 milliseconds.

Id      : 1015
Type    : Success
Message : [EXCH]-Successfully contacted the OAB service at https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id      : 1014
Type    : Success
Message : [EXCH]-Successfully contacted the UM service at https://svr-exch-01.IntDomain.corp/UnifiedMessaging/Service.asmx. The elapsed time was 874 milliseconds.

Id      : 1013
Type    : Error
Message : When contacting https://office.ExtDomain.com/EWS/Exchange.asmx received the error The request failed with HTTP status 401: Unauthorized.

Id      : 1016
Type    : Error
Message : [EXPR]-Error when contacting the AS service at https://office.ExtDomain.com/EWS/Exchange.asmx. The elapsed time was 15 milliseconds.

Id      : 1015
Type    : Success
Message : [EXPR]-Successfully contacted the OAB service at https://office.ExtDomain.com/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id      : 1014
Type    : Success
Message : [EXPR]-Successfully contacted the UM service at https://office.ExtDomain.com/UnifiedMessaging/Service.asmx. The elapsed time was 15 mill
          iseconds.

Id      : 1017
Type    : Success
Message : [EXPR]-Successfully contacted the RPC/HTTP service at https://office.ExtDomain.com/Rpc. The elapsed time was 0 milliseconds.

Id      : 1006
Type    : Success
Message : The Autodiscover service was tested successfully.

Id      : 1021
Type    : Information
Message : The following web services generated errors.
              As in EXPR
          Please use the prior output to diagnose and correct the errors.


GET-WEBSERVICESVIRTUALDIRECTORY | FL NAME,INTERNALURL,EXTERNALURL

[PS] C:\>Get-WebServicesVirtualDirectory | fl name,internalurl,externalurl

Name        : EWS (Default Web Site)
InternalUrl : https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx
ExternalUrl : https://office.ExtDomain.com/EWS/Exchange.asmx


TEST-WEBSERVICESCONNECTIVITY ... -USEAUTODISCOVERFORCLIENTACCESSSERVER:

[PS] C:\>Test-WebServicesConnectivity -MailboxCredential:(get-credential IntDomain\ad
ministrator) -UseAutodiscoverForClientAccessServer

CasServer  MailboxServer       Scenario                                         Result          Latency(MS) Error
---------  ------------- --------        ------  ----------- -----
SVR-EXCH-01                         Autodiscover ClientAccess Server  Success      124.99
svr-exch-01  SVR-EXCH-01   GetFolder                                          Success     9280.66
svr-exch-01  SVR-EXCH-01   SyncFolderItems                               Success     2140.49
svr-exch-01  SVR-EXCH-01   CreateItem                                         Success       578.09
svr-exch-01  SVR-EXCH-01   SyncFolderItems                               Success         31.25
svr-exch-01  SVR-EXCH-01   DeleteItem                                         Success        828.07
svr-exch-01  SVR-EXCH-01   SyncFolderItems                               Success       578.09
1
0
Comment
Question by:irvcon
  • 3
  • 2
5 Comments
 

Author Comment

by:irvcon
ID: 24760977
Forgot one

GET-WEBSERVICESVIRTUALDIRECTORY | FL:

[PS] C:\>get-webservicesvirtualdirectory | fl

InternalNLBBypassUrl          : https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx
Name                          : EWS (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
BasicAuthentication           : True
DigestAuthentication          : False
WindowsAuthentication         : True
MetabasePath                  : IIS://SVR-EXCH-01.DZHP.corp/W3SVC/1/ROOT/EWS
Path                          : C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\EWS
Server                        : SVR-EXCH-01
InternalUrl                   : https://svr-exch-01.InDomain.corp/EWS/Exchange.asmx
ExternalUrl                   : https://office.ExtDomain.com/EWS/Exchange.asmx
AdminDisplayName              :
ExchangeVersion               : 0.1 (8.0.535.0)
DistinguishedName             : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,
                                CN=SVR-EXCH-01,CN=Servers,CN=Exchange Administr
                                ative Group (FYDIBOHF23SPDLT),CN=Administrative
                                 Groups,CN=INTDOMAIN,CN=Microsoft Exchange,CN=Servic
                                es,CN=Configuration,DC=INTDO,DC=corp
Identity                      : SVR-EXCH-01\EWS (Default Web Site)
Guid                          : a44e3d9f-b340-4d2e-8554-ae0d42aa4a46
ObjectCategory                : IntDomain.corp/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass                   : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged                   : 7/1/2009 10:48:01 PM
WhenCreated                   : 7/1/2009 10:44:11 PM
OriginatingServer             : SVR-DC-01.IntDomain.corp
IsValid                       : True
0
 
LVL 6

Accepted Solution

by:
Pret0rian earned 500 total points
ID: 24761510
Go here and run tests and see what errors you get

https://www.testexchangeconnectivity.com/

Remi
0
 

Author Comment

by:irvcon
ID: 24762864
Wow, interesting tool!  Output is below, I will follow up on the troubleshooting link in 30 minutes or so and report back.

I tested Outlook Anywhere with Autodiscover and got this failure:

      Testing NSPI Interface on Exchange Mailbox Server
       An error occured while testing the NSPI Interface.
      Test Steps
       
           Attempting to ping RPC Endpoint 6004 (NSPI Proxy Interface) on server SVR-EXCH-01.IntDomain.corp
       Failed to ping Endpoint
       
      Additional Details
       RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime
0
 

Author Comment

by:irvcon
ID: 24764581
Hrm.  Still Stuck.

I followed the TechNet article reference as follows:

#  Troubleshoot name resolution and confirm that the server acting as the RPC Proxy can properly resolve the internal fully-qualified domain name of the Mailbox server or Exchange 2003 Back-End.
Pinging SVR-EXCH-01.IntDomain.corp [::1] from ::1 with 32 bytes of data:
Reply from ::1: time<1ms

# Open Registry Editor on the CAS or front-end server and confirm that the ValidPorts registry value exists under HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Rpcproxy. Also confirm that the key includes the NetBIOS and fully qualified domain names for all mailbox servers and for each required port, i.e. 6001, 6002, and 6004.
CONFIRMED
SVR-EXCH-01:6001-6002;
SVR-EXCH-01:6004;
svr-exch-01.IntDomain.corp:6001-6002;
svr-exch-01.IntDomain.corp:6004;

# To test endpoint connectivity, open a Telnet session on the CAS or front-end server and Telnet to each port on the mailbox server(s), i.e. 6001, 6002, and 6004. If you are unable to successfully Telnet to any of the ports, and there's a firewall between the servers, check your firewall configuration.
TELNETS:
telnet svr-exch-01 6001 = ncacn_http/1.0
telnet svr-exch-01 6002 = ncacn_http/1.0
telnet svr-exch-01 6004 = ncacn_http/1.0

# If you are receiving this error on port 6004 and are using Exchange 2007 on Windows Server 2008. Ensure you have Exchange 2007 SP1 RU4 or later installed because a problem with IPv6 can cause DSProxy requests to fail with this error. For more information about this specific issue, see the following Microsoft Knowledge Base:950138 You are prompted for your credentials three times and you receive an error message when you use the Outlook Anywhere feature to connect to an Exchange Server 2007 Service Pack 1based server that is running Windows Server 2008
I AM USING E07 RU8 ON SERVER 2008

I became convinced it was that stupid loopback error for IPv6, and editing the Hosts file thusly is what fixed it:

# 127.0.0.1       localhost
# ::1             localhost
192.168.x.x svr-exch-01
192.168.x.x svr-exch-01.IntDomain.corp

Now PING returns:
Pinging svr-exch-01.IntDomain.corp [192.168.x.x] with 32 bytes of data:
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128

-and all is well!  Thank you
0
 
LVL 6

Expert Comment

by:Pret0rian
ID: 24770529
Thats great:-)

Remi
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
exchange 6 32
Error 450 sending internal mail 6 21
exchange, transaction logs 3 28
Rename the Clutter folder in Office365 3 42
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now