Exchange 2007 Autodiscover Help

I am having a devil of a time making Autodiscover work on an Exchange 2007 CAS server.  

I've been over the settings, UCC cert domains and URLs until my eyes are bleeding.  The worst part is that I *think* the tests all look good, but I still cannot get Autodiscover, or even Outlook Anywhere, to work on a non-domain member Outlook.

Any help is GREATLY appreciated!  I am at a total loss.  Data is below


DOMAINS & SERVERS:

internal=IntDomain.corp
external=ExtDomain.com
CAS=svr-exch-01


GODADDY 3RD PART CERT SANS:
DNS Name=office.ExtDomain.com
DNS Name=www.office.ExtDomain.com
DNS Name=autodiscover.ExtDomain.com
DNS Name=svr-exch-01
DNS Name=svr-exch-01.IntDomain.corp
DNS Name=mail.ExtDomain.com


OUTLOOK E-MAIL AUTOCONFIGURATION TEST:
Autodiscover to https://ExtDomain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://ExtDomain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
Autodiscover to https://autodiscover.ExtDomain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://autodiscover.ExtDomain.com/autodiscover/autodiscover.xml succeeded (0x00000000)


TEST-OUTLOOKWEBSERVICES | FL:

[PS] C:\>test-outlookwebservices -identity administrator | fl

Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address Administrator@ExtDomain.com.

Id      : 1006
Type    : Information
Message : The Autodiscover service was contacted at https://svr-exch-01.IntDomain.corp/Autodiscover/Autodiscover.xml.

Id      : 1016
Type    : Success
Message : [EXCH]-Successfully contacted the AS service at https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx. The elapsed time was 437 milliseconds.

Id      : 1015
Type    : Success
Message : [EXCH]-Successfully contacted the OAB service at https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id      : 1014
Type    : Success
Message : [EXCH]-Successfully contacted the UM service at https://svr-exch-01.IntDomain.corp/UnifiedMessaging/Service.asmx. The elapsed time was 874 milliseconds.

Id      : 1013
Type    : Error
Message : When contacting https://office.ExtDomain.com/EWS/Exchange.asmx received the error The request failed with HTTP status 401: Unauthorized.

Id      : 1016
Type    : Error
Message : [EXPR]-Error when contacting the AS service at https://office.ExtDomain.com/EWS/Exchange.asmx. The elapsed time was 15 milliseconds.

Id      : 1015
Type    : Success
Message : [EXPR]-Successfully contacted the OAB service at https://office.ExtDomain.com/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id      : 1014
Type    : Success
Message : [EXPR]-Successfully contacted the UM service at https://office.ExtDomain.com/UnifiedMessaging/Service.asmx. The elapsed time was 15 mill
          iseconds.

Id      : 1017
Type    : Success
Message : [EXPR]-Successfully contacted the RPC/HTTP service at https://office.ExtDomain.com/Rpc. The elapsed time was 0 milliseconds.

Id      : 1006
Type    : Success
Message : The Autodiscover service was tested successfully.

Id      : 1021
Type    : Information
Message : The following web services generated errors.
              As in EXPR
          Please use the prior output to diagnose and correct the errors.


GET-WEBSERVICESVIRTUALDIRECTORY | FL NAME,INTERNALURL,EXTERNALURL

[PS] C:\>Get-WebServicesVirtualDirectory | fl name,internalurl,externalurl

Name        : EWS (Default Web Site)
InternalUrl : https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx
ExternalUrl : https://office.ExtDomain.com/EWS/Exchange.asmx


TEST-WEBSERVICESCONNECTIVITY ... -USEAUTODISCOVERFORCLIENTACCESSSERVER:

[PS] C:\>Test-WebServicesConnectivity -MailboxCredential:(get-credential IntDomain\ad
ministrator) -UseAutodiscoverForClientAccessServer

CasServer  MailboxServer       Scenario                                         Result          Latency(MS) Error
---------  ------------- --------        ------  ----------- -----
SVR-EXCH-01                         Autodiscover ClientAccess Server  Success      124.99
svr-exch-01  SVR-EXCH-01   GetFolder                                          Success     9280.66
svr-exch-01  SVR-EXCH-01   SyncFolderItems                               Success     2140.49
svr-exch-01  SVR-EXCH-01   CreateItem                                         Success       578.09
svr-exch-01  SVR-EXCH-01   SyncFolderItems                               Success         31.25
svr-exch-01  SVR-EXCH-01   DeleteItem                                         Success        828.07
svr-exch-01  SVR-EXCH-01   SyncFolderItems                               Success       578.09
1
irvconAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

irvconAuthor Commented:
Forgot one

GET-WEBSERVICESVIRTUALDIRECTORY | FL:

[PS] C:\>get-webservicesvirtualdirectory | fl

InternalNLBBypassUrl          : https://svr-exch-01.IntDomain.corp/EWS/Exchange.asmx
Name                          : EWS (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
BasicAuthentication           : True
DigestAuthentication          : False
WindowsAuthentication         : True
MetabasePath                  : IIS://SVR-EXCH-01.DZHP.corp/W3SVC/1/ROOT/EWS
Path                          : C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\EWS
Server                        : SVR-EXCH-01
InternalUrl                   : https://svr-exch-01.InDomain.corp/EWS/Exchange.asmx
ExternalUrl                   : https://office.ExtDomain.com/EWS/Exchange.asmx
AdminDisplayName              :
ExchangeVersion               : 0.1 (8.0.535.0)
DistinguishedName             : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,
                                CN=SVR-EXCH-01,CN=Servers,CN=Exchange Administr
                                ative Group (FYDIBOHF23SPDLT),CN=Administrative
                                 Groups,CN=INTDOMAIN,CN=Microsoft Exchange,CN=Servic
                                es,CN=Configuration,DC=INTDO,DC=corp
Identity                      : SVR-EXCH-01\EWS (Default Web Site)
Guid                          : a44e3d9f-b340-4d2e-8554-ae0d42aa4a46
ObjectCategory                : IntDomain.corp/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
ObjectClass                   : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
WhenChanged                   : 7/1/2009 10:48:01 PM
WhenCreated                   : 7/1/2009 10:44:11 PM
OriginatingServer             : SVR-DC-01.IntDomain.corp
IsValid                       : True
0
Pret0rianCommented:
Go here and run tests and see what errors you get

https://www.testexchangeconnectivity.com/

Remi
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
irvconAuthor Commented:
Wow, interesting tool!  Output is below, I will follow up on the troubleshooting link in 30 minutes or so and report back.

I tested Outlook Anywhere with Autodiscover and got this failure:

      Testing NSPI Interface on Exchange Mailbox Server
       An error occured while testing the NSPI Interface.
      Test Steps
       
           Attempting to ping RPC Endpoint 6004 (NSPI Proxy Interface) on server SVR-EXCH-01.IntDomain.corp
       Failed to ping Endpoint
       
      Additional Details
       RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime
0
irvconAuthor Commented:
Hrm.  Still Stuck.

I followed the TechNet article reference as follows:

#  Troubleshoot name resolution and confirm that the server acting as the RPC Proxy can properly resolve the internal fully-qualified domain name of the Mailbox server or Exchange 2003 Back-End.
Pinging SVR-EXCH-01.IntDomain.corp [::1] from ::1 with 32 bytes of data:
Reply from ::1: time<1ms

# Open Registry Editor on the CAS or front-end server and confirm that the ValidPorts registry value exists under HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Rpcproxy. Also confirm that the key includes the NetBIOS and fully qualified domain names for all mailbox servers and for each required port, i.e. 6001, 6002, and 6004.
CONFIRMED
SVR-EXCH-01:6001-6002;
SVR-EXCH-01:6004;
svr-exch-01.IntDomain.corp:6001-6002;
svr-exch-01.IntDomain.corp:6004;

# To test endpoint connectivity, open a Telnet session on the CAS or front-end server and Telnet to each port on the mailbox server(s), i.e. 6001, 6002, and 6004. If you are unable to successfully Telnet to any of the ports, and there's a firewall between the servers, check your firewall configuration.
TELNETS:
telnet svr-exch-01 6001 = ncacn_http/1.0
telnet svr-exch-01 6002 = ncacn_http/1.0
telnet svr-exch-01 6004 = ncacn_http/1.0

# If you are receiving this error on port 6004 and are using Exchange 2007 on Windows Server 2008. Ensure you have Exchange 2007 SP1 RU4 or later installed because a problem with IPv6 can cause DSProxy requests to fail with this error. For more information about this specific issue, see the following Microsoft Knowledge Base:950138 You are prompted for your credentials three times and you receive an error message when you use the Outlook Anywhere feature to connect to an Exchange Server 2007 Service Pack 1based server that is running Windows Server 2008
I AM USING E07 RU8 ON SERVER 2008

I became convinced it was that stupid loopback error for IPv6, and editing the Hosts file thusly is what fixed it:

# 127.0.0.1       localhost
# ::1             localhost
192.168.x.x svr-exch-01
192.168.x.x svr-exch-01.IntDomain.corp

Now PING returns:
Pinging svr-exch-01.IntDomain.corp [192.168.x.x] with 32 bytes of data:
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128

-and all is well!  Thank you
0
Pret0rianCommented:
Thats great:-)

Remi
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.