brooklynra
asked on
Outlook Test E-mail Autoconfiguration is generating error 0x800C8203
When I run Test-outlookWebServices, all results on my cas/hub server come
back as successful. It's when I run Test E-mail Autoconfiguration on Outlook
2007 the I get the following errors after it finds the SCP succesfully:
Autodiscover to https://servername.domain.com/autodiscover/autodiscover.xml
FAILED (0x800C8203).
Then it fails over to:
Autodiscover to
https://autodiscover.domain.com/autodiscover/autodiscover.xml FAILED
(0x800C8203).
It appears now that new users aren't getting their profiles created properly
via autodiscover and OOF is broken. Thanks for any help.
back as successful. It's when I run Test E-mail Autoconfiguration on Outlook
2007 the I get the following errors after it finds the SCP succesfully:
Autodiscover to https://servername.domain.com/autodiscover/autodiscover.xml
FAILED (0x800C8203).
Then it fails over to:
Autodiscover to
https://autodiscover.domain.com/autodiscover/autodiscover.xml FAILED
(0x800C8203).
It appears now that new users aren't getting their profiles created properly
via autodiscover and OOF is broken. Thanks for any help.
We just need to make sure that Servername.domain.com should be resolvable internally. We should have the same URL on the CERT as well, and if these condition are met make sure that kernal mode Authenticationi s disabled on the CAS server.
ASKER
I have set both the internalURL and externalURL for the autodiscover service to be the same, and have verified that both are resolvable internally. As far as the Kernal mode - I'm running Windows 2003 Server, so I don't believe this is an option.
To give you a little background - I did run test-outlookwebservices |fl and everything connected just fine. This is happening on clients inside the network as far as outside (we're running Outlook Anywhere on Exchange 2007).
To give you a little background - I did run test-outlookwebservices |fl and everything connected just fine. This is happening on clients inside the network as far as outside (we're running Outlook Anywhere on Exchange 2007).
try running the command "get-ClientAccessServer |fl" and let me know what is the Internal URL is set to?
ASKER
try browsing https://<fqdn>/autodiscover/autodi scover.xml from the client machine and see if you are able to browse it ..
ASKER
I got prompted for a username/password
after i authenticated, i got the following message:
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
- <Response>
- <Error Time="14:06:48.1406250" Id="140494515">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
after i authenticated, i got the following message:
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
- <Response>
- <Error Time="14:06:48.1406250" Id="140494515">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
CHeck if yo have any Proxy Settings in IE of client machine, if Yes remove it.
Also try adding the SCP URL (only FQDN of the server) point to to CAS IP in the host file of the client machine.
Also try adding the SCP URL (only FQDN of the server) point to to CAS IP in the host file of the client machine.
ASKER
No proxy settings set. and i do have entries in the "hosts" file that point to the FQDN.
If you do have entries in the host file try removing them and then run the nslookup and see if you are able to resolve the FQDN (SCP)to the internal IP of the CAS from the client
ASKER
I just did that and re-ran the test configuration...same result. still getting the same error message.
Have you try removing and recreating the Autodiscovervirtual directory?
1. Run Adsiedit.msc
2. Expand CN=Configuration, CN=Microsoft Exchange, CN=<OrganizationName>,
CN=Administrative Groups, CN= Exchange Administrative Group, CN= Servers,
CN=<CAS_ServerName>, CN= HTTP,CN=Autodiscover,CN=<C AS_ServerN ame>
3. Right-click over CN=<CAS_ServerName>, Select Properties
4. Edit the attribute Keywords
5. Add the following enttry 7378f46-2c66-4aa9-a6a6-3e7 a48b19596
6. Run the cmdlet Get-ClientAccessServer <CAS_ServerName> | fl
2. Expand CN=Configuration, CN=Microsoft Exchange, CN=<OrganizationName>,
CN=Administrative Groups, CN= Exchange Administrative Group, CN= Servers,
CN=<CAS_ServerName>, CN= HTTP,CN=Autodiscover,CN=<C
3. Right-click over CN=<CAS_ServerName>, Select Properties
4. Edit the attribute Keywords
5. Add the following enttry 7378f46-2c66-4aa9-a6a6-3e7
6. Run the cmdlet Get-ClientAccessServer <CAS_ServerName> | fl
ASKER
I tried doing that, and still getting the same error message.
ASKER
saakar_rao - I verified that the keyword you recommended was already in the Keywords attribute. I ran test-configuration and still getting same result. Below is the output from the get-clientaccessserver command:
Name : <netbios-name>
OutlookAnywhereEnabled : True
AutoDiscoverServiceCN : <netbios-name>
AutoDiscoverServiceClassNa me : ms-Exchange-AutoDiscover-S ervice
AutoDiscoverServiceInterna lUri : https://<fqdn>/autodiscover/autodi scover.xml
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e 7a48b19596
AutoDiscoverSiteScope : {Default-First-Site}
IsValid : True
OriginatingServer : <internal fqdn - netbios.domain.local>
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=<CAS_SERVERNAME>,CN=Ser vers,CN=Ex change Administrative Group (FYDIBOHF23SPDLT),CN=Admin istrative Groups,CN=<ORGANIZATION_NA ME>,CN=Mic rosoft Exchange,CN=Services,CN=Co nfiguratio n,DC=domai n,DC=local
Identity : DFEXSV01
Guid : 5767ea9b-6790-458f-b585-5c 9ca4694d7e
ObjectCategory : domain.local/Configuration /Schema/ms -Exch-Exch ange-Serve r
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 9/10/2008 5:57:52 PM
WhenCreated : 9/3/2008 6:12:39 PM
Should I consider adjusting the OriginatingServer variable?
Name : <netbios-name>
OutlookAnywhereEnabled : True
AutoDiscoverServiceCN : <netbios-name>
AutoDiscoverServiceClassNa
AutoDiscoverServiceInterna
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e
AutoDiscoverSiteScope : {Default-First-Site}
IsValid : True
OriginatingServer : <internal fqdn - netbios.domain.local>
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=<CAS_SERVERNAME>,CN=Ser
Identity : DFEXSV01
Guid : 5767ea9b-6790-458f-b585-5c
ObjectCategory : domain.local/Configuration
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 9/10/2008 5:57:52 PM
WhenCreated : 9/3/2008 6:12:39 PM
Should I consider adjusting the OriginatingServer variable?
1. Can you ping autodiscover.domain.com from your internal network, if not try creating a host record in your internal DNS
2. What are the port numbers on the Default Web Site, are they the default 80 and 443??
If not try changing them to default, and stop the Website those are using those ports and change them.
2. What are the port numbers on the Default Web Site, are they the default 80 and 443??
If not try changing them to default, and stop the Website those are using those ports and change them.
DO you have the wild card Internal DNS server?
ASKER
1) I did it and i'm getting the same error message (0x800c8203) for autodiscover.x.x
2) Default web is 80 and SSL is 443.
2) Default web is 80 and SSL is 443.
ASKER
Npatang - yes i do have a wildcard set to the internal IP address of the CAS server.
Remove the Wildcard entry from the internal DNS and then flush dns and register dns on the clients and then try the same
ASKER
Npatang - Done. Same result.
have you try with any other client in the domain?
ASKER
I tried it across 3 clients and I'm getting the same issue. The only new thing I've seen is that I'm getting a certificate error when I try the test configuration as it's trying to access autodiscover.domain.com... but that URL does not match the FQDN of the mail server (which is what the SSL certificate has registered.
autodiscover.domain.com is not referenced until about the 3rd FQDN that the Test Configuration tool uses as part of the autoconfiguration query process.
autodiscover.domain.com is not referenced until about the 3rd FQDN that the Test Configuration tool uses as part of the autoconfiguration query process.
DO you have the SAN cert or Single name cert ?
ASKER
Npatang - I have a Single name cert.
saakar - I have already run the instructions listed in http://support.microsoft.com/kb/940726 and I am getting the same results.
saakar - I have already run the instructions listed in http://support.microsoft.com/kb/940726 and I am getting the same results.
ASKER
Does anyone know whether it's mandatory to have multiple FQDNs (i.e. autodiscover.domain.com, mail.domain.com, etc) set up for Autodiscover to work? I would imagine that setting the FQDN registered with the SSL Cert as the URL listed in the SCP settings should suffice. Am I wrong here?
When I run the test configuration in outlook, it does pick up the the proper FQDN listed in SCP, but then it errors out with 0x800C8203 (which according to Microsoft is a DNS related issue). The first URL that the test configuration retrieves is the proper URL. But when that lookup fails, it continues to random URLs such as autodiscover.domain.com, domain.com, etc.
Does this make sense to anyone?
When I run the test configuration in outlook, it does pick up the the proper FQDN listed in SCP, but then it errors out with 0x800C8203 (which according to Microsoft is a DNS related issue). The first URL that the test configuration retrieves is the proper URL. But when that lookup fails, it continues to random URLs such as autodiscover.domain.com, domain.com, etc.
Does this make sense to anyone?
Its good to have Multiple FQDN's on the cert. Anyways try vreatin gthe Autofdiscover record in the internal DNS, if it is failing on SCP it should be able to connect via Autodiscover.. but if you don'thave this URl set on the cert you will get the cert error.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.