• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8327
  • Last Modified:

creating a record in DNS for Autodiscover

I have a question regarding creating a record in DNS for Autodiscover in external DNS.

I have a problem with my Autodiscover service.
Please, see the attached screenshot.

I have been trying to make it work for several days already but still get the error:
0x8004010F
Srv record lookup for ----.net failed.

according to this article below, I need to create SVR record in external DNS:
http://support.microsoft.com/kb/940881

In your external DNS zone, remove any HOST (A) or CNAME records for the Autodiscover service.
Use the following parameters to create a new SRV record:
Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: mail.contoso.com

But in other article:
It says that I need to create an A record in DNS.

Anyway, I can't make Autodiscover work properly and can't get rid of the error: 0x8004010F

Please, help.

I don't have split DNS.
I have mydomain.local internally and mydomain.net externally
DNS is hosted with network solutions.

So, I just removed an A record for autodiscover.mydomain.net on the external DNS( Network Solutions) and added SVR record for autodiscover.mail.mydomain.net
I followed this article.
http://support.microsoft.com/kb/940881

Still get the error: SRV record for mydomain.net failed!

Please, help.
0
btptech1
Asked:
btptech1
  • 14
  • 8
  • 4
1 Solution
 
adiloadiloCommented:
where are you trying autodiscover ? from oustside or inside your network ?  from oustide you need an  A record and a valid  certificate so for your domain you need autodiscover.mydomain.net
to test and troubleshoot  Autodiscover from oustide your network , use this website from microsoft and verify if you have any problems from outside . this website will identify external autodiscover problems .
https://www.testexchangeconnectivity.com/
Choose Autodiscover testing

Good Luck
0
 
btptech1Author Commented:
OK.
Thanks. I just removed SVR record for the outside DNS that is hosted at network solutions and added “A” record for autodiscover.mydomain.net (as you suggested).  It will take a little while for changes to take affect, but when I ran  https://www.testexchangeconnectivity.com/ for autodiscover, it was successful.
Should I have a A record for mail.mydomain.net or mydomain.net for the external DNS at network solutions?
Also, I do have valid ssl from godaddy for 5 names.

I have the following ALT names in the certificate:
autodiscover.mydomain.net
autodiscover.mydommain.local
mail.mydomain.net
exchangerserver.mydomain.net
exchangeserver.domain.local

Please, let me know if this is correct
The error 0x8004010F (Srv record lookup for ----.net failed) I get from the inside when I right click outlook in the task bar and choose “Test Email Autoconfiguration”.

Please, check out the screen shot.
Internally on our DNS I have the following setup for autodiscover:
I have an “A” record for autodiscover.mydomain.net in the “mydomain.net” external forward lookup zone.
Is it correct? Or should it be autodiscover.mail.mydomain.net for our DNS?
Please, let me know what is missing and why am I getting this error 0x8004010F.

Also, I setup external internal autodiscover urls as the following:

External
https://autodiscover.mail.mydomain.net/Autodiscover/Autodiscover.xml 
Internal
https://autodiscover.mail.mydomain.local/Autodiscover/Autodiscover.xml 
Also, I set up OAB as the following:

Get-OABVirtualDirectory
InternalUrl                   : https://mail.mydomain.local/OAB
ExternalUrl                   : https://mail.mydomain.net/OAB

BTW. When I try to manually download Offlilne Address Book, I also get this error 0x8004010F
Please, let me know how to correct autodiscover error.
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
adiloadiloCommented:
is  your internal autodiscover.mydomain.com A record , pointing to the IP of  the internal Client Access server ? do you have an internal Certificate server ?
0
 
btptech1Author Commented:
Yes. My internal autodiscover.mydomain.net A reocrd points to the internal Client Access server (we have only one exchange server). We don't have internal Certificate server. I used SSL from godaddy. I believe I removed all other certificates from the exchange server and left only godaddy.
0
 
adiloadiloCommented:
normally the srv record is created automatically during install , try this on your dns server
1.      Open the DNS Management MMC snap-in.
2.      Expand Forward Lookup Zones.
3.      Locate and right-click the domain DNS zone, and then click Other New Records.
4.      Click Service Location (SRV).
5.      Use the following parameters to create a new SRV record:
Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: autodiscover.yourdomain.com  (make sure this points to your exchange internal ip address)
5.
6.      Click OK.
0
 
btptech1Author Commented:
ok. I have two dns zones: .local and .net
which one?
0
 
adiloadiloCommented:
.net if you have split dns my friend
0
 
btptech1Author Commented:
Didn't understand the following:
Host: autodiscover.yourdomain.com  (make sure this points to your exchange internal ip address)

So, what should I put in the "Host offering field"? Internal address of the exchange server such as 192.168.2.2 or autodiscover.mydomain.net??
0
 
btptech1Author Commented:
I have created SRV record in mydomain.net forward lookup zone
    Use the following parameters to create a new SRV record:
Service: _autodiscover
Protocol: _tcp
Port Number: 443

I have put autodiscover.mydomain.net in the "Host offering field".

Still get an error when running Test email autoConfiguration
Error Srv record lookup bot mydomain.net FAILED (0x80072F0C)
0
 
adiloadiloCommented:
yes you should put autodiscover.mydomain.com or name of exchange cas server ,

ok if you have (split dns ) on your network which is same domain internally and externally . you should modify your inetrnal dns A record : autodiscover.yourdomain.net to point to your internal ip address and you should modiy the external  A record : autodiscover.yourdomain.net to point to your external ip address .  
after doing this and you are able to ping internally autodiscover.yourdomain.net and you get back 192.168.2.2 then you should test outlook again with no problems .
if after doing this it is still not working then you have two options :
First option: best
Fix the root level domain redirections to not happen. which means points all other autodiscover entries to point to that server .
Second Option:
On each client PC you must add a registry setting in HKEY_CURRENT_USER as follows:
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]"ExcludeHttpsRootDomain"=dword:00000001
this may be a problem if you have a lot of clients .

Good luck , let us know if that fix it
0
 
btptech1Author Commented:
Ok. On my internal DNS server, I modified "A" record in the "mydomain.local" zone to point to the local address of exchange server which is 192.168.2.2. and, in the "mydomain.net" forward lookup zone, I modified "A" record to point to the external address of our exchange. Correct??
0
 
adiloadiloCommented:
yes :)  when you are able to ping and get 192.168.2.2 then test it and it should be ok .
0
 
adiloadiloCommented:
in the "mydomain.net" if it is internal dns server then point it  autodiscover.yourdomain.com to the internal ip
0
 
btptech1Author Commented:
:) ok I think I got it. I just changed it for "mydomain.net" --internal dns server- to point to the 192.168.2.2 internal address. Now, I get the reply from 192.168.2.2 when pinging autodiscover.mydomain.net
0
 
btptech1Author Commented:
Oh. I still get error when testing Email AutoConfiguration internally
SRv record lookup for mydomain.net FAILED (0x80072F0C)
0
 
adiloadiloCommented:
does the client you testing on it have the internal dns ip addresss  listed when you run ipconfig /all  ?
try this on EMS and post results back  

Test-OutlookWebServices
0
 
Shreedhar EtteCommented:
From your client machine, do the following:

1. Open a command prompt and enter nslookup/

2. Type set type=all, and then press enter.
3. Type _autodiscover._tcp.domainname.com (where domainname is the name of your
external domain for OWA URL i.e SMTP domain), and then press ENTER.
You should get an output as below

_autodiscover._tcp.domain.com SRV service location:
priority = 10
weight = 5
port = 443
svr hostname = hostname.domain.com

This will confirm the SRV record is created properly or not.
0
 
btptech1Author Commented:
I followed your steps above and got the following output:

_autodiscover._tcp.mydomain.net      SRV service location:
          priority       = 0
          weight         = 0
          port           = 443
          svr hostname   = myExchangeserv


0
 
btptech1Author Commented:
Just changed the priority and weight to 10 and 5 as in your example:

I got it now:
_autodiscover._tcp.mydomain.net      SRV service location:
          priority       = 10
          weight         = 5
          port           = 443
          svr hostname   = MyServername
0
 
btptech1Author Commented:
Oh. I still get an error.
0
 
btptech1Author Commented:
Nothing helps. Still get the same error
0
 
Shreedhar EtteCommented:
Hi,

I think you are createing the SRV record on your local DNS server.

This needs to be created on the External DNS server.

For this Contact your DNS hosting provider.

I hope this helps,
Shree
0
 
btptech1Author Commented:
I tried that already. It doesn't resolve the issue wth the error 0x8004010F
Besides, the error is coming by testing autodiscover internally not externally. If I test autodiscover externally I get the following results:

Attempting to test potential AutoDiscover URL https://autodiscover.WebSiteName.net/AutoDiscover/AutoDiscover.xml 
  Testing AutoDiscover URL succeeded
   Test Steps
   Attempting to resolve the host name autodiscover.btp.net in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 38.109.---.--- (not shown for security reasons)
 
 Testing TCP Port 443 on host autodiscover.WebSiteName.net to ensure it is listening and open.
  The port was opened successfully.
 Testing SSL Certificate for validity.
  The certificate passed all validation requirements.
   Test Steps
   Validating certificate name
  Successfully validated the certificate name
   Additional Details
  Found hostname autodiscover.btp.net in Certificate Subject Alternative Name entry  
 
 Validating certificate trust
  The test passed with some warnings encountered. Please expand additional details.
   Additional Details
  Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ's from your Certificate Authority for more information.  
 
 Testing certificate date to ensure validity
  Date Validation passed. The certificate is not expired.
   Additional Details
  Certificate is valid: NotBefore = 3/22/2010 1:45:40 PM, NotAfter = 3/19/2012 6:57:16 PM"  
 
 
 
 Attempting to send AutoDiscover POST request to potential autodiscover URLs.
  Successfully Retrieved AutoDiscover Settings by sending AutoDiscover POST.
   Test Steps
   Attempting to Retrieve XML AutoDiscover Response from url https://autodiscover.WebSiteName.net/AutoDiscover/AutoDiscover.xml for user notshown@websitename.com
  Successfully Retrieved AutoDiscover XML Response
   Additional Details
 
 
 I replace my domain name with "WebSiteName" for security reasons
 
0
 
btptech1Author Commented:
I was able to configure autodiscover service correctly, but didn't resolve the problem the error message.
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

  • 14
  • 8
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now