Solved

Security Alert autodiscover.domain.org when outlook 2007 client connect to exchange server 2003

Posted on 2010-08-15
4
1,696 Views
Last Modified: 2012-05-10
Dear sir,

We are still using exchange 2003 mail server in our organization, and no planning to upgrade to exchange 2007 or 2010 in the future.  We have been used outlook 2003 to communicate with exchange 2003 for a long while.  it is very easy to configure as long as active directory been created a valid user name and mail box.  We had used AT&T internet service and DNS hosting in the past, everything is working good.  Recently we switch to Verizon internet service, but they do not have a service to host client DNS, so we have to use our domain registration agent, network solution, as our new DNS hosting, our corporate email and website are working fine.  But recently we upgrade our user outlook 2003 to outlook 2007. and then we have a big problem to connect our exchange server 2003, I understand outlook 2007 is using autodiscover to seach email connection.  We can not connect our staffs email with outlook 2007 now. see attachment.  Is this cause by our DNS hosting, network solution? or something we can easily fix in our end.  Thank you so much,Paul from project hospitality.
DOC081310.pdf
0
Comment
Question by:paul_lin
4 Comments
 
LVL 2

Accepted Solution

by:
Ellush earned 500 total points
ID: 33440903
What is you Outlook 2007 SP ?As as I remember SP2 fixes problems with autodiscover.If not, check out the following article http://www.windowsitpro.com/article/tips/how-can-i-force-my-microsoft-outlook-2007-client-to-a-particular-autodiscovery-server-.aspx
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 33441832

This is being caused by the fact you appear to have a wildcard (*) record in your public DNS for *.projecthospitality.com.

Outlook/Exchange 2007 introduce the new Autodiscover service which automatically configures Outlook clients and allows them to locate Exchange resources on the network. Exchange 2003 does not have an autodiscover function, but Outlook 2007/2010 will still go looking for it. By default, it searches a couple of URLs including https://autodiscover.domain.com; if that URL resolves to an SSL site somewhere but the SSL certificate on that site is for another domain, Outlook will throw the standard security error you're seeing.

If you have a record called "autodiscover" in public DNS, remove it. You don't need it with Exchange 2003. If you don't have that record, but have a wildcard (*) record, consider removing it - as that record will resolve any URL, including autodiscover.domain.com. If you can't remove the wildcard record, create a record called "autodiscover" and point it to a totally invalid IP address - 127.0.0.2 would do. Just remember to change the IP if you ever upgrade to Exchange 2007/2010.

I'm going to ask a Mod to remove your email address and telephone number for privacy reasons.

-Matt
0
 

Author Closing Comment

by:paul_lin
ID: 33454597
Thak you for your help, office SP2 resolves our problem.
Thanks
0

Join & Write a Comment

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now