Solved

Security Alert autodiscover.domain.org when outlook 2007 client connect to exchange server 2003

Posted on 2010-08-15
4
1,698 Views
Last Modified: 2012-05-10
Dear sir,

We are still using exchange 2003 mail server in our organization, and no planning to upgrade to exchange 2007 or 2010 in the future.  We have been used outlook 2003 to communicate with exchange 2003 for a long while.  it is very easy to configure as long as active directory been created a valid user name and mail box.  We had used AT&T internet service and DNS hosting in the past, everything is working good.  Recently we switch to Verizon internet service, but they do not have a service to host client DNS, so we have to use our domain registration agent, network solution, as our new DNS hosting, our corporate email and website are working fine.  But recently we upgrade our user outlook 2003 to outlook 2007. and then we have a big problem to connect our exchange server 2003, I understand outlook 2007 is using autodiscover to seach email connection.  We can not connect our staffs email with outlook 2007 now. see attachment.  Is this cause by our DNS hosting, network solution? or something we can easily fix in our end.  Thank you so much,Paul from project hospitality.
DOC081310.pdf
0
Comment
Question by:paul_lin
4 Comments
 
LVL 2

Accepted Solution

by:
Ellush earned 500 total points
ID: 33440903
What is you Outlook 2007 SP ?As as I remember SP2 fixes problems with autodiscover.If not, check out the following article http://www.windowsitpro.com/article/tips/how-can-i-force-my-microsoft-outlook-2007-client-to-a-particular-autodiscovery-server-.aspx
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 33441832

This is being caused by the fact you appear to have a wildcard (*) record in your public DNS for *.projecthospitality.com.

Outlook/Exchange 2007 introduce the new Autodiscover service which automatically configures Outlook clients and allows them to locate Exchange resources on the network. Exchange 2003 does not have an autodiscover function, but Outlook 2007/2010 will still go looking for it. By default, it searches a couple of URLs including https://autodiscover.domain.com; if that URL resolves to an SSL site somewhere but the SSL certificate on that site is for another domain, Outlook will throw the standard security error you're seeing.

If you have a record called "autodiscover" in public DNS, remove it. You don't need it with Exchange 2003. If you don't have that record, but have a wildcard (*) record, consider removing it - as that record will resolve any URL, including autodiscover.domain.com. If you can't remove the wildcard record, create a record called "autodiscover" and point it to a totally invalid IP address - 127.0.0.2 would do. Just remember to change the IP if you ever upgrade to Exchange 2007/2010.

I'm going to ask a Mod to remove your email address and telephone number for privacy reasons.

-Matt
0
 

Author Closing Comment

by:paul_lin
ID: 33454597
Thak you for your help, office SP2 resolves our problem.
Thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
Read this checklist to learn more about the 15 things you should never include in an email signature.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now