Solved

Autodiscover problems

Posted on 2010-08-16
33
1,133 Views
Last Modified: 2012-08-13
I have a SBS2008 server/Exchange2007, I seem to be having an issue with  Autodiscover on my server. Out of Office replies from outlook will not work and Viper Mail Security has stopped working and I am told by Sunbellt Software that it is because of Autodiscover.
I used Remote Connectivity Ananlyzer in Exchange Toolbox and ran Exchange Active Sync Autodiscover and the following shows in the browser:

Server Error in '/' Application.
--------------------------------------------------------------------------------

Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>
 

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>
 


I have also ran the following command in Exchange Shell Test-OutlookWebServices | FL

Id      :1003
Type      : Information
Message      :About to test AutoDiscover with the e-mail address administrator@allied-tele.com

Id      :1007
Type      :Information
Message      :Testing Server01.atc.local with the published name https://remote.allied-tele.com/ews/exchange.asmx & https://remote.allied-tele.com/ews/exchange.asmx

Id      :1019
Type      :Information
Message      :Found a valid Autodiscover serviceconnection Point. The Autodiscover URL on this obkect is https://remote.allied-tele.com/Autodiscover.Autodiscover.xml.

Id      :1013
Type      :Error
Message      :When contacting https://remote.allied-tele.com/Autodiscover/Autodiscover.xml received the error Unable to connect to the remote server

Id      :1013
Type      :Error
Message      :When contacting https://remote.allied-tele.com/Autodiscover/Autodiscover.xml the error No connection could be made because the target machine actively refused it 173.9.xxx.sss

Id      :1006
Type      :Error
Messgae      :The Autodiscover service could not be contacted..





0
Comment
Question by:telcoengineer
  • 17
  • 16
33 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449113
a) What SPs are installed on Exchange 2007 ? SP2 / SP3

b) run from exch shell

get-autodiscovervirtualdirectory | fl
get-webservicesvirtualdirectory | fl

copy paste both results here.

c) Do you have an internal DNS entry for
autodiscover.domain.local

d) Do you have an external DNS entry for
autodiscover.domain.com

e) did you buy the UCC/SAN Cert from Digicert / Godaddy and install it.

f) Go here
https://www.testexchangeconnectivity.com/

Test for outlook autodiscover and copy paste the full results

thanks
0
 

Author Comment

by:telcoengineer
ID: 33449139
When I ran the command "Test-OutlookWebServices | FL" command  it returned the url
https://remote.allied-tele.com. i need for it to be https://mail.allied-tele.com. What do i need to do to change it, i have verified all my exchange connectores are set for mail.allied-tele.com, as well as the outlook anywhere External Host name.

I have also verified that my Cert has all the Subject Alternative Names, it is a Cert that was generated from my exchange server when it was first installed.
I tried to createa new cert but there is no Certification Services Admin Page, is there a different way to create a Cert on 2008?
0
 

Author Comment

by:telcoengineer
ID: 33449270
I have posted the results from both commands that you suggested,

I do have DNS entries for internal and external Autodiscover.

I did not buy a certificate, it was generated when the server was setup last year in Sept.
get-autodiscovervirtualdirectory.jpg
get-webservicesvirtualdirectory.jpg
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449322
run this from exchange shell

get-autodiscovervirtualdirectory | set-autodiscovervirtualdirectory -internalurl "https://server01.atc.local/autodiscover/autodiscover.xml"

get-autodiscovervirtualdirectory | set-autodiscovervirtualdirectory -externalurl "https://mail.allied-tele.com/autodiscover/autodiscover.xml"
0
 

Author Comment

by:telcoengineer
ID: 33449334
I wanted to add one more thing, back in March 2010 we had a newbie working for us and he did soemthing that brought down everything in IIS, I had to restore the directories for all sites in order to get it working again. Not sure if it is related.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449344
and this

get-webservicesvirtualdirectory | set-webservicesvirtualdirectory -internalurl "https://server01.atc.local/EWS/exchange.asmx"

get-webservicesvirtualdirectory | set-webservicesvirtualdirectory -externalurl "https://mail.allied-tele.com/EWS/exchange.asmx"
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449351
lets try those 2 sets of commands

restart all exchange services.
Run ExRCA tests
Check outlook autodiscover

Test it if it works.
0
 

Author Comment

by:telcoengineer
ID: 33449510
I ran both commands as you suggested, I restarted all services and ran the
Test-OutlookWebServices | FL.

I posted the results
OutlookWebServices.jpg
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449554
Set-ClientAccessServer –Identity server01.atc.local -AutoDiscoverServiceInternalUri: "https://server01.atc.local/Autodiscover/Autodiscover.xml"

Set-ClientAccessServer –Identity server01.atc.local -AutoDiscoverServiceExternalUri: "https://mail.allied-tele.com/Autodiscover/Autodiscover.xml"
0
 

Author Comment

by:telcoengineer
ID: 33449629
received an error with the second command
Set-ClientAccess-error.jpg
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449640
dang my bad. Ignore second command.

Run this again

Test-OutlookWebServices | FL
0
 

Author Comment

by:telcoengineer
ID: 33449665
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449688
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449864
how's it going ?
0
 

Author Comment

by:telcoengineer
ID: 33449916
just rebooted,  
OutlookWebServices-Error.jpg
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449933
run this
get-outlookanywhere | fl

copy paste the output please.
0
Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 

Author Comment

by:telcoengineer
ID: 33449949
[PS] C:\Windows\system32>get-outlookanywhere | fl


ServerName                 : SERVER01
SSLOffloading              : False
ExternalHostname           : mail.allied-tele.com
ClientAuthenticationMethod : Basic
IISAuthenticationMethods   : {Basic}
MetabasePath               : IIS://SERVER01.atc.local/W3SVC/3/ROOT/Rpc
Path                       : C:\Windows\System32\RpcProxy
Server                     : SERVER01
AdminDisplayName           :
ExchangeVersion            : 0.1 (8.0.535.0)
Name                       : Rpc (SBS Web Applications)
DistinguishedName          : CN=Rpc (SBS Web Applications),CN=HTTP,CN=Protocols
                             ,CN=SERVER01,CN=Servers,CN=Exchange Administrative
                              Group (FYDIBOHF23SPDLT),CN=Administrative Groups,
                             CN=First Organization,CN=Microsoft Exchange,CN=Ser
                             vices,CN=Configuration,DC=atc,DC=local
Identity                   : SERVER01\Rpc (SBS Web Applications)
Guid                       : a7018aa8-6aa1-4a8c-a158-5ad6155d370c
ObjectCategory             : atc.local/Configuration/Schema/ms-Exch-Rpc-Http-Vi
                             rtual-Directory
ObjectClass                : {top, msExchVirtualDirectory, msExchRpcHttpVirtual
                             Directory}
WhenChanged                : 8/16/2010 2:48:32 PM
WhenCreated                : 8/16/2010 2:48:32 PM
OriginatingServer          : SERVER01.atc.local
IsValid                    : True



[PS] C:\Windows\system32>
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33449978
get-outlookanywhere | Set-OutlookAnywhere -Identity:"SERVER01\Rpc*" -ClientAuthenticationMethod:NTLM

try again after that

Test-OutlookWebServices | FL
0
 

Author Comment

by:telcoengineer
ID: 33450004
[PS] C:\Windows\system32>get-outlookanywhere | Set-OutlookAnywhere -Identity:"SE
RVER01\Rpc*" -ClientAuthenticationMethod:NTLM
Set-OutlookAnywhere : The input object cannot be bound to any parameters for th
e command either because the command does not take pipeline input or the input
and its properties do not match any of the parameters that take pipeline input.
At line:1 char:42
+ get-outlookanywhere | Set-OutlookAnywhere <<<<  -Identity:"SERVER01\Rpc*" -Cl
ientAuthenticationMethod:NTLM
    + CategoryInfo          : InvalidArgument: (SERVER01\Rpc (SBS Web Applicat
   ions):PSObject) [Set-OutlookAnywhere], ParameterBindingException
    + FullyQualifiedErrorId : InputObjectNotBound,Microsoft.Exchange.Managemen
   t.SystemConfigurationTasks.SetRpcHttp
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33450012
Set-OutlookAnywhere -Identity:"SERVER01\Rpc*" -ClientAuthenticationMethod:NTLM

just try that
0
 

Author Comment

by:telcoengineer
ID: 33450037
[PS] C:\Windows\system32>Set-OutlookAnywhere -Identity:"SERVER01\Rpc*" -ClientAu
thenticationMethod:NTLM
[PS] C:\Windows\system32>Test-OutlookWebServices | FL


Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address administrator@alli
          ed-tele.com.

Id      : 1007
Type    : Information
Message : Testing server SERVER01.atc.local with the published name https://ser
          ver01.atc.local/EWS/exchange.asmx & https://mail.allied-tele.com/EWS/
          exchange.asmx.

Id      : 1019
Type    : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
           URL on this object is https://server01.atc.local/Autodiscover/Autodi
          scover.xml.

Id      : 1013
Type    : Error
Message : When contacting https://server01.atc.local/Autodiscover/Autodiscover.
          xml received the error The remote server returned an error: (500) Int
          ernal Server Error.

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.



[PS] C:\Windows\system32>
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33450052
Did you restart IIS after making those Loopback changes

start > run > cmd

iisreset /restart
0
 

Author Comment

by:telcoengineer
ID: 33450054
I actually rebooted the server
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33450908
I hate to say I am lost... So I'd say -> i am thinking..
will post back if I come up with something, in the meantime lets wait for other experts.

0
 

Author Comment

by:telcoengineer
ID: 33451043
can you maybe help me with verifying my certificate? I checked in the CA and I see verts that were issued by webserver template and it shows mail.allied-tele.com and it does not have any of the subject alternative names like autodiscover.allied-tele.com.  I found a microsoft white paper for setting up autodiscover and it references going to myserver/crtsrv to complete the new cert creation but the page will not load
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33466777
Did you apply this hotfix to outlook ?
http://support.microsoft.com/kb/954574/en-us

Also ensure that office 2007 latest SPs are installed.

Let me know how you are coming along with this issue.

thanks
0
 

Author Comment

by:telcoengineer
ID: 33466812
I am runnig Office 2010 with all current Hotfix's and patches.

I still do not have a resolution, i am thinking more that it might be a certificate problem. I seem to be having some problems with my iis. The URL for requesting and creating Cert's is not working.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33466824
Did you install UCC/SAN cert ?
0
 

Author Comment

by:telcoengineer
ID: 33466871
I attempted to generate one through the exchange console using commands that i found on a microsoft white paper on setting up and configuring Autodiscover. Part of the procedure though is to go to https://myserver/certsrv and finish the process but i cannot get that page to load.
0
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 500 total points
ID: 33466906
I think you will be better off if you get a UCC/SAN cert from GoDaddy or Digicert
Costs about $199 for Godaddy and $329 for Digicert

https://www.digicert.com/easy-csr/exchange2010.htm

you have to add the following names there
mail.domain.com (external FQDN)
autodiscover.domain.com (external autodiscover)
mail.domain.local (internal mail server FQDN)
mailservername (internal server name)

then you can install the cert using digicert's guides, or using the u-btech tool here
www.u-btech.com/products/certificate-manager-for-exchange-2007.html

thanks
0
 

Author Comment

by:telcoengineer
ID: 33475424
If there was a certificater error would it generate the 500 error code?
Id      : 1013
Type    : Error
Message : When contacting https://server01.atc.local/Autodiscover/Autodiscover.
          xml received the error The remote server returned an error: (500) Int
          ernal Server Error.

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.
0
 

Author Comment

by:telcoengineer
ID: 33476177
What should I see as a successful test when running
Test-OutlookWebServices | FL
 from shell?
0
 

Author Closing Comment

by:telcoengineer
ID: 33527326
sunnyc7, thanx for all your help. I am not sure what the problem was, I could never figure out the problem. I ended up installing Exchange 2010. Works ok now except for a third party app that uses WebDav
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now