Autodiscover problems

I have a SBS2008 server/Exchange2007, I seem to be having an issue with  Autodiscover on my server. Out of Office replies from outlook will not work and Viper Mail Security has stopped working and I am told by Sunbellt Software that it is because of Autodiscover.
I used Remote Connectivity Ananlyzer in Exchange Toolbox and ran Exchange Active Sync Autodiscover and the following shows in the browser:

Server Error in '/' Application.
--------------------------------------------------------------------------------

Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>
 

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>
 


I have also ran the following command in Exchange Shell Test-OutlookWebServices | FL

Id      :1003
Type      : Information
Message      :About to test AutoDiscover with the e-mail address administrator@allied-tele.com

Id      :1007
Type      :Information
Message      :Testing Server01.atc.local with the published name https://remote.allied-tele.com/ews/exchange.asmx & https://remote.allied-tele.com/ews/exchange.asmx

Id      :1019
Type      :Information
Message      :Found a valid Autodiscover serviceconnection Point. The Autodiscover URL on this obkect is https://remote.allied-tele.com/Autodiscover.Autodiscover.xml.

Id      :1013
Type      :Error
Message      :When contacting https://remote.allied-tele.com/Autodiscover/Autodiscover.xml received the error Unable to connect to the remote server

Id      :1013
Type      :Error
Message      :When contacting https://remote.allied-tele.com/Autodiscover/Autodiscover.xml the error No connection could be made because the target machine actively refused it 173.9.xxx.sss

Id      :1006
Type      :Error
Messgae      :The Autodiscover service could not be contacted..





telcoengineerAsked:
Who is Participating?
 
sunnyc7Connect With a Mentor Commented:
I think you will be better off if you get a UCC/SAN cert from GoDaddy or Digicert
Costs about $199 for Godaddy and $329 for Digicert

https://www.digicert.com/easy-csr/exchange2010.htm

you have to add the following names there
mail.domain.com (external FQDN)
autodiscover.domain.com (external autodiscover)
mail.domain.local (internal mail server FQDN)
mailservername (internal server name)

then you can install the cert using digicert's guides, or using the u-btech tool here
www.u-btech.com/products/certificate-manager-for-exchange-2007.html

thanks
0
 
sunnyc7Commented:
a) What SPs are installed on Exchange 2007 ? SP2 / SP3

b) run from exch shell

get-autodiscovervirtualdirectory | fl
get-webservicesvirtualdirectory | fl

copy paste both results here.

c) Do you have an internal DNS entry for
autodiscover.domain.local

d) Do you have an external DNS entry for
autodiscover.domain.com

e) did you buy the UCC/SAN Cert from Digicert / Godaddy and install it.

f) Go here
https://www.testexchangeconnectivity.com/

Test for outlook autodiscover and copy paste the full results

thanks
0
 
telcoengineerAuthor Commented:
When I ran the command "Test-OutlookWebServices | FL" command  it returned the url
https://remote.allied-tele.com. i need for it to be https://mail.allied-tele.com. What do i need to do to change it, i have verified all my exchange connectores are set for mail.allied-tele.com, as well as the outlook anywhere External Host name.

I have also verified that my Cert has all the Subject Alternative Names, it is a Cert that was generated from my exchange server when it was first installed.
I tried to createa new cert but there is no Certification Services Admin Page, is there a different way to create a Cert on 2008?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
telcoengineerAuthor Commented:
I have posted the results from both commands that you suggested,

I do have DNS entries for internal and external Autodiscover.

I did not buy a certificate, it was generated when the server was setup last year in Sept.
get-autodiscovervirtualdirectory.jpg
get-webservicesvirtualdirectory.jpg
0
 
sunnyc7Commented:
run this from exchange shell

get-autodiscovervirtualdirectory | set-autodiscovervirtualdirectory -internalurl "https://server01.atc.local/autodiscover/autodiscover.xml"

get-autodiscovervirtualdirectory | set-autodiscovervirtualdirectory -externalurl "https://mail.allied-tele.com/autodiscover/autodiscover.xml"
0
 
telcoengineerAuthor Commented:
I wanted to add one more thing, back in March 2010 we had a newbie working for us and he did soemthing that brought down everything in IIS, I had to restore the directories for all sites in order to get it working again. Not sure if it is related.
0
 
sunnyc7Commented:
and this

get-webservicesvirtualdirectory | set-webservicesvirtualdirectory -internalurl "https://server01.atc.local/EWS/exchange.asmx"

get-webservicesvirtualdirectory | set-webservicesvirtualdirectory -externalurl "https://mail.allied-tele.com/EWS/exchange.asmx"
0
 
sunnyc7Commented:
lets try those 2 sets of commands

restart all exchange services.
Run ExRCA tests
Check outlook autodiscover

Test it if it works.
0
 
telcoengineerAuthor Commented:
I ran both commands as you suggested, I restarted all services and ran the
Test-OutlookWebServices | FL.

I posted the results
OutlookWebServices.jpg
0
 
sunnyc7Commented:
Set-ClientAccessServer –Identity server01.atc.local -AutoDiscoverServiceInternalUri: "https://server01.atc.local/Autodiscover/Autodiscover.xml"

Set-ClientAccessServer –Identity server01.atc.local -AutoDiscoverServiceExternalUri: "https://mail.allied-tele.com/Autodiscover/Autodiscover.xml"
0
 
telcoengineerAuthor Commented:
received an error with the second command
Set-ClientAccess-error.jpg
0
 
sunnyc7Commented:
dang my bad. Ignore second command.

Run this again

Test-OutlookWebServices | FL
0
 
telcoengineerAuthor Commented:
0
 
sunnyc7Commented:
how's it going ?
0
 
telcoengineerAuthor Commented:
just rebooted,  
OutlookWebServices-Error.jpg
0
 
sunnyc7Commented:
run this
get-outlookanywhere | fl

copy paste the output please.
0
 
telcoengineerAuthor Commented:
[PS] C:\Windows\system32>get-outlookanywhere | fl


ServerName                 : SERVER01
SSLOffloading              : False
ExternalHostname           : mail.allied-tele.com
ClientAuthenticationMethod : Basic
IISAuthenticationMethods   : {Basic}
MetabasePath               : IIS://SERVER01.atc.local/W3SVC/3/ROOT/Rpc
Path                       : C:\Windows\System32\RpcProxy
Server                     : SERVER01
AdminDisplayName           :
ExchangeVersion            : 0.1 (8.0.535.0)
Name                       : Rpc (SBS Web Applications)
DistinguishedName          : CN=Rpc (SBS Web Applications),CN=HTTP,CN=Protocols
                             ,CN=SERVER01,CN=Servers,CN=Exchange Administrative
                              Group (FYDIBOHF23SPDLT),CN=Administrative Groups,
                             CN=First Organization,CN=Microsoft Exchange,CN=Ser
                             vices,CN=Configuration,DC=atc,DC=local
Identity                   : SERVER01\Rpc (SBS Web Applications)
Guid                       : a7018aa8-6aa1-4a8c-a158-5ad6155d370c
ObjectCategory             : atc.local/Configuration/Schema/ms-Exch-Rpc-Http-Vi
                             rtual-Directory
ObjectClass                : {top, msExchVirtualDirectory, msExchRpcHttpVirtual
                             Directory}
WhenChanged                : 8/16/2010 2:48:32 PM
WhenCreated                : 8/16/2010 2:48:32 PM
OriginatingServer          : SERVER01.atc.local
IsValid                    : True



[PS] C:\Windows\system32>
0
 
sunnyc7Commented:
get-outlookanywhere | Set-OutlookAnywhere -Identity:"SERVER01\Rpc*" -ClientAuthenticationMethod:NTLM

try again after that

Test-OutlookWebServices | FL
0
 
telcoengineerAuthor Commented:
[PS] C:\Windows\system32>get-outlookanywhere | Set-OutlookAnywhere -Identity:"SE
RVER01\Rpc*" -ClientAuthenticationMethod:NTLM
Set-OutlookAnywhere : The input object cannot be bound to any parameters for th
e command either because the command does not take pipeline input or the input
and its properties do not match any of the parameters that take pipeline input.
At line:1 char:42
+ get-outlookanywhere | Set-OutlookAnywhere <<<<  -Identity:"SERVER01\Rpc*" -Cl
ientAuthenticationMethod:NTLM
    + CategoryInfo          : InvalidArgument: (SERVER01\Rpc (SBS Web Applicat
   ions):PSObject) [Set-OutlookAnywhere], ParameterBindingException
    + FullyQualifiedErrorId : InputObjectNotBound,Microsoft.Exchange.Managemen
   t.SystemConfigurationTasks.SetRpcHttp
0
 
sunnyc7Commented:
Set-OutlookAnywhere -Identity:"SERVER01\Rpc*" -ClientAuthenticationMethod:NTLM

just try that
0
 
telcoengineerAuthor Commented:
[PS] C:\Windows\system32>Set-OutlookAnywhere -Identity:"SERVER01\Rpc*" -ClientAu
thenticationMethod:NTLM
[PS] C:\Windows\system32>Test-OutlookWebServices | FL


Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address administrator@alli
          ed-tele.com.

Id      : 1007
Type    : Information
Message : Testing server SERVER01.atc.local with the published name https://ser
          ver01.atc.local/EWS/exchange.asmx & https://mail.allied-tele.com/EWS/
          exchange.asmx.

Id      : 1019
Type    : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
           URL on this object is https://server01.atc.local/Autodiscover/Autodi
          scover.xml.

Id      : 1013
Type    : Error
Message : When contacting https://server01.atc.local/Autodiscover/Autodiscover.
          xml received the error The remote server returned an error: (500) Int
          ernal Server Error.

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.



[PS] C:\Windows\system32>
0
 
sunnyc7Commented:
Did you restart IIS after making those Loopback changes

start > run > cmd

iisreset /restart
0
 
telcoengineerAuthor Commented:
I actually rebooted the server
0
 
sunnyc7Commented:
I hate to say I am lost... So I'd say -> i am thinking..
will post back if I come up with something, in the meantime lets wait for other experts.

0
 
telcoengineerAuthor Commented:
can you maybe help me with verifying my certificate? I checked in the CA and I see verts that were issued by webserver template and it shows mail.allied-tele.com and it does not have any of the subject alternative names like autodiscover.allied-tele.com.  I found a microsoft white paper for setting up autodiscover and it references going to myserver/crtsrv to complete the new cert creation but the page will not load
0
 
sunnyc7Commented:
Did you apply this hotfix to outlook ?
http://support.microsoft.com/kb/954574/en-us

Also ensure that office 2007 latest SPs are installed.

Let me know how you are coming along with this issue.

thanks
0
 
telcoengineerAuthor Commented:
I am runnig Office 2010 with all current Hotfix's and patches.

I still do not have a resolution, i am thinking more that it might be a certificate problem. I seem to be having some problems with my iis. The URL for requesting and creating Cert's is not working.
0
 
sunnyc7Commented:
Did you install UCC/SAN cert ?
0
 
telcoengineerAuthor Commented:
I attempted to generate one through the exchange console using commands that i found on a microsoft white paper on setting up and configuring Autodiscover. Part of the procedure though is to go to https://myserver/certsrv and finish the process but i cannot get that page to load.
0
 
telcoengineerAuthor Commented:
If there was a certificater error would it generate the 500 error code?
Id      : 1013
Type    : Error
Message : When contacting https://server01.atc.local/Autodiscover/Autodiscover.
          xml received the error The remote server returned an error: (500) Int
          ernal Server Error.

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.
0
 
telcoengineerAuthor Commented:
What should I see as a successful test when running
Test-OutlookWebServices | FL
 from shell?
0
 
telcoengineerAuthor Commented:
sunnyc7, thanx for all your help. I am not sure what the problem was, I could never figure out the problem. I ended up installing Exchange 2010. Works ok now except for a third party app that uses WebDav
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.