Solved

Outlook 2007 Autodiscover Not Working (Non-Domain Client)

Posted on 2010-08-17
16
1,719 Views
Last Modified: 2012-05-10
Hi,

We've recently migrated over from SBS 2003 to SBS 2008. We have 5 domain-joined PC's running Outlook 2007 - these are working fine.

However, we have one laptop that in not joined to the domain (Home O/S) - this laptop is unable to download the Offline Address Book, nor set Out Of Office. I'm convinced that this is to do with the Autodiscover feature as if the Outlook Autoconfiguration test fails with "unable to determine settings".

Also, if I try to browse to the autodiscover URL (https://remote.domain.com/autodiscover/autodiscover.xml) I am prompted for a user name and password. This doesnt happen from a domain-joined PC. Once the creditials are entered the XML data is displayed correctly.

I've carried out lots of google research but have now hit a dead end - I'm hoping that someone may have experience of this issue and offer a solution!

Any ideas?

Thanks,

Ben
0
Comment
Question by:TS_BenB
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
16 Comments
 
LVL 2

Expert Comment

by:ricje
ID: 33453089
Have you tried to rebuild the OAB?

Also have a look here:

http://www.exchangeninjas.com/AvailabilityServiceFAQ
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33453343
Yes I've tried this, though as I say - I think the problem lies in the inability to access the autodiscover/autodiscover.xml website (unless i'm missing something).

To recap - domain clients connect to the website ok, non domain clients do not (they are prompted for authentication).

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33453472
ensure that you have basic authentication enabled for your virtual directories

set-oabvirtualdirectory server\oab* -basicauthenication:$true
set-webservicesvirtualdirectory server\ews* -basicauthentication:$true
set-autodiscoveryvirtualdirectory server\auto* -basicauthentication:$true
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 2

Author Comment

by:TS_BenB
ID: 33453832
I've checked and this seems to all be set...

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33455781
i have to ask this, but is the certificate from a trusted certificate authority

when you browse to https://mail.contoso.com/owa from the non-domain client, do you get any certificate warnings
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33455948
Yes its a trusted cert - no prompts on accessing website...

Thanks,

Ben
0
 
LVL 8

Expert Comment

by:rr1968
ID: 33456962
Try clicking the Outlook button from taskbar, while holding "CTRL" button and select "Test email auto-configuration" and select all the check boxes and just enterthe user's email address and press "test"
See if you find any issues there.

Did you try configuring Outlook anywhere or RPC over HTTPS from this WS?
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33459093
The auto config test fails saying "unable to determine auto configuration settings" (or words to that effect). Its when I saw that, that I tried to access the autoconfiguration.xml website and noticed the prompts for authentication (not seen on domain connected pcs).

The machine is already configured for outlook anywhere, should I try turning it off?

Thanks,

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33460461
take a look at the following for the configuration of autodiscover
http://www.shudnow.net/?s=autodiscoverserviceinternaluri
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33473864
Sorry for delayed reply..

i've actually already added a local dns autodiscover record and that works fine - this issue is that the non domain PC isnt able to access the autoconfiguration info (its prompted for authentication when accessing the autoconfiguration.xml website).

I want this to behave in the same way the domain PC's do - i.e. no authentication prompt and thus the ability to read the autoconfiration.xml page.

Ben
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 500 total points
ID: 33478628
basically your external/non domain accounts are going to attempt to connect to the autodiscover service using the following
https://domain.com/Autodiscover/Autodiscover.xml
https://autodiscover.domain.com/Autodiscover/Autodiscover.xml

this requires your certificate on the cas server to have one of these two names unless your:
1. external DNS server has an SRV record for _autodiscover._tcp.domain.com that points to the A record of your CAS (ex. mail.domain.com)
2. your CAS server is configured with SSL certificate redirection (http://technet.microsoft.com/en-us/library/bb310764.aspx)
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33482836
Ok I see where you're coming from - our SSL cert is trusted but only for a single domain name... It looks like our domain provider supports SRV records so i'll set one up and see what happens.

Thanks,

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33483005
if you found that artilce helpful, please select that it was
thanks
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33609491
I'm afraid that I never got to test the solution properly as my client decided to replace the PC with one that was running a business O/S.

Nevertheless, I suspect that endital's suggestion my have worked and appriciate the help so points awarded.

Thanks,

Ben
0
 
LVL 2

Author Closing Comment

by:TS_BenB
ID: 33609497
Wasnt able to fully test the solution provided so are unsure of its success.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Outlook for dependable use in a very small business   This article is about using the Outlook application (part of Microsoft Office) in a very small business, or for homeowners where dependability and reliability are critical requirements. This …
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question