Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Outlook 2007 Autodiscover Not Working (Non-Domain Client)

Posted on 2010-08-17
16
1,700 Views
Last Modified: 2012-05-10
Hi,

We've recently migrated over from SBS 2003 to SBS 2008. We have 5 domain-joined PC's running Outlook 2007 - these are working fine.

However, we have one laptop that in not joined to the domain (Home O/S) - this laptop is unable to download the Offline Address Book, nor set Out Of Office. I'm convinced that this is to do with the Autodiscover feature as if the Outlook Autoconfiguration test fails with "unable to determine settings".

Also, if I try to browse to the autodiscover URL (https://remote.domain.com/autodiscover/autodiscover.xml) I am prompted for a user name and password. This doesnt happen from a domain-joined PC. Once the creditials are entered the XML data is displayed correctly.

I've carried out lots of google research but have now hit a dead end - I'm hoping that someone may have experience of this issue and offer a solution!

Any ideas?

Thanks,

Ben
0
Comment
Question by:TS_BenB
16 Comments
 
LVL 2

Expert Comment

by:ricje
ID: 33453089
Have you tried to rebuild the OAB?

Also have a look here:

http://www.exchangeninjas.com/AvailabilityServiceFAQ
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33453343
Yes I've tried this, though as I say - I think the problem lies in the inability to access the autodiscover/autodiscover.xml website (unless i'm missing something).

To recap - domain clients connect to the website ok, non domain clients do not (they are prompted for authentication).

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33453472
ensure that you have basic authentication enabled for your virtual directories

set-oabvirtualdirectory server\oab* -basicauthenication:$true
set-webservicesvirtualdirectory server\ews* -basicauthentication:$true
set-autodiscoveryvirtualdirectory server\auto* -basicauthentication:$true
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 2

Author Comment

by:TS_BenB
ID: 33453832
I've checked and this seems to all be set...

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33455781
i have to ask this, but is the certificate from a trusted certificate authority

when you browse to https://mail.contoso.com/owa from the non-domain client, do you get any certificate warnings
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33455948
Yes its a trusted cert - no prompts on accessing website...

Thanks,

Ben
0
 
LVL 8

Expert Comment

by:rr1968
ID: 33456962
Try clicking the Outlook button from taskbar, while holding "CTRL" button and select "Test email auto-configuration" and select all the check boxes and just enterthe user's email address and press "test"
See if you find any issues there.

Did you try configuring Outlook anywhere or RPC over HTTPS from this WS?
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33459093
The auto config test fails saying "unable to determine auto configuration settings" (or words to that effect). Its when I saw that, that I tried to access the autoconfiguration.xml website and noticed the prompts for authentication (not seen on domain connected pcs).

The machine is already configured for outlook anywhere, should I try turning it off?

Thanks,

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33460461
take a look at the following for the configuration of autodiscover
http://www.shudnow.net/?s=autodiscoverserviceinternaluri
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33473864
Sorry for delayed reply..

i've actually already added a local dns autodiscover record and that works fine - this issue is that the non domain PC isnt able to access the autoconfiguration info (its prompted for authentication when accessing the autoconfiguration.xml website).

I want this to behave in the same way the domain PC's do - i.e. no authentication prompt and thus the ability to read the autoconfiration.xml page.

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33478564
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 500 total points
ID: 33478628
basically your external/non domain accounts are going to attempt to connect to the autodiscover service using the following
https://domain.com/Autodiscover/Autodiscover.xml
https://autodiscover.domain.com/Autodiscover/Autodiscover.xml

this requires your certificate on the cas server to have one of these two names unless your:
1. external DNS server has an SRV record for _autodiscover._tcp.domain.com that points to the A record of your CAS (ex. mail.domain.com)
2. your CAS server is configured with SSL certificate redirection (http://technet.microsoft.com/en-us/library/bb310764.aspx)
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33482836
Ok I see where you're coming from - our SSL cert is trusted but only for a single domain name... It looks like our domain provider supports SRV records so i'll set one up and see what happens.

Thanks,

Ben
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33483005
if you found that artilce helpful, please select that it was
thanks
0
 
LVL 2

Author Comment

by:TS_BenB
ID: 33609491
I'm afraid that I never got to test the solution properly as my client decided to replace the PC with one that was running a business O/S.

Nevertheless, I suspect that endital's suggestion my have worked and appriciate the help so points awarded.

Thanks,

Ben
0
 
LVL 2

Author Closing Comment

by:TS_BenB
ID: 33609497
Wasnt able to fully test the solution provided so are unsure of its success.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question