Solved

Autodiscover failing on Exchange 2010

Posted on 2010-08-19
6
1,136 Views
Last Modified: 2012-05-10
Here's my situation and problem:
I have a Windows Server 2008 R2 box running Active Directory and DNS.  I have another Windows 2008 R2 server running IIS 6.0 and Exchange Server 2010.  Exchange installed just fine and I've been testing connectivity using https://testexchangeconnectivity.com.  Inbound and outbound mail pass, but when I test autodiscover connectivity, it fails.  Here is the complete results from that test:


       Connectivity Test Failed

 
Test Details

       Attempting to test Autodiscover for user@domain.com
       Testing Autodiscover failed.
              Test Steps
              ExRCA is attempting each method of contacting the Autodiscover service.
       The Autodiscover service couldn't be contacted successfully by any method.
              Test Steps
              Attempting to test potential AutoDiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
              Test Steps
              Attempting to resolve the host name domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 443 on host domain.com to ensure it is listening and open.
       The port was opened successfully.
       ExRCA is testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
              Test Steps
              The certificate name is being validated.
       Certificate name validation failed.
        

              Additional Details
       Host name domain.com does not match any name found on the server certificate CN=EXCHANGE





       Attempting to test potential AutoDiscover URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
              Test Steps
              Attempting to resolve the host name autodiscover.domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 443 on host autodiscover.domain.com to ensure it is listening and open.
       The port was opened successfully.
       ExRCA is testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
              Test Steps
              The certificate name is being validated.
       Certificate name validation failed.

              Additional Details
       Host name autodiscover.domain.com does not match any name found on the server certificate CN=EXCHANGE





       ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.
              Test Steps
              Attempting to resolve the host name autodiscover.domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 80 on host autodiscover.domain.com to ensure it is listening and open.
       The port was opened successfully.
       Checking Host autodiscover.domain.com for an HTTP redirect to AutoDiscover
       ExRCA failed to get an HTTP redirect response for Autodiscover.
              Additional Details
       An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: You do not have permission to view this directory or page.



       ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
       Failed to contact AutoDiscover using the DNS SRV redirect method.
              Test Steps
              Attempting to locate SRV record _autodiscover._tcp.domain.com in DNS.
       The Autodiscover SRV record wasn't found in DNS.
        

Port 80 and Port 443 are both pointing to the Exchange server via a firewall.  I'm assuming it has to do with server permissions or something along those lines.  Any suggestions/answers would be really welcome.





0
Comment
Question by:AremP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 33477190
the certificate you used does not have the subject name
autodiscover.yourdomain.com included
please reffer to
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx 

the scenarios here apply 2010 as well


Thank you
Dhruv
0
 

Author Comment

by:AremP
ID: 33477504
Ok, I see that now.  How do i go about creating and installing the new certificate?  Do I do it in IIS or in Exchange Server?  I tried doing it in Exchange Server, and I created the Certificate request, but in order to complete the pending request, I have to select a certificate to map to the certificate request.  What is the path on the server to locate the certificate to change?
0
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 33477682
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:AremP
ID: 33477783
Shree,
That site has most of the answers I need, but I cannot find the location of the physical certificate.  I need to know the path to the exchange certificate before I can finish the new certificate request.
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 250 total points
ID: 33478058
0
 

Author Closing Comment

by:AremP
ID: 33734515
it was not quite what I was looking for
0

Featured Post

Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question