?
Solved

Autodiscover failing on Exchange 2010

Posted on 2010-08-19
6
Medium Priority
?
1,141 Views
Last Modified: 2012-05-10
Here's my situation and problem:
I have a Windows Server 2008 R2 box running Active Directory and DNS.  I have another Windows 2008 R2 server running IIS 6.0 and Exchange Server 2010.  Exchange installed just fine and I've been testing connectivity using https://testexchangeconnectivity.com.  Inbound and outbound mail pass, but when I test autodiscover connectivity, it fails.  Here is the complete results from that test:


       Connectivity Test Failed

 
Test Details

       Attempting to test Autodiscover for user@domain.com
       Testing Autodiscover failed.
              Test Steps
              ExRCA is attempting each method of contacting the Autodiscover service.
       The Autodiscover service couldn't be contacted successfully by any method.
              Test Steps
              Attempting to test potential AutoDiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
              Test Steps
              Attempting to resolve the host name domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 443 on host domain.com to ensure it is listening and open.
       The port was opened successfully.
       ExRCA is testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
              Test Steps
              The certificate name is being validated.
       Certificate name validation failed.
        

              Additional Details
       Host name domain.com does not match any name found on the server certificate CN=EXCHANGE





       Attempting to test potential AutoDiscover URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
              Test Steps
              Attempting to resolve the host name autodiscover.domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 443 on host autodiscover.domain.com to ensure it is listening and open.
       The port was opened successfully.
       ExRCA is testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
              Test Steps
              The certificate name is being validated.
       Certificate name validation failed.

              Additional Details
       Host name autodiscover.domain.com does not match any name found on the server certificate CN=EXCHANGE





       ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.
              Test Steps
              Attempting to resolve the host name autodiscover.domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 80 on host autodiscover.domain.com to ensure it is listening and open.
       The port was opened successfully.
       Checking Host autodiscover.domain.com for an HTTP redirect to AutoDiscover
       ExRCA failed to get an HTTP redirect response for Autodiscover.
              Additional Details
       An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: You do not have permission to view this directory or page.



       ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
       Failed to contact AutoDiscover using the DNS SRV redirect method.
              Test Steps
              Attempting to locate SRV record _autodiscover._tcp.domain.com in DNS.
       The Autodiscover SRV record wasn't found in DNS.
        

Port 80 and Port 443 are both pointing to the Exchange server via a firewall.  I'm assuming it has to do with server permissions or something along those lines.  Any suggestions/answers would be really welcome.





0
Comment
Question by:AremP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 33477190
the certificate you used does not have the subject name
autodiscover.yourdomain.com included
please reffer to
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx 

the scenarios here apply 2010 as well


Thank you
Dhruv
0
 

Author Comment

by:AremP
ID: 33477504
Ok, I see that now.  How do i go about creating and installing the new certificate?  Do I do it in IIS or in Exchange Server?  I tried doing it in Exchange Server, and I created the Certificate request, but in order to complete the pending request, I have to select a certificate to map to the certificate request.  What is the path on the server to locate the certificate to change?
0
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 33477682
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 

Author Comment

by:AremP
ID: 33477783
Shree,
That site has most of the answers I need, but I cannot find the location of the physical certificate.  I need to know the path to the exchange certificate before I can finish the new certificate request.
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 750 total points
ID: 33478058
0
 

Author Closing Comment

by:AremP
ID: 33734515
it was not quite what I was looking for
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question