Solved

Autodiscover failing on Exchange 2010

Posted on 2010-08-19
6
1,133 Views
Last Modified: 2012-05-10
Here's my situation and problem:
I have a Windows Server 2008 R2 box running Active Directory and DNS.  I have another Windows 2008 R2 server running IIS 6.0 and Exchange Server 2010.  Exchange installed just fine and I've been testing connectivity using https://testexchangeconnectivity.com.  Inbound and outbound mail pass, but when I test autodiscover connectivity, it fails.  Here is the complete results from that test:


       Connectivity Test Failed

 
Test Details

       Attempting to test Autodiscover for user@domain.com
       Testing Autodiscover failed.
              Test Steps
              ExRCA is attempting each method of contacting the Autodiscover service.
       The Autodiscover service couldn't be contacted successfully by any method.
              Test Steps
              Attempting to test potential AutoDiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
              Test Steps
              Attempting to resolve the host name domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 443 on host domain.com to ensure it is listening and open.
       The port was opened successfully.
       ExRCA is testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
              Test Steps
              The certificate name is being validated.
       Certificate name validation failed.
        

              Additional Details
       Host name domain.com does not match any name found on the server certificate CN=EXCHANGE





       Attempting to test potential AutoDiscover URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
              Test Steps
              Attempting to resolve the host name autodiscover.domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 443 on host autodiscover.domain.com to ensure it is listening and open.
       The port was opened successfully.
       ExRCA is testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
              Test Steps
              The certificate name is being validated.
       Certificate name validation failed.

              Additional Details
       Host name autodiscover.domain.com does not match any name found on the server certificate CN=EXCHANGE





       ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.
              Test Steps
              Attempting to resolve the host name autodiscover.domain.com in DNS.
       Host successfully resolved
              Additional Details
       IP(s) returned: **PUBLIC IP ADDRESS**

       Testing TCP Port 80 on host autodiscover.domain.com to ensure it is listening and open.
       The port was opened successfully.
       Checking Host autodiscover.domain.com for an HTTP redirect to AutoDiscover
       ExRCA failed to get an HTTP redirect response for Autodiscover.
              Additional Details
       An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body is: You do not have permission to view this directory or page.



       ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
       Failed to contact AutoDiscover using the DNS SRV redirect method.
              Test Steps
              Attempting to locate SRV record _autodiscover._tcp.domain.com in DNS.
       The Autodiscover SRV record wasn't found in DNS.
        

Port 80 and Port 443 are both pointing to the Exchange server via a firewall.  I'm assuming it has to do with server permissions or something along those lines.  Any suggestions/answers would be really welcome.





0
Comment
Question by:AremP
6 Comments
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 33477190
the certificate you used does not have the subject name
autodiscover.yourdomain.com included
please reffer to
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx 

the scenarios here apply 2010 as well


Thank you
Dhruv
0
 

Author Comment

by:AremP
ID: 33477504
Ok, I see that now.  How do i go about creating and installing the new certificate?  Do I do it in IIS or in Exchange Server?  I tried doing it in Exchange Server, and I created the Certificate request, but in order to complete the pending request, I have to select a certificate to map to the certificate request.  What is the path on the server to locate the certificate to change?
0
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 33477682
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:AremP
ID: 33477783
Shree,
That site has most of the answers I need, but I cannot find the location of the physical certificate.  I need to know the path to the exchange certificate before I can finish the new certificate request.
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 250 total points
ID: 33478058
0
 

Author Closing Comment

by:AremP
ID: 33734515
it was not quite what I was looking for
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out what you should include to make the best professional email signature for your organization.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question