SBS Server 2008 - Auto Discover does not work for Outlook Anywhere

When I try Outlook Anywhere on testexchangeconectivity.com it fails.
I have a SRV record that points to https://remote.mydomain.com on port 443. Remote Desktop and Outllook Web Access works fine. I have a single go-daddy cert installed, and from the the installation tool at go-daddy it says that it is installed correctly. Is there some service that I need to turn on or and update that needs to be installed? I am only using https over port 443 and do not have http on port 80 open.

Any suggestions would be much apprecaited.

      
bahamasandsAsked:
Who is Participating?
 
Cris HannaConnect With a Mentor Commented:
Ok..the problem with Outlook is easily fixed
Install Exchange 2007 SP3...takes about an hour to install
0
 
Cris HannaCommented:
most likely you are missing the autodiscover record...  Check this blog entry from the SBS Diva  http://msmvps.com/blogs/bradley/archive/2008/12/18/autodiscover-and-dns.aspx
0
 
bahamasandsAuthor Commented:
Hello CrisHanna, I have the same configiration as the blog suggested at godaddy. Below is the error that I receive from testexchsngeconnectivity.com. I am frustrated, the Remote Desktop and Outlook web access work fine.It says it found port 443 and it opened then failed to connect. Could it be something in the server firewall?

 Attempting to test Autodiscover for user@mydomain.com
  Testing Autodiscover failed.
   Test Steps
   ExRCA is attempting each method of contacting the Autodiscover service.
  The Autodiscover service couldn't be contacted successfully by any method.
   Test Steps
   Attempting to test potential AutoDiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name mydomain.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host mydomain.com/ to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
   Tell me more about this issue and how to resolve it
   Additional Details
  A network error occurred while communicating with remote host
Exception details:
Message: The handshake failed due to an unexpected packet format.
Type: System.IO.IOException
Stack trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRca.Tests.SSLCertificateTest.PerformTestReally()
 
 Attempting to test potential AutoDiscover URL https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 
 
 
 ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
  The attempt to contact Autodiscover using the HTTP Redirect method failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
  Failed to contact AutoDiscover using the DNS SRV redirect method.
   Test Steps
   Attempting to locate SRV record _autodiscover._tcp.mydomain.com.com in DNS.
  The Autodiscover SRV record wasn't found in DNS.
   Tell me more about this issue and how to resolve it
 
 
 
 
 
 
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Cris HannaCommented:
The failure your getting is by design...this KB explains it  http://support.microsoft.com/kb/940881
 
0
 
bahamasandsAuthor Commented:
CrisHanna,
I have the SRV Record excactly the way that KB explains. It has to be something that I have overlooked on the server side or the SSL Cert. The Cert is a godaddy cert and the installation tool at godaddy says that it is configured correct. I might have to contact Microsoft to see if they have a solution. If you or anyone else have any other suggestions please let me know.
0
 
Cris HannaCommented:
If you logon to OWA or RWW...do you get a red warning about the cert or is it green?
0
 
bahamasandsAuthor Commented:
CrisHanna, IE and Safari locks and says that this connection is encrypted. If I click on the lock it gives me the correct information about the server and who it is registered to. I was thinking if it was a cert issue then I would not be able to sign in to OWA or RWW without some sort of error. I am lost in the wilderness on this one. I do see another comment here on expertsexchange with the same issue. I will continue to search for a solution. Thanks for your input so far and if you have further suggestions be sure to let me know.
0
 
bahamasandsAuthor Commented:
CrisHanna,

I changed the SRV record to the following Priority=0 and Weight=0 and now I am getting a lot more green on my test see below. I had them both set to 1, that is because the DVD Video that I purchased for setup suggested that is what I type in for those values.
The final error on the testexchaneconnectivity.com is a HTTP 401 error. When I try to setup from Outlook 2007 I get a screen asking for my password, I type it in and it just keeps on asking for the password again and again, and it will not let me connect.

Attempting to resolve the host name remote.stgeorgescaypower.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   The certificate name is being validated.
  Successfully validated the certificate name
   Additional Details
  Found hostname remote.mydomain.com in Certificate Subject Common name
 
 Certificate trust is being validated.
  The certificate is trusted and all certificates are present in the chain.
   Additional Details
  The Certificate chain has be validated up to a trusted root. Root = E=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
 
 The certificate date is being confirmed to ensure the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  Certificate is valid: NotBefore = 9/6/2010 10:11:17 PM, NotAfter = 9/6/2013 10:11:17 PM"
 
 The IIS configuration is being checked for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates not configured.
 
 ExRCA is attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
   Test Steps
   Attempting to Retrieve XML AutoDiscover Response from url https://remote.mydomain.com/Autodiscover/Autodiscover.xml for user user@mydomain.com
  Failed to obtain AutoDiscover XML response.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown
 
 
 
0
 
bahamasandsAuthor Commented:
CrisHanna,
I will let you know if this corrects my problem.

Thanks for your help so far.
0
 
bahamasandsAuthor Commented:
CrisHanna,
I have installed the SP3 and got all green on the connectivity besides a SLL cert error, do not know what that is about.
SLL Error:
 Certificate trust is being validated.
  The test passed with some warnings encountered. Please expand the additional details.
   Additional Details
  Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ's from your Certificate Authority for more information.
 
Still when I try to create an Outlook Anywhere account from my computer at home it keeps asking for my password. I type it in and it will not connect.  
0
 
Cris HannaConnect With a Mentor Commented:
I just got reminded that this is a godaddy cert...did you install the intermediate Cert first?
http://blogs.technet.com/b/sbs/archive/2009/02/11/sean-daniel-how-to-install-a-godaddy-certificate-on-sbs-2008.aspx
 
0
 
bahamasandsAuthor Commented:
CrisHanna,
IT WORKED!!
Below is the solution
SRV Record: Priority=0 Weight=0
Install Exchange 2007 SP3
Install GoDaddy Intermediate Cert first and follow GoDaddy Instructions.
Then Install Godaddy Cert
OutLook Anywhere is now working.
Thanks to you CrisHanna I apprecaite your help.
Anyone else having this problem just follow the steps above.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.