Solved

SBS Server 2008 - Auto Discover does not work for Outlook Anywhere

Posted on 2010-09-17
12
525 Views
Last Modified: 2012-05-10
When I try Outlook Anywhere on testexchangeconectivity.com it fails.
I have a SRV record that points to https://remote.mydomain.com on port 443. Remote Desktop and Outllook Web Access works fine. I have a single go-daddy cert installed, and from the the installation tool at go-daddy it says that it is installed correctly. Is there some service that I need to turn on or and update that needs to be installed? I am only using https over port 443 and do not have http on port 80 open.

Any suggestions would be much apprecaited.

      
0
Comment
Question by:bahamasands
  • 7
  • 5
12 Comments
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
most likely you are missing the autodiscover record...  Check this blog entry from the SBS Diva  http://msmvps.com/blogs/bradley/archive/2008/12/18/autodiscover-and-dns.aspx
0
 

Author Comment

by:bahamasands
Comment Utility
Hello CrisHanna, I have the same configiration as the blog suggested at godaddy. Below is the error that I receive from testexchsngeconnectivity.com. I am frustrated, the Remote Desktop and Outlook web access work fine.It says it found port 443 and it opened then failed to connect. Could it be something in the server firewall?

 Attempting to test Autodiscover for user@mydomain.com
  Testing Autodiscover failed.
   Test Steps
   ExRCA is attempting each method of contacting the Autodiscover service.
  The Autodiscover service couldn't be contacted successfully by any method.
   Test Steps
   Attempting to test potential AutoDiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name mydomain.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host mydomain.com/ to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
   Tell me more about this issue and how to resolve it
   Additional Details
  A network error occurred while communicating with remote host
Exception details:
Message: The handshake failed due to an unexpected packet format.
Type: System.IO.IOException
Stack trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRca.Tests.SSLCertificateTest.PerformTestReally()
 
 Attempting to test potential AutoDiscover URL https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 
 
 
 ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
  The attempt to contact Autodiscover using the HTTP Redirect method failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
  Failed to contact AutoDiscover using the DNS SRV redirect method.
   Test Steps
   Attempting to locate SRV record _autodiscover._tcp.mydomain.com.com in DNS.
  The Autodiscover SRV record wasn't found in DNS.
   Tell me more about this issue and how to resolve it
 
 
 
 
 
 
0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
The failure your getting is by design...this KB explains it  http://support.microsoft.com/kb/940881
 
0
 

Author Comment

by:bahamasands
Comment Utility
CrisHanna,
I have the SRV Record excactly the way that KB explains. It has to be something that I have overlooked on the server side or the SSL Cert. The Cert is a godaddy cert and the installation tool at godaddy says that it is configured correct. I might have to contact Microsoft to see if they have a solution. If you or anyone else have any other suggestions please let me know.
0
 
LVL 35

Expert Comment

by:Cris Hanna
Comment Utility
If you logon to OWA or RWW...do you get a red warning about the cert or is it green?
0
 

Author Comment

by:bahamasands
Comment Utility
CrisHanna, IE and Safari locks and says that this connection is encrypted. If I click on the lock it gives me the correct information about the server and who it is registered to. I was thinking if it was a cert issue then I would not be able to sign in to OWA or RWW without some sort of error. I am lost in the wilderness on this one. I do see another comment here on expertsexchange with the same issue. I will continue to search for a solution. Thanks for your input so far and if you have further suggestions be sure to let me know.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:bahamasands
Comment Utility
CrisHanna,

I changed the SRV record to the following Priority=0 and Weight=0 and now I am getting a lot more green on my test see below. I had them both set to 1, that is because the DVD Video that I purchased for setup suggested that is what I type in for those values.
The final error on the testexchaneconnectivity.com is a HTTP 401 error. When I try to setup from Outlook 2007 I get a screen asking for my password, I type it in and it just keeps on asking for the password again and again, and it will not let me connect.

Attempting to resolve the host name remote.stgeorgescaypower.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   The certificate name is being validated.
  Successfully validated the certificate name
   Additional Details
  Found hostname remote.mydomain.com in Certificate Subject Common name
 
 Certificate trust is being validated.
  The certificate is trusted and all certificates are present in the chain.
   Additional Details
  The Certificate chain has be validated up to a trusted root. Root = E=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
 
 The certificate date is being confirmed to ensure the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  Certificate is valid: NotBefore = 9/6/2010 10:11:17 PM, NotAfter = 9/6/2013 10:11:17 PM"
 
 The IIS configuration is being checked for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates not configured.
 
 ExRCA is attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
   Test Steps
   Attempting to Retrieve XML AutoDiscover Response from url https://remote.mydomain.com/Autodiscover/Autodiscover.xml for user user@mydomain.com
  Failed to obtain AutoDiscover XML response.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown
 
 
 
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
Comment Utility
Ok..the problem with Outlook is easily fixed
Install Exchange 2007 SP3...takes about an hour to install
0
 

Author Comment

by:bahamasands
Comment Utility
CrisHanna,
I will let you know if this corrects my problem.

Thanks for your help so far.
0
 

Author Comment

by:bahamasands
Comment Utility
CrisHanna,
I have installed the SP3 and got all green on the connectivity besides a SLL cert error, do not know what that is about.
SLL Error:
 Certificate trust is being validated.
  The test passed with some warnings encountered. Please expand the additional details.
   Additional Details
  Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ's from your Certificate Authority for more information.
 
Still when I try to create an Outlook Anywhere account from my computer at home it keeps asking for my password. I type it in and it will not connect.  
0
 
LVL 35

Assisted Solution

by:Cris Hanna
Cris Hanna earned 500 total points
Comment Utility
I just got reminded that this is a godaddy cert...did you install the intermediate Cert first?
http://blogs.technet.com/b/sbs/archive/2009/02/11/sean-daniel-how-to-install-a-godaddy-certificate-on-sbs-2008.aspx
 
0
 

Author Comment

by:bahamasands
Comment Utility
CrisHanna,
IT WORKED!!
Below is the solution
SRV Record: Priority=0 Weight=0
Install Exchange 2007 SP3
Install GoDaddy Intermediate Cert first and follow GoDaddy Instructions.
Then Install Godaddy Cert
OutLook Anywhere is now working.
Thanks to you CrisHanna I apprecaite your help.
Anyone else having this problem just follow the steps above.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now