Solved

SBS Server 2008 - Auto Discover does not work for Outlook Anywhere

Posted on 2010-09-17
12
542 Views
Last Modified: 2012-05-10
When I try Outlook Anywhere on testexchangeconectivity.com it fails.
I have a SRV record that points to https://remote.mydomain.com on port 443. Remote Desktop and Outllook Web Access works fine. I have a single go-daddy cert installed, and from the the installation tool at go-daddy it says that it is installed correctly. Is there some service that I need to turn on or and update that needs to be installed? I am only using https over port 443 and do not have http on port 80 open.

Any suggestions would be much apprecaited.

      
0
Comment
Question by:bahamasands
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 33706462
most likely you are missing the autodiscover record...  Check this blog entry from the SBS Diva  http://msmvps.com/blogs/bradley/archive/2008/12/18/autodiscover-and-dns.aspx
0
 

Author Comment

by:bahamasands
ID: 33707716
Hello CrisHanna, I have the same configiration as the blog suggested at godaddy. Below is the error that I receive from testexchsngeconnectivity.com. I am frustrated, the Remote Desktop and Outlook web access work fine.It says it found port 443 and it opened then failed to connect. Could it be something in the server firewall?

 Attempting to test Autodiscover for user@mydomain.com
  Testing Autodiscover failed.
   Test Steps
   ExRCA is attempting each method of contacting the Autodiscover service.
  The Autodiscover service couldn't be contacted successfully by any method.
   Test Steps
   Attempting to test potential AutoDiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name mydomain.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host mydomain.com/ to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
   Tell me more about this issue and how to resolve it
   Additional Details
  A network error occurred while communicating with remote host
Exception details:
Message: The handshake failed due to an unexpected packet format.
Type: System.IO.IOException
Stack trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRca.Tests.SSLCertificateTest.PerformTestReally()
 
 Attempting to test potential AutoDiscover URL https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 
 
 
 ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
  The attempt to contact Autodiscover using the HTTP Redirect method failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
  Failed to contact AutoDiscover using the DNS SRV redirect method.
   Test Steps
   Attempting to locate SRV record _autodiscover._tcp.mydomain.com.com in DNS.
  The Autodiscover SRV record wasn't found in DNS.
   Tell me more about this issue and how to resolve it
 
 
 
 
 
 
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 33709516
The failure your getting is by design...this KB explains it  http://support.microsoft.com/kb/940881
 
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:bahamasands
ID: 33709987
CrisHanna,
I have the SRV Record excactly the way that KB explains. It has to be something that I have overlooked on the server side or the SSL Cert. The Cert is a godaddy cert and the installation tool at godaddy says that it is configured correct. I might have to contact Microsoft to see if they have a solution. If you or anyone else have any other suggestions please let me know.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 33710040
If you logon to OWA or RWW...do you get a red warning about the cert or is it green?
0
 

Author Comment

by:bahamasands
ID: 33711160
CrisHanna, IE and Safari locks and says that this connection is encrypted. If I click on the lock it gives me the correct information about the server and who it is registered to. I was thinking if it was a cert issue then I would not be able to sign in to OWA or RWW without some sort of error. I am lost in the wilderness on this one. I do see another comment here on expertsexchange with the same issue. I will continue to search for a solution. Thanks for your input so far and if you have further suggestions be sure to let me know.
0
 

Author Comment

by:bahamasands
ID: 33711334
CrisHanna,

I changed the SRV record to the following Priority=0 and Weight=0 and now I am getting a lot more green on my test see below. I had them both set to 1, that is because the DVD Video that I purchased for setup suggested that is what I type in for those values.
The final error on the testexchaneconnectivity.com is a HTTP 401 error. When I try to setup from Outlook 2007 I get a screen asking for my password, I type it in and it just keeps on asking for the password again and again, and it will not let me connect.

Attempting to resolve the host name remote.stgeorgescaypower.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   The certificate name is being validated.
  Successfully validated the certificate name
   Additional Details
  Found hostname remote.mydomain.com in Certificate Subject Common name
 
 Certificate trust is being validated.
  The certificate is trusted and all certificates are present in the chain.
   Additional Details
  The Certificate chain has be validated up to a trusted root. Root = E=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
 
 The certificate date is being confirmed to ensure the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  Certificate is valid: NotBefore = 9/6/2010 10:11:17 PM, NotAfter = 9/6/2013 10:11:17 PM"
 
 The IIS configuration is being checked for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates not configured.
 
 ExRCA is attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
   Test Steps
   Attempting to Retrieve XML AutoDiscover Response from url https://remote.mydomain.com/Autodiscover/Autodiscover.xml for user user@mydomain.com
  Failed to obtain AutoDiscover XML response.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown
 
 
 
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
ID: 33711766
Ok..the problem with Outlook is easily fixed
Install Exchange 2007 SP3...takes about an hour to install
0
 

Author Comment

by:bahamasands
ID: 33711888
CrisHanna,
I will let you know if this corrects my problem.

Thanks for your help so far.
0
 

Author Comment

by:bahamasands
ID: 33718215
CrisHanna,
I have installed the SP3 and got all green on the connectivity besides a SLL cert error, do not know what that is about.
SLL Error:
 Certificate trust is being validated.
  The test passed with some warnings encountered. Please expand the additional details.
   Additional Details
  Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ's from your Certificate Authority for more information.
 
Still when I try to create an Outlook Anywhere account from my computer at home it keeps asking for my password. I type it in and it will not connect.  
0
 
LVL 35

Assisted Solution

by:Cris Hanna
Cris Hanna earned 500 total points
ID: 33718543
I just got reminded that this is a godaddy cert...did you install the intermediate Cert first?
http://blogs.technet.com/b/sbs/archive/2009/02/11/sean-daniel-how-to-install-a-godaddy-certificate-on-sbs-2008.aspx
 
0
 

Author Comment

by:bahamasands
ID: 33720915
CrisHanna,
IT WORKED!!
Below is the solution
SRV Record: Priority=0 Weight=0
Install Exchange 2007 SP3
Install GoDaddy Intermediate Cert first and follow GoDaddy Instructions.
Then Install Godaddy Cert
OutLook Anywhere is now working.
Thanks to you CrisHanna I apprecaite your help.
Anyone else having this problem just follow the steps above.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question