Solved

SBS Server 2008 - Auto Discover does not work for Outlook Anywhere

Posted on 2010-09-17
12
529 Views
Last Modified: 2012-05-10
When I try Outlook Anywhere on testexchangeconectivity.com it fails.
I have a SRV record that points to https://remote.mydomain.com on port 443. Remote Desktop and Outllook Web Access works fine. I have a single go-daddy cert installed, and from the the installation tool at go-daddy it says that it is installed correctly. Is there some service that I need to turn on or and update that needs to be installed? I am only using https over port 443 and do not have http on port 80 open.

Any suggestions would be much apprecaited.

      
0
Comment
Question by:bahamasands
  • 7
  • 5
12 Comments
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 33706462
most likely you are missing the autodiscover record...  Check this blog entry from the SBS Diva  http://msmvps.com/blogs/bradley/archive/2008/12/18/autodiscover-and-dns.aspx
0
 

Author Comment

by:bahamasands
ID: 33707716
Hello CrisHanna, I have the same configiration as the blog suggested at godaddy. Below is the error that I receive from testexchsngeconnectivity.com. I am frustrated, the Remote Desktop and Outlook web access work fine.It says it found port 443 and it opened then failed to connect. Could it be something in the server firewall?

 Attempting to test Autodiscover for user@mydomain.com
  Testing Autodiscover failed.
   Test Steps
   ExRCA is attempting each method of contacting the Autodiscover service.
  The Autodiscover service couldn't be contacted successfully by any method.
   Test Steps
   Attempting to test potential AutoDiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name mydomain.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host mydomain.com/ to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
   Tell me more about this issue and how to resolve it
   Additional Details
  A network error occurred while communicating with remote host
Exception details:
Message: The handshake failed due to an unexpected packet format.
Type: System.IO.IOException
Stack trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRca.Tests.SSLCertificateTest.PerformTestReally()
 
 Attempting to test potential AutoDiscover URL https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 
 
 
 ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
  The attempt to contact Autodiscover using the HTTP Redirect method failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The Host could not be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
 
 ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
  Failed to contact AutoDiscover using the DNS SRV redirect method.
   Test Steps
   Attempting to locate SRV record _autodiscover._tcp.mydomain.com.com in DNS.
  The Autodiscover SRV record wasn't found in DNS.
   Tell me more about this issue and how to resolve it
 
 
 
 
 
 
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 33709516
The failure your getting is by design...this KB explains it  http://support.microsoft.com/kb/940881
 
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:bahamasands
ID: 33709987
CrisHanna,
I have the SRV Record excactly the way that KB explains. It has to be something that I have overlooked on the server side or the SSL Cert. The Cert is a godaddy cert and the installation tool at godaddy says that it is configured correct. I might have to contact Microsoft to see if they have a solution. If you or anyone else have any other suggestions please let me know.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 33710040
If you logon to OWA or RWW...do you get a red warning about the cert or is it green?
0
 

Author Comment

by:bahamasands
ID: 33711160
CrisHanna, IE and Safari locks and says that this connection is encrypted. If I click on the lock it gives me the correct information about the server and who it is registered to. I was thinking if it was a cert issue then I would not be able to sign in to OWA or RWW without some sort of error. I am lost in the wilderness on this one. I do see another comment here on expertsexchange with the same issue. I will continue to search for a solution. Thanks for your input so far and if you have further suggestions be sure to let me know.
0
 

Author Comment

by:bahamasands
ID: 33711334
CrisHanna,

I changed the SRV record to the following Priority=0 and Weight=0 and now I am getting a lot more green on my test see below. I had them both set to 1, that is because the DVD Video that I purchased for setup suggested that is what I type in for those values.
The final error on the testexchaneconnectivity.com is a HTTP 401 error. When I try to setup from Outlook 2007 I get a screen asking for my password, I type it in and it just keeps on asking for the password again and again, and it will not let me connect.

Attempting to resolve the host name remote.stgeorgescaypower.com in DNS.
  Host successfully resolved
   Additional Details
  IP(s) returned: 000.000.000.0
 
 Testing TCP Port 443 on host remote.mydomain.com to ensure it is listening and open.
  The port was opened successfully.
 ExRCA is testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   The certificate name is being validated.
  Successfully validated the certificate name
   Additional Details
  Found hostname remote.mydomain.com in Certificate Subject Common name
 
 Certificate trust is being validated.
  The certificate is trusted and all certificates are present in the chain.
   Additional Details
  The Certificate chain has be validated up to a trusted root. Root = E=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
 
 The certificate date is being confirmed to ensure the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  Certificate is valid: NotBefore = 9/6/2010 10:11:17 PM, NotAfter = 9/6/2013 10:11:17 PM"
 
 The IIS configuration is being checked for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates not configured.
 
 ExRCA is attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
   Test Steps
   Attempting to Retrieve XML AutoDiscover Response from url https://remote.mydomain.com/Autodiscover/Autodiscover.xml for user user@mydomain.com
  Failed to obtain AutoDiscover XML response.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown
 
 
 
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
ID: 33711766
Ok..the problem with Outlook is easily fixed
Install Exchange 2007 SP3...takes about an hour to install
0
 

Author Comment

by:bahamasands
ID: 33711888
CrisHanna,
I will let you know if this corrects my problem.

Thanks for your help so far.
0
 

Author Comment

by:bahamasands
ID: 33718215
CrisHanna,
I have installed the SP3 and got all green on the connectivity besides a SLL cert error, do not know what that is about.
SLL Error:
 Certificate trust is being validated.
  The test passed with some warnings encountered. Please expand the additional details.
   Additional Details
  Only able to build certificate chain when using the Root Certificate Update functionality from Windows Update. Your server may not be properly configured to send down the required intermediate certificates to complete the chain. Consult the certificate installation instructions or FAQ's from your Certificate Authority for more information.
 
Still when I try to create an Outlook Anywhere account from my computer at home it keeps asking for my password. I type it in and it will not connect.  
0
 
LVL 35

Assisted Solution

by:Cris Hanna
Cris Hanna earned 500 total points
ID: 33718543
I just got reminded that this is a godaddy cert...did you install the intermediate Cert first?
http://blogs.technet.com/b/sbs/archive/2009/02/11/sean-daniel-how-to-install-a-godaddy-certificate-on-sbs-2008.aspx
 
0
 

Author Comment

by:bahamasands
ID: 33720915
CrisHanna,
IT WORKED!!
Below is the solution
SRV Record: Priority=0 Weight=0
Install Exchange 2007 SP3
Install GoDaddy Intermediate Cert first and follow GoDaddy Instructions.
Then Install Godaddy Cert
OutLook Anywhere is now working.
Thanks to you CrisHanna I apprecaite your help.
Anyone else having this problem just follow the steps above.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to start a hyper-v in safe mode 5 72
Info tab in iTune 9 21
Gmail using imap and Outlook 2013 5 36
exchange, outlook 20 30
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question