LSolt
asked on
Post Exchange 2010 upg OOF not working
Have been reviewing a plethora of Out Of Office failure postings, but have not been able to isolate the issues we are experiencing. As with most cases the cryptic message pops up when users try to set their Out of Office message telling them that server is not available and to try again later.
Background: We have recently completed an SBS 2003 to Exchange 2010 upgradefollowing the guidance in the paper outlined on this site.
Ran the "Test E-Mail AutoConfiguration" from Outlook client and saw the following errors. Have installed GoDaddy SSL Cert which seems to be working as we are not getting SSL Cert errors with OWA.
Ran the
This also may be unrelated to OOF issue, not sure just providing input in case someone has seen this.
Tried adjusting the authentication on EWS virtual directory and issueing subsequent IISRESET with no change.
Need another set of eyes to see what is askew. Thanks!!
Background: We have recently completed an SBS 2003 to Exchange 2010 upgradefollowing the guidance in the paper outlined on this site.
Ran the "Test E-Mail AutoConfiguration" from Outlook client and saw the following errors. Have installed GoDaddy SSL Cert which seems to be working as we are not getting SSL Cert errors with OWA.
Ran the
This also may be unrelated to OOF issue, not sure just providing input in case someone has seen this.
Tried adjusting the authentication on EWS virtual directory and issueing subsequent IISRESET with no change.
Need another set of eyes to see what is askew. Thanks!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No Proxy servers being used at site.
ASKER
Heading to a series of meetings. WIll check Cert errors shortly. Thanks
it is a certificate error, so look at the article i posted earlier
post the results of any errors while going thru the article
post the results of any errors while going thru the article
ASKER
Here is the text from the test: Saw some errors but wanted to throw this out before starting to make changes.
1. I noticed the AutoDiscoverServiceInterna lUri does not look right.
[PS] C:\Windows\system32>Get-ExchangeCertificate | where { $_.Services.ToString().Con tains("IIS ") -eq $true } | fl
AccessRules : {System.Security.AccessCon trol.Crypt oKeyAccess Rule, System.Security.AccessCont rol.Crypto KeyAccessR
ule, System.Security.AccessCont rol.Crypto KeyAccessR ule}
CertificateDomains : {mail.Ext-Domain.com, www.mail.Ext-Domain.com}
HasPrivateKey : True
IsSelfSigned : False
Issuer : SERIALNUMBER=099999987, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.
com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter : 9/7/2015 9:31:57 AM
NotBefore : 9/7/2010 9:31:57 AM
PublicKeySize : 2048
RootCAType : ThirdParty
SerialNumber : 4F03999999992
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=mail.Ext-Domain.com, OU=Domain Control Validated, O=mail.Ext-Domain.com
Thumbprint : B10F36B999999999999992C635 BF88C99999
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-ClientAccessServer exchange1.Int-Domain.local | fl AutoDiscoverServiceInterna lUri
AutoDiscoverServiceInterna lUri : https://https//exchange1.Int-Domain.local/autodiscover/autodiscover.xml
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-WebServicesVirtualDire ctory | fl *Url
InternalNLBBypassUrl : https://exchange1.Int-Domain.local/ews/exchange.asmx
InternalUrl : https://exchange1.Int-Domain.local/EWS/Exchange.asmx
ExternalUrl : https://mail.Ext-Domain.com/ews/exchange.asmx
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-OabVirtualDirectory | fl *Url
InternalUrl : http://exchange1.Int-Domain.local/OAB
ExternalUrl : https://mail.Ext-Domain.com/OAB
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-AutodiscoverVirtualDir ectory | fl *Url
InternalUrl :
ExternalUrl :
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-OutlookAnywhere | fl External*
ExternalHostname : mail.Ext-Domain.com
[PS] C:\Windows\system32>
1. I noticed the AutoDiscoverServiceInterna
[PS] C:\Windows\system32>Get-ExchangeCertificate | where { $_.Services.ToString().Con
AccessRules : {System.Security.AccessCon
ule, System.Security.AccessCont
CertificateDomains : {mail.Ext-Domain.com, www.mail.Ext-Domain.com}
HasPrivateKey : True
IsSelfSigned : False
Issuer : SERIALNUMBER=099999987, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.
com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter : 9/7/2015 9:31:57 AM
NotBefore : 9/7/2010 9:31:57 AM
PublicKeySize : 2048
RootCAType : ThirdParty
SerialNumber : 4F03999999992
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=mail.Ext-Domain.com, OU=Domain Control Validated, O=mail.Ext-Domain.com
Thumbprint : B10F36B999999999999992C635
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-ClientAccessServer exchange1.Int-Domain.local
AutoDiscoverServiceInterna
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-WebServicesVirtualDire
InternalNLBBypassUrl : https://exchange1.Int-Domain.local/ews/exchange.asmx
InternalUrl : https://exchange1.Int-Domain.local/EWS/Exchange.asmx
ExternalUrl : https://mail.Ext-Domain.com/ews/exchange.asmx
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-OabVirtualDirectory | fl *Url
InternalUrl : http://exchange1.Int-Domain.local/OAB
ExternalUrl : https://mail.Ext-Domain.com/OAB
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-AutodiscoverVirtualDir
InternalUrl :
ExternalUrl :
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-OutlookAnywhere | fl External*
ExternalHostname : mail.Ext-Domain.com
[PS] C:\Windows\system32>
yes, that would cause outlook not to discover web services and oof would not work
you should run
set-clientaccessserver <server> -AutoDiscoverServiceIntern alUri https://exchange1.Int-Domain.local/autodiscover/autodiscover.xml
the other issue you have is exchange1.int-domain.local does not appear in your certificate
this will cause certificate errrors and also cause autodiscover to fail
can you add this name to your certificate
you should run
set-clientaccessserver <server> -AutoDiscoverServiceIntern
the other issue you have is exchange1.int-domain.local
this will cause certificate errrors and also cause autodiscover to fail
can you add this name to your certificate
ASKER
Not sure on syntax to correct AutoDiscoveryServiceIntern alUri.
Tried below and was given "not valid value for identity"
Set-ClientAccessServer https://exchange1.Int-Domain.local/autodiscover/autodiscover.xml AutoDiscoverServiceInterna lUri
Tried below and was given "not valid value for identity"
Set-ClientAccessServer https://exchange1.Int-Domain.local/autodiscover/autodiscover.xml AutoDiscoverServiceInterna
ASKER
I am not sure if I can add name to cert. Think it needs to be reissued... no?
Trying your syntax.
Trying your syntax.
replace <server> from mine with your server name
replace exhange1-int-domain.local with your fqdn
replace exhange1-int-domain.local with your fqdn
ASKER
Here is the new output:
[PS] C:\Windows\system32>Get-Cl ientAccess Server exchange1.Int-Domain.local | fl AutoDiscoverServiceInterna lUri
AutoDiscoverServiceInterna lUri : https://exchange1.Int-Domain.local/autodiscover/autodiscover.xml
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-Cl
AutoDiscoverServiceInterna
[PS] C:\Windows\system32>
ASKER
For the Internal Name should we use a self-signed or would it be better to get GoDaddy to add it to the existing cert?
you can only assign one certificate per site
you'll need to contact GoDaddy about adding the name
you'll need to contact GoDaddy about adding the name
ASKER
Good news. OOF is working however I am running into the cert issue.
ASKER
Understand. Will call them now.
excellent, once the fqdn is added you should be all set
ASKER
Appreciate all the help!!!! Just to confirm it is the internal FQDN that needs to be added. Not the short name.
yes, exchange1.Int-Domain.local
ASKER
Thanks. On the phone with them now.
ASKER
Thanks! I actually was advised to use the UCC version with 5 domain names which the CSR generated and was picked up during the generation process.
ASKER
Excellent help!!
Hint: Do you use a proxy server? If you use a proxy server you shall exclude in the Web Browser the URL addresses used by the exchange web services
Let's determine first if the problem is relate to your servers or the connections that your Outlook clients are trying to do. One way of determining the scope of this problem is to try confuguring the Out of Office Assistant using OWA. Please make this check and let us know the results