Solved

Post Exchange 2010 upg OOF not working

Posted on 2010-09-22
22
605 Views
Last Modified: 2012-06-27
Have been reviewing a plethora of Out Of Office failure postings, but have not been able to isolate the issues we are experiencing. As with most cases the cryptic message pops up when users try to set their Out of Office message telling them that server is not available and to try again later.

Background: We have recently completed an SBS 2003 to Exchange 2010 upgradefollowing the guidance in the paper outlined on this site.

Ran the "Test E-Mail AutoConfiguration" from Outlook client and saw the following errors. Have installed GoDaddy SSL Cert which seems to be working as we are not getting SSL Cert errors with OWA.

Ran the    Autodiscover errors
This also may be unrelated to OOF issue, not sure just providing input in case someone has seen this.

Tried adjusting the authentication on EWS virtual directory and issueing subsequent IISRESET with no change.

Need another set of eyes to see what is askew. Thanks!!
0
Comment
Question by:LSolt
  • 13
  • 8
22 Comments
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 33733546

Hint: Do you use a proxy server? If you use a proxy server you shall exclude in the Web Browser the URL addresses used by the exchange web services


Let's determine first if the problem is relate to your servers or the connections that your Outlook clients are trying to do. One way of determining the scope of this problem is to try confuguring the Out of Office Assistant using OWA. Please make this check and let us know the results


0
 
LVL 32

Accepted Solution

by:
endital1097 earned 500 total points
ID: 33733564
0
 

Author Comment

by:LSolt
ID: 33733597
No Proxy servers being used at site.
0
 

Author Comment

by:LSolt
ID: 33733610
Heading to a series of meetings. WIll check Cert errors shortly. Thanks
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33733626
it is a certificate error, so look at the article i posted earlier
post the results of any errors while going thru the article
0
 

Author Comment

by:LSolt
ID: 33740038
Here is the text from the test: Saw some errors but wanted to throw this out before starting to make changes.
1. I noticed the AutoDiscoverServiceInternalUri does not look right.
 

[PS] C:\Windows\system32>Get-ExchangeCertificate | where { $_.Services.ToString().Contains("IIS") -eq $true } | fl

AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessR
                     ule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {mail.Ext-Domain.com, www.mail.Ext-Domain.com}
HasPrivateKey      : True
IsSelfSigned       : False
Issuer             : SERIALNUMBER=099999987, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.
                     com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter           : 9/7/2015 9:31:57 AM
NotBefore          : 9/7/2010 9:31:57 AM
PublicKeySize      : 2048
RootCAType         : ThirdParty
SerialNumber       : 4F03999999992
Services           : IMAP, POP, IIS, SMTP
Status             : Valid
Subject            : CN=mail.Ext-Domain.com, OU=Domain Control Validated, O=mail.Ext-Domain.com
Thumbprint         : B10F36B999999999999992C635BF88C99999
 
[PS] C:\Windows\system32>

[PS] C:\Windows\system32>Get-ClientAccessServer exchange1.Int-Domain.local | fl AutoDiscoverServiceInternalUri

AutoDiscoverServiceInternalUri : https://https//exchange1.Int-Domain.local/autodiscover/autodiscover.xml 
 
[PS] C:\Windows\system32>
 
[PS] C:\Windows\system32>Get-WebServicesVirtualDirectory | fl *Url

InternalNLBBypassUrl : https://exchange1.Int-Domain.local/ews/exchange.asmx
InternalUrl          : https://exchange1.Int-Domain.local/EWS/Exchange.asmx
ExternalUrl          : https://mail.Ext-Domain.com/ews/exchange.asmx 
 
[PS] C:\Windows\system32>

[PS] C:\Windows\system32>Get-OabVirtualDirectory | fl *Url

InternalUrl : http://exchange1.Int-Domain.local/OAB
ExternalUrl : https://mail.Ext-Domain.com/OAB 
 
[PS] C:\Windows\system32>

[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | fl *Url

InternalUrl :
ExternalUrl :
 
[PS] C:\Windows\system32>
[PS] C:\Windows\system32>Get-OutlookAnywhere | fl External*

ExternalHostname : mail.Ext-Domain.com
 
[PS] C:\Windows\system32>
 
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33740067
yes, that would cause outlook not to discover web services and oof would not work

you should run
set-clientaccessserver <server> -AutoDiscoverServiceInternalUri https://exchange1.Int-Domain.local/autodiscover/autodiscover.xml

the other issue you have is exchange1.int-domain.local does not appear in your certificate
this will cause certificate errrors and also cause autodiscover to fail

can you add this name to your certificate
0
 

Author Comment

by:LSolt
ID: 33740089
Not sure on syntax to correct AutoDiscoveryServiceInternalUri.

Tried below and was given "not valid value for identity"

Set-ClientAccessServer https://exchange1.Int-Domain.local/autodiscover/autodiscover.xml AutoDiscoverServiceInternalUri
0
 

Author Comment

by:LSolt
ID: 33740094
I am not sure if I can add name to cert. Think it needs to be reissued... no?

Trying your syntax.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33740103
replace <server> from mine with your server name
replace exhange1-int-domain.local with your fqdn
0
 

Author Comment

by:LSolt
ID: 33740108
Here is the new output:

[PS] C:\Windows\system32>Get-ClientAccessServer exchange1.Int-Domain.local | fl AutoDiscoverServiceInternalUri


AutoDiscoverServiceInternalUri : https://exchange1.Int-Domain.local/autodiscover/autodiscover.xml



[PS] C:\Windows\system32>
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:LSolt
ID: 33740111
For the Internal Name should we use a self-signed or would it be better to get GoDaddy to add it to the existing cert?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33740130
you can only assign one certificate per site
you'll need to contact GoDaddy about adding the name
0
 

Author Comment

by:LSolt
ID: 33740132
Good news. OOF is working however I am running into the cert issue.
0
 

Author Comment

by:LSolt
ID: 33740133
Understand. Will call them now.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33740151
excellent, once the fqdn is added you should be all set
0
 

Author Comment

by:LSolt
ID: 33740164
Appreciate all the help!!!! Just to confirm it is the internal FQDN that needs to be added. Not the short name.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33740176
yes, exchange1.Int-Domain.local
0
 

Author Comment

by:LSolt
ID: 33740199
Thanks. On the phone with them now.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33740226
here is link you may need
http://help.godaddy.com/article/4976
0
 

Author Comment

by:LSolt
ID: 33740376
Thanks! I actually was advised to use the UCC version with 5 domain names which the CSR generated and was picked up during the generation process.
0
 

Author Closing Comment

by:LSolt
ID: 33740382
Excellent help!!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

28 Experts available now in Live!

Get 1:1 Help Now