JasonJewett
asked on
Exchange 2007 Autodiscover settings stopping Out of Office replies from working
Hello. I'm not able to set an Outlook Out of Office message from any Outlook client on the network on a brand new SBS2008 server. After doing some research, I think it might have something to do with the autodiscover settings not being correct. Below is the result from test-outlookwebservices
Id : 1003
Type : Information
Message : About to test AutoDiscover with the e-mail address Administrator@IDS-
eng.net.
Id : 1007
Type : Information
Message : Testing server IDS-01.ids.local with the published name https://sites
/EWS/Exchange.asmx & https://mail.ids-eng.com/EWS/Exchange.asmx.
Id : 1019
Type : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
URL on this object is https://sites/Autodiscover/Autodiscover.xml.
Id : 1013
Type : Error
Message : When contacting https://sites/Autodiscover/Autodiscover.xml received
the error The remote server returned an error: (401) Unauthorized.
Id : 1006
Type : Error
Message : The Autodiscover service could not be contacted.
I do not have a third party SSL certificate yet.
I'm not too familiar with autodiscovery and dont really know where to look so any help would be awesome!
Id : 1003
Type : Information
Message : About to test AutoDiscover with the e-mail address Administrator@IDS-
eng.net.
Id : 1007
Type : Information
Message : Testing server IDS-01.ids.local with the published name https://sites
/EWS/Exchange.asmx & https://mail.ids-eng.com/EWS/Exchange.asmx.
Id : 1019
Type : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
URL on this object is https://sites/Autodiscover/Autodiscover.xml.
Id : 1013
Type : Error
Message : When contacting https://sites/Autodiscover/Autodiscover.xml received
the error The remote server returned an error: (401) Unauthorized.
Id : 1006
Type : Error
Message : The Autodiscover service could not be contacted.
I do not have a third party SSL certificate yet.
I'm not too familiar with autodiscovery and dont really know where to look so any help would be awesome!
What is the error message you receive, while trying to set Out of Office in Outlook ?
ASKER
Your automatic reply settings cannot be displayed because ther server is currently unavailable. Try again later.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
sorry - you lost me.
I cant ping autodiscover.ids-eng.net from inside the network, and I dont have an a record for autodiscover.ids-eng.net on the outside so it for sure won't work.
Do I need to add a DNS entry so that autodiscover.ids-eng.net resolves to the server IP?
I get a SSL error going to https://<servername>/Autodiscover/ Autodiscov er.xml. if i continue past that I get a authentication prompt that i cant get past no matter what username/pass I use.
I cant ping autodiscover.ids-eng.net from inside the network, and I dont have an a record for autodiscover.ids-eng.net on the outside so it for sure won't work.
Do I need to add a DNS entry so that autodiscover.ids-eng.net resolves to the server IP?
I get a SSL error going to https://<servername>/Autodiscover/
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
MrPaulT: NS lookup didnt respond to autodiscover.domain.com so i added an A record to point to the server IP and now it does.
ASKER
v_9mhdrf: thanks. Lot to do - I'll let you know what happens.
Autodiscover = Basic + Windows Integrated + SSL Forced == Disable - Kernel Mode Authentication.
OAB= Windows Integrated = Disable - Kernel Mode Authentication.
EWS= Windows Integrated = Disable - Kernel Mode Authentication + SSL forced.
Where are these in IIS7?
Autodiscover = Basic + Windows Integrated + SSL Forced == Disable - Kernel Mode Authentication.
OAB= Windows Integrated = Disable - Kernel Mode Authentication.
EWS= Windows Integrated = Disable - Kernel Mode Authentication + SSL forced.
Where are these in IIS7?
If you are using Windows 2008 server then you will have IIS 7 in Administrative Tools.
And you have to highlight the Autodiscover directory in features view you would find the icons with Authentication/ SSL settings.
When you click the Authenticatio icon, you would find the multiple Authentications.
Click on Windows Integrated Authentication and on the extreme right hand side top, you will find Advance settings, click on it and there you will find Kernel Mode Authentication.
But if you have Exchange 2007 sp1 Roll up update 5 or later then you dont have worry about kernel mode, however to confirm please check it.
Hope it helps!
Thanks
And you have to highlight the Autodiscover directory in features view you would find the icons with Authentication/ SSL settings.
When you click the Authenticatio icon, you would find the multiple Authentications.
Click on Windows Integrated Authentication and on the extreme right hand side top, you will find Advance settings, click on it and there you will find Kernel Mode Authentication.
But if you have Exchange 2007 sp1 Roll up update 5 or later then you dont have worry about kernel mode, however to confirm please check it.
Hope it helps!
Thanks
ASKER
v_9mhdrf: thanks.
Just to confirm:
Autodiscover: Basic = yes Windows = yes SSL = Yes. No Kernel Mode
OAB: Basic = no (mine is yes now), Windows = Yes. SSL = no. (mine is yes now) No Kernel Mode
EWS: Basic = no (mine is yes now), Windows = Yes. SSL = Yes. No Kernel Mode
I dont have an SSL cert and I get prompted for one often. Could that have anything to do with this?
Just to confirm:
Autodiscover: Basic = yes Windows = yes SSL = Yes. No Kernel Mode
OAB: Basic = no (mine is yes now), Windows = Yes. SSL = no. (mine is yes now) No Kernel Mode
EWS: Basic = no (mine is yes now), Windows = Yes. SSL = Yes. No Kernel Mode
I dont have an SSL cert and I get prompted for one often. Could that have anything to do with this?
You dont have SSL cert in Exchange 2007?
In Exchange 2007 Cert is default created and make sure that you have the SSL is Enabled on the server.
And please disable Basic auth from OAB virtual directory.
Check out and revert with SSL cert info....
In Exchange 2007 Cert is default created and make sure that you have the SSL is Enabled on the server.
And please disable Basic auth from OAB virtual directory.
Check out and revert with SSL cert info....
take a look at this and post errors
https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_3704-Troubleshooting-Outlook-Certificate-Errors.html
https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_3704-Troubleshooting-Outlook-Certificate-Errors.html
ASKER
still no luck. I'll keep trying.
can you post results from the tests and/or cmdlets
ASKER
Sorry to abandon this. I needed to add Autodiscover A records in DNS and that seemed to help. I didnt have the correct A records before.