asked on
Autodiscover
Hello,
Just installed an SBS2008/Exchange 2007. Autodiscover test (testexchangeconnectivity.
Autodiscover.domain.com has been added (host) to point to the public (static) IP address and have also opened up the ports on the router.
I have installed a basic (single) SSL cert from Godaddy and installed with no issues.
Issues:
*Autodiscover test fails (testexchagenconnectivity.
*Outlook continues to prompt for user name and password when connecting on the local network.
Note: if you close the login prompt, exchange remains connected to exchange.
Receive (security alert) - Information you exchange with this site cannot be viewed or changed by others........
(two green checks for - This security cetificate is trusted.....-The security certificate is valid.
One red X on - The name on the security certificate is invalid or does not match the name of the site
Just installed an SBS2008/Exchange 2007. Autodiscover test (testexchangeconnectivity.
Autodiscover.domain.com has been added (host) to point to the public (static) IP address and have also opened up the ports on the router.
I have installed a basic (single) SSL cert from Godaddy and installed with no issues.
Issues:
*Autodiscover test fails (testexchagenconnectivity.
*Outlook continues to prompt for user name and password when connecting on the local network.
Note: if you close the login prompt, exchange remains connected to exchange.
Receive (security alert) - Information you exchange with this site cannot be viewed or changed by others........
(two green checks for - This security cetificate is trusted.....-The security certificate is valid.
One red X on - The name on the security certificate is invalid or does not match the name of the site
ExchangeSBS
Last Comment
jjoz
Your certificate does not include the autodiscover hostname...
Mittermuller is right, your cert doesn't include the autodiscover.yourdomain.co
Other than that ensure you install at least E2k7 SP2 (SP3 is out) as that resolves several password prompt issues
Other than that ensure you install at least E2k7 SP2 (SP3 is out) as that resolves several password prompt issues
http://forums.msexchange.org/m_1800490184/printable.htm
http://social.technet.microsoft.com/Forums/en/exchangesvrmigration/thread/ed0d0f51-3df4-47bb-a822-7ffb9520ad15
http://www.networksteve.com/exchange/topic.php/Problems_connecting_to_Exchange_Server_via_Outlook,_Outlook_Web/?TopicId=19489&Posts=4
http://www.winserverkb.com/Uwe/Forum.aspx/exchange-admin/74723/Autodiscover-not-working
http://social.technet.microsoft.com/Forums/en/exchangesvrmigration/thread/ed0d0f51-3df4-47bb-a822-7ffb9520ad15
http://www.networksteve.com/exchange/topic.php/Problems_connecting_to_Exchange_Server_via_Outlook,_Outlook_Web/?TopicId=19489&Posts=4
http://www.winserverkb.com/Uwe/Forum.aspx/exchange-admin/74723/Autodiscover-not-working
ASKER
MitterMueller - Does that mean I have to purchase another cert? Should I have purchased a multiple domain cert?
the certificate needs to to have multiple hostnames in it (not domains). So the certificate will respond to all hostnames of that server (e.g. msdc01, msdc01.mydomain.local, msdc01.dyndns.org, autodiscover.mydomain.loca
mydomain.local, etc.).
Maybe you can get Godaddy to setup a new one will ALL names you need (aliases for your hostname).
mydomain.local, etc.).
Maybe you can get Godaddy to setup a new one will ALL names you need (aliases for your hostname).
ASKER
Hello,
I ran the autodiscover active sync test and here are the results:
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Testing of Autodiscover for Exchange ActiveSync failed.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential Autodiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name aasdcs.org in DNS.
The host name couldn't be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host aasdcs.org couldn't be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE
Stack trace:
at System.Net.Dns.GetAddrInfo
at System.Net.Dns.InternalGet
at System.Net.Dns.GetHostAddr
at Microsoft.Exchange.Tools.E
.
Attempting to test potential Autodiscover URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 68.XX.XX.XX
Testing TCP port 443 on host autodiscover.aasdcs.org to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
Validating the certificate name.
Certificate name validation failed.
Tell me more about this issue and how to resolve it
Additional Details
Host name autodiscover.aasdcs.org doesn't match any name found on the server certificate CN=remote.aasdcs.org, OU=Domain Control Validated, O=remote.aasdcs.org.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 68.XX.X.XX
Testing TCP port 80 on host autodiscover.domain.com to ensure it's listening and open.
The port was opened successfully.
ExRCA is checking the host autodiscover.domain.com for an HTTP redirect to the Autodiscover service.
ExRCA failed to get an HTTP redirect response for Autodiscover.
Additional Details
A Web exception occurred because an HTTP 404 - NotFound response was received from IIS7.
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.domain.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
I changed my domain info to show: domain.com.
Hope this provides a little more info.
I ran the autodiscover active sync test and here are the results:
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Testing of Autodiscover for Exchange ActiveSync failed.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential Autodiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name aasdcs.org in DNS.
The host name couldn't be resolved.
Tell me more about this issue and how to resolve it
Additional Details
Host aasdcs.org couldn't be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketE
Stack trace:
at System.Net.Dns.GetAddrInfo
at System.Net.Dns.InternalGet
at System.Net.Dns.GetHostAddr
at Microsoft.Exchange.Tools.E
.
Attempting to test potential Autodiscover URL https://autodiscover.domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 68.XX.XX.XX
Testing TCP port 443 on host autodiscover.aasdcs.org to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
Validating the certificate name.
Certificate name validation failed.
Tell me more about this issue and how to resolve it
Additional Details
Host name autodiscover.aasdcs.org doesn't match any name found on the server certificate CN=remote.aasdcs.org, OU=Domain Control Validated, O=remote.aasdcs.org.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.domain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 68.XX.X.XX
Testing TCP port 80 on host autodiscover.domain.com to ensure it's listening and open.
The port was opened successfully.
ExRCA is checking the host autodiscover.domain.com for an HTTP redirect to the Autodiscover service.
ExRCA failed to get an HTTP redirect response for Autodiscover.
Additional Details
A Web exception occurred because an HTTP 404 - NotFound response was received from IIS7.
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.domain.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
I changed my domain info to show: domain.com.
Hope this provides a little more info.
Are you forwarding port 80/443 to the new exchange 2007 server?
ASKER
MegaNuk - Yes.
ASKER
Actuall no, I configured a virtual server. I think it might have something to do with IIS. It might be that the default sites are not set for remote.domain.com, could that be it? Trying to test now.
You can test autodiscover internally by holding down the CTRL key and then right clicking on the outlook icon in the bottom right hand side of your screen and selecting "Test Autoconfiguration" then select only the autodiscover options and enter credentials.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Adding SRV record allowed users using Outlook locally to authenticate without a user name and password. This also stopped the security warning when opening outlook (users outside the network).
ok, many thanks for your clarification so I'll try to create the following records to match whatever I've got in my SAN certificate:
1. ExCAS01.domain.com - Exchange CAS A Record
2. Autodiscover.domain.com - Autodiscover CNAME to the CAS Server above
3. _autodiscover._tcp.domain.
only number two (Autodiscover.domain.com) that is listed in my SAN certificate, do I need to create SAN entry for my ExCAS01.domain.com as well ?
I just want to make Outlook Anywhere working with external user with Outlook 2007 SP2
1. ExCAS01.domain.com - Exchange CAS A Record
2. Autodiscover.domain.com - Autodiscover CNAME to the CAS Server above
3. _autodiscover._tcp.domain.
only number two (Autodiscover.domain.com) that is listed in my SAN certificate, do I need to create SAN entry for my ExCAS01.domain.com as well ?
I just want to make Outlook Anywhere working with external user with Outlook 2007 SP2