Solved

Setting up Autodiscover for Exchange 2010

Posted on 2010-11-24
5
1,919 Views
Last Modified: 2012-05-10
Hi all,

Got Exchange 2010 up and running on server 2008 R2, in a single server scenario.  Everything is fine, except the setting of the Out of Office from within Outlook and I'm getting errors on clients about downloading the offline address book.  Of course, I'm getting the usual "the server is unavailable" message when trying to setup Out Of Office.

All clients are "non domain" and connecting via Outlook Anywhere.  

I did some reading, and it appears this is from the autodiscover service not being set correctly.  In this reading I also found that the SSL certificate should be a UCC certificate, and include the autodiscover.mydomain.com on it.  I didn't do this...mine is for a single site, mail.mydomain.com

I read an article that indicated you could create SRV and A records to alleviate this issue.  I did but perhaps not correctly (or this info is in fact wrong...).

I created an A record for "autodiscover" to point at the IP of the mail server.  Same IP as mail.mydomain.com

I created an SRV record with the following:  
Service: _autodiscover
Protocol: _tcp
Name: mail
Prioriy: 0
Weight: 0
Port:  443
target: mail.mydomain.com
TTL: 1 hour

My out of office still isn't working (same error).  

Output from the following commands from the Exchange Management Shell is:
Get-ClientAccessServer
Name:  MAIL

Get-OABVirtualDirectory
Server: MAIL
Name:  OAB (Default Web Site)
Internal URL:  http://mail.mydomain.com/OAB  (should this be a NON https URL...?)
External URL:  https://mail.mydomain.com/OAB

test-OutlookWebservices|fl
WARNING: An unexpected error has occurred and a Watson dump is being generated: Failed to find the mailbox. Mailbox ='extest_11a8be58e3374@mydomain.com'.
Failed to find the mailbox. Mailbox = 'extest_11a8be58e3374@mydomain.com'.
    + CategoryInfo          : NotSpecified: (:) [Test-OutlookWebServices], MailboxNotFoundException
    + FullyQualifiedErrorId : Microsoft.Exchange.Monitoring.MailboxNotFoundException,Microsoft.Exchange.Management.SystemConfigurationTasks.TestOutlookWebServicesTask

I'm not overly opposed to changing the certificate to a UCC if this is needed.

Tips and comments would be appreciated.

MIke
0
Comment
Question by:mikeshaver
  • 4
5 Comments
 
LVL 1

Author Comment

by:mikeshaver
Comment Utility
Here are the results from testexchangeconnectivity.com for the MS EWS Connectivity Tests:

Exchange Web Services synchronization, notification, availability, and Automatic Replies (OOF).
 Not all of the tests of Exchange Web Services tasks completed.
 Test Steps
 ExRCA is attempting to test Autodiscover for help@mydomain.com.
 Testing Autodiscover failed.
 Test Steps
 Attempting each method of contacting the Autodiscover service.
 The Autodiscover service couldn't be contacted successfully by any method.
 Test Steps
 Attempting to test potential Autodiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name mydomain.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 208.109.xx.xx (this is the IP of my WEB server being returned)

Testing TCP port 443 on host mydomain.com to ensure it's listening and open.
 The specified port is either blocked, not listening, or not producing the expected response.
  Tell me more about this issue and how to resolve it
 Additional Details
 A network error occurred while communicating with the remote host.
Exception details:
Message: No connection could be made because the target machine actively refused it 208.109.181.xx.xx  (this is the IP of the WEB server, where I don't use SSL)
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()

Attempting to test potential Autodiscover URL https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name autodiscover.mydomain.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 64.xx.xx.xx  (the correct IP of my mail server)

Testing TCP port 443 on host autodiscover.mydomain.com to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The SSL certificate failed one or more certificate validation checks.
 Test Steps
 Validating the certificate name.
 Certificate name validation failed.
  Tell me more about this issue and how to resolve it
 Additional Details
 Host name autodiscover.mydomain.com doesn't match any name found on the server certificate CN=mail.mydomain.com, OU=Domain Control Validated, O=mail.mydomain.com.


Attempting to contact the Autodiscover service using the HTTP redirect method.
 The attempt to contact Autodiscover using the HTTP Redirect method failed.
 Test Steps
 Attempting to resolve the host name autodiscover.mydomain.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 64.x.x.x (correct address of mail server)

Testing TCP port 80 on host autodiscover.mydomain.com to ensure it's listening and open.
 The port was opened successfully.
ExRCA is checking the host autodiscover.mydomain.com for an HTTP redirect to the Autodiscover service.
 ExRCA failed to get an HTTP redirect response for Autodiscover.
 Additional Details
 An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body of the response: You do not have permission to view this directory or page.

Attempting to contact the Autodiscover service using the DNS SRV redirect method.
 ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
 Test Steps
 Attempting to locate SRV record _autodiscover._tcp.mydomain.com in DNS.
 The Autodiscover SRV record wasn't found in DNS.
  Tell me more about this issue and how to resolve it  
0
 
LVL 1

Author Comment

by:mikeshaver
Comment Utility
A little more troubleshooting and a bit closer...

The Out of Office WORKS from Outlook, with someone who's email address is on the "mydomain.com", for example me@mydomain.com.  That person can successfully set the Out Of Office from within Outlook.

Issue is for those who's primary email addresses are NOT at "mydomain.com", such as you@otherdomain.com (who's MX record points to mail.mydomain.com and sends/receives email no problem).  

The people who's primary addresses are NOT user@mydomain.com login with a username such as mydomain\user and their password.  When they use OWA at https://mail.mydomain.com/owa they can login with just user/pass (no domain needed).

Ideas?
0
 
LVL 31

Accepted Solution

by:
MegaNuk3 earned 500 total points
Comment Utility
Add another autodiscover SRV record in the otherdomain DNS settings
0
 
LVL 1

Author Comment

by:mikeshaver
Comment Utility
As in "autodiscover.otherdomains.com" on tcp 443 (same as the srv for autodiscover.mydomain.com"?
0
 
LVL 1

Author Comment

by:mikeshaver
Comment Utility
For others, full details on adding the SRV records is at this question:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26639664.html

Mike
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now