• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2189
  • Last Modified:

Exchange AutoDiscover 401 Unauthorized on New SBS 2008 Install

Hi Experts,

I just complete a SBS 2008 install and have noticed that I'm getting some AutoDiscover errors in Exchange 07.

I used a GoDaddy SSL installed through wizard and manually imported the intermediate cert to correct intermediate cert store... pretty standard. The cert was issued to the FQDN remote.domain.com. Again... all standard. Not sure why I'm getting these errors?

Here's what I get back from PowerShell...

 [PS] C:\Windows\System32>test-outlookwebservices | FL


Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address administrator@domain.com Id      : 1007
Type    : Information
Message : Testing server GSERVER.ggg.local with the published name https://remo
          te.domain.com/EWS/Exchange.asmx & https://remote.domain.com/EWS/Excha
          nge.asmx.

Id      : 1019
Type    : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
           URL on this object is https://remote.domain.com/Autodiscover/Autodis
          cover.xml.

Id      : 1013
Type    : Error
Message : When contacting https://remote.domain.com/Autodiscover/Autodiscover.x
          ml received the error The remote server returned an error: (401) Unau
          thorized.

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.


Is it possible that my new Zyxel firewall is misconfigured? Would there be something I need to set in there? I am getting onto OWA & RWW fine internally and externally and all Outlook clients seem to be connecting fine. What alerted me to the problem was the fact that our Vipre Email Security Spam filtering was not working correctly.... which led me to the AutoDiscover issues.

Thanks for the assist.
0
philodendrin
Asked:
philodendrin
  • 3
  • 3
  • 2
  • +1
1 Solution
 
Alan HardistyCo-OwnerCommented:
Have you run the Fix My Network Wizard and the Connect To The Internet Wizards when you setup SBS?

If not - please run them - if you did - please run them again.
0
 
JdtuckCommented:
Have you tried testing from www.testexchangeconnectivity.com?
0
 
philodendrinAuthor Commented:
Testing AutoDiscover via testexchangeconnectivity.com failed. So, it looks like I have an issue.

While running the "Setup Your Internet Address Wizard" I get "windows SBS 2008 cannot open ports 25, 80, 443, and 987". But I don't understand why it can't open the ports. I'm getting to all the services on those ports externally and internally (with the exception of AutoDiscover) just fine. So, what am I missing?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
JdtuckCommented:
What were the errors from testexchangeconnectivity.com
0
 
lastlostlastCommented:
Follow Method 2 of http://support.microsoft.com/kb/896861.

It is a known issue and the above KB should help fix the issue.
0
 
lastlostlastCommented:
Https://testexchangeconnectivity.com will not help unless you have autodiscover configured for external access.

Refer to http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx in order to get autodiscover working externally.

Unless you have configured autodiscover externally, any tests you perform for autodiscover using testexchangeconnectivity.com will fail.

Regardless, KB 896861 should help you fix the error noticed in "test-outlookwebservices | FL" cmd.


0
 
Alan HardistyCo-OwnerCommented:
The Wizard is trying to open the ports on your router / firewall and unless it has uPNP enabled on the Router - it will have a hard time - so don't worry about those errors - that is quite normal.  I always configure the router / firewall manually anyway - then I know what is going on.
0
 
philodendrinAuthor Commented:
Lastlostlast... I'm a little confused by KB896861... where it states to type the "Host Name or Host Names" for the sites that are on the server (method 1), is it looking for the FQDN ie, company.com or is it looking for remote.company.com or what?
0
 
philodendrinAuthor Commented:
Okay... thinking through this, it has to be remote.company.com it's looking for... so ignore my last post.

Here's the new results:

[PS] C:\Windows\System32>test-outlookwebservices | FL


Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address administrator@company.com

Id      : 1007
Type    : Information
Message : Testing server GSERVER.ggg.local with the published name https://remo
          te.company.com/EWS/Exchange.asmx & https://remote.company.com/EWS/Excha
          nge.asmx.

Id      : 1019
Type    : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
           URL on this object is https://remote.company.com/Autodiscover/Autodis
          cover.xml.

Id      : 1006
Type    : Information
Message : The Autodiscover service was contacted at https://remote.company.com/A
          utodiscover/Autodiscover.xml.

Id      : 1016
Type    : Success
Message : [EXCH]-Successfully contacted the AS service at https://remote.company
          .com/EWS/Exchange.asmx. The elapsed time was 573 milliseconds.

Id      : 1015
Type    : Success
Message : [EXCH]-Successfully contacted the OAB service at https://remote.company
        .com/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id      : 1014
Type    : Success
Message : [EXCH]-Successfully contacted the UM service at https://remote.company
          .com/UnifiedMessaging/Service.asmx. The elapsed time was 4 millisecon
          ds.

Id      : 1016
Type    : Success
Message : [EXPR]-Successfully contacted the AS service at https://remote.company
          .com/EWS/Exchange.asmx. The elapsed time was 15 milliseconds.

Id      : 1015
Type    : Success
Message : [EXPR]-Successfully contacted the OAB service at https://remote.company
          .com/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id      : 1014
Type    : Success
Message : [EXPR]-Successfully contacted the UM service at https://remote.company
          .com/UnifiedMessaging/Service.asmx. The elapsed time was 4 millisecon
          ds.

Id      : 1013
Type    : Error
Message : When contacting https://remote.company.com/Rpc received the error The
          server committed a protocol violation. Section=ResponseStatusLine

Id      : 1017
Type    : Error
Message : [EXPR]-Error when contacting the RPC/HTTP service at https://remote.
          company.com/Rpc. The elapsed time was 433 milliseconds.

Id      : 1006
Type    : Success
Message : The Autodiscover service was tested successfully.

Id      : 1021
Type    : Information
Message : The following web services generated errors.
              Contacting server in EXPR
          Please use the prior output to diagnose and correct the errors.

Not sure what the protocol violation its complaining about could be. Should I be concerned about the RPC delays?
0
 
lastlostlastCommented:
You need to mention the NETBIOS name of the server. Restart of the server is required.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now