Exchange 2010 - LAN users being prompted for username/password
Got an issue with a fresh Exchange 2010 install. One Exchange server with all roles installed.
When users open up their Outlook client (Outlook 2007), they are continually prompted for their username/password. Further more... it will not accept their correct credentials, and you have no choice other then to hit cancel a few times and then Outlook works as usual. They will continue to get prompted sporadically throughout the day.
We have correctly configured Autodiscover and installed a valid SAN cert with all the correct names. OWA, activesync and Outlook Anywhere (for users outside the office) all work fine. This only effects local LAN users on the Domain.
At a loss, I opened a Microsoft support case and have been working with them for 4 days now... and they themselves are currently stumped.
After a week of troubleshooting; here's what we know....
1) Any user running a Outlook 2010 client, do not get prompted and work fine.
2) Any member of the "Domain Admins" group do not get prompted and work fine.
The above are obviously not valid solutions....but a "work around" so to speak found solely through troubleshooting.
I am posting this question here, if not for anything else, for chronicling purposes to look back on when this issue inevitably raises its head for another client and to help out all those who I know are experiencing this same issue as well.
If you have any comments or suggestions that may aid in resolving this ... I'd love to hear them!
When users open up their Outlook client (Outlook 2007), they are continually prompted for their username/password. Further more... it will not accept their correct credentials, and you have no choice other then to hit cancel a few times and then Outlook works as usual. They will continue to get prompted sporadically throughout the day.
We have correctly configured Autodiscover and installed a valid SAN cert with all the correct names. OWA, activesync and Outlook Anywhere (for users outside the office) all work fine. This only effects local LAN users on the Domain.
At a loss, I opened a Microsoft support case and have been working with them for 4 days now... and they themselves are currently stumped.
After a week of troubleshooting; here's what we know....
1) Any user running a Outlook 2010 client, do not get prompted and work fine.
2) Any member of the "Domain Admins" group do not get prompted and work fine.
The above are obviously not valid solutions....but a "work around" so to speak found solely through troubleshooting.
I am posting this question here, if not for anything else, for chronicling purposes to look back on when this issue inevitably raises its head for another client and to help out all those who I know are experiencing this same issue as well.
If you have any comments or suggestions that may aid in resolving this ... I'd love to hear them!
Had a similar issue last month with Outlook 2007 clients. Don't know about 2010.
Microsoft had issued a KB2412171 last month that made Outlook 2007 users get a logon prompt repeatedly. Simply uninstall the KB2412171.
Microsoft had issued a KB2412171 last month that made Outlook 2007 users get a logon prompt repeatedly. Simply uninstall the KB2412171.
ASKER
Sunny - The first thing we did was run the ExBPA. Test clean...no errors at all...
Regarding the www.testexchangeconnectivity.com site... the only test out of all of them that failed was the "Synchronization, Notification, Availability, and Automatic Replies (OOF) " test.
Get-ClientAccessServer:
RunspaceId : b120b8bc-b13e-4dba-88f5-39
Name : RIZZNETEX10SRV1
Fqdn : rizznetex10srv1.rizznetwor
OutlookAnywhereEnabled : True
AutoDiscoverServiceCN : rizznetex10srv1
AutoDiscoverServiceClassNa
AutoDiscoverServiceInterna
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e
AutoDiscoverSiteScope : {Default-First-Site-Name}
AlternateServiceAccountCon
IrmLogEnabled : True
IrmLogMaxAge : 30.00:00:00
IrmLogMaxDirectorySize : 250 MB (262,144,000 bytes)
IrmLogMaxFileSize : 10 MB (10,485,760 bytes)
IrmLogPath : D:\Program Files\Microsoft\Exchange Server\V14\Logging\IRMLogs
MigrationLogLoggingLevel : Information
MigrationLogFilePath :
MigrationLogMaxAge : 180.00:00:00
MigrationLogMaxDirectorySi
MigrationLogMaxFileSize : 100 MB (104,857,600 bytes)
IsValid : True
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=RIZZNETEX10SRV1,CN=Serv
,CN=Administrative Groups,CN=Rizznetworks,CN=
onfiguration,DC=rizznetwor
Identity : RIZZNETEX10SRV1
Guid : 24e684c8-4161-44c0-a15f-15
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 12/6/2010 3:45:32 PM
WhenCreated : 5/13/2010 3:11:42 PM
WhenChangedUTC : 12/6/2010 8:45:32 PM
WhenCreatedUTC : 5/13/2010 7:11:42 PM
OrganizationId :
OriginatingServer : RIZZNETNY2K8AD2.rizznetwor
Get-AutoDiscoverVirtualdir
RunspaceId : b120b8bc-b13e-4dba-88f5-39
Name : Autodiscover (Default Web Site)
InternalAuthenticationMeth
ExternalAuthenticationMeth
LiveIdSpNegoAuthentication
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://rizznetex10srv1.rizz
Path : D:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Au
ExtendedProtectionTokenChe
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : RIZZNETEX10SRV1
InternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
ExternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols
,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Admin
etworks,CN=Microsoft Exchange,CN=Services,CN=Co
Identity : RIZZNETEX10SRV1\Autodiscov
Guid : df89520e-aab4-462a-b2b8-07
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualD
WhenChanged : 9/28/2010 8:44:55 PM
WhenCreated : 9/23/2010 9:31:09 AM
WhenChangedUTC : 9/29/2010 12:44:55 AM
WhenCreatedUTC : 9/23/2010 1:31:09 PM
OrganizationId :
OriginatingServer : RIZZNETNY2K8AD2.rizznetwor
IsValid : True
Get-Exchangecertificate:
AccessRules : {System.Security.AccessCon
ule, System.Security.AccessCont
CertificateDomains : {mail.rizznetworks.com, www.mail.rizznetworks.com, autodiscover.rizznetworks.
rizznetworks.com}
HasPrivateKey : True
IsSelfSigned : False
Issuer : SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.
com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter : 1/15/2012 11:03:07 AM
NotBefore : 12/6/2010 2:59:49 PM
PublicKeySize : 2048
RootCAType : ThirdParty
SerialNumber : 2794E88D071194
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=mail.rizznetworks.com, OU=Domain Control Validated, O=mail.rizznetworks.com
Thumbprint : 376F94A3A54233E587195350D2
AccessRules : {System.Security.AccessCon
ule, System.Security.AccessCont
essRule}
CertificateDomains : {rizznetex10srv1, rizznetex10srv1.rizznetwor
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=rizznetex10srv1
NotAfter : 5/13/2015 3:13:46 PM
NotBefore : 5/13/2010 3:13:46 PM
PublicKeySize : 2048
RootCAType : None
SerialNumber : 0C931EC728C6A28244F9475A44
Services : SMTP
Status : Valid
Subject : CN=rizznetex10srv1
Thumbprint : 775E81A3680EAFBBD6F97D9110
To dcraft...; the few machines I looked at do not have that KB installed...
Regarding the www.testexchangeconnectivity.com site... the only test out of all of them that failed was the "Synchronization, Notification, Availability, and Automatic Replies (OOF) " test.
Get-ClientAccessServer:
RunspaceId : b120b8bc-b13e-4dba-88f5-39
Name : RIZZNETEX10SRV1
Fqdn : rizznetex10srv1.rizznetwor
OutlookAnywhereEnabled : True
AutoDiscoverServiceCN : rizznetex10srv1
AutoDiscoverServiceClassNa
AutoDiscoverServiceInterna
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e
AutoDiscoverSiteScope : {Default-First-Site-Name}
AlternateServiceAccountCon
IrmLogEnabled : True
IrmLogMaxAge : 30.00:00:00
IrmLogMaxDirectorySize : 250 MB (262,144,000 bytes)
IrmLogMaxFileSize : 10 MB (10,485,760 bytes)
IrmLogPath : D:\Program Files\Microsoft\Exchange Server\V14\Logging\IRMLogs
MigrationLogLoggingLevel : Information
MigrationLogFilePath :
MigrationLogMaxAge : 180.00:00:00
MigrationLogMaxDirectorySi
MigrationLogMaxFileSize : 100 MB (104,857,600 bytes)
IsValid : True
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=RIZZNETEX10SRV1,CN=Serv
,CN=Administrative Groups,CN=Rizznetworks,CN=
onfiguration,DC=rizznetwor
Identity : RIZZNETEX10SRV1
Guid : 24e684c8-4161-44c0-a15f-15
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 12/6/2010 3:45:32 PM
WhenCreated : 5/13/2010 3:11:42 PM
WhenChangedUTC : 12/6/2010 8:45:32 PM
WhenCreatedUTC : 5/13/2010 7:11:42 PM
OrganizationId :
OriginatingServer : RIZZNETNY2K8AD2.rizznetwor
Get-AutoDiscoverVirtualdir
RunspaceId : b120b8bc-b13e-4dba-88f5-39
Name : Autodiscover (Default Web Site)
InternalAuthenticationMeth
ExternalAuthenticationMeth
LiveIdSpNegoAuthentication
WSSecurityAuthentication : True
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://rizznetex10srv1.rizz
Path : D:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Au
ExtendedProtectionTokenChe
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : RIZZNETEX10SRV1
InternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
ExternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols
,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Admin
etworks,CN=Microsoft Exchange,CN=Services,CN=Co
Identity : RIZZNETEX10SRV1\Autodiscov
Guid : df89520e-aab4-462a-b2b8-07
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualD
WhenChanged : 9/28/2010 8:44:55 PM
WhenCreated : 9/23/2010 9:31:09 AM
WhenChangedUTC : 9/29/2010 12:44:55 AM
WhenCreatedUTC : 9/23/2010 1:31:09 PM
OrganizationId :
OriginatingServer : RIZZNETNY2K8AD2.rizznetwor
IsValid : True
Get-Exchangecertificate:
AccessRules : {System.Security.AccessCon
ule, System.Security.AccessCont
CertificateDomains : {mail.rizznetworks.com, www.mail.rizznetworks.com, autodiscover.rizznetworks.
rizznetworks.com}
HasPrivateKey : True
IsSelfSigned : False
Issuer : SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.
com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter : 1/15/2012 11:03:07 AM
NotBefore : 12/6/2010 2:59:49 PM
PublicKeySize : 2048
RootCAType : ThirdParty
SerialNumber : 2794E88D071194
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=mail.rizznetworks.com, OU=Domain Control Validated, O=mail.rizznetworks.com
Thumbprint : 376F94A3A54233E587195350D2
AccessRules : {System.Security.AccessCon
ule, System.Security.AccessCont
essRule}
CertificateDomains : {rizznetex10srv1, rizznetex10srv1.rizznetwor
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=rizznetex10srv1
NotAfter : 5/13/2015 3:13:46 PM
NotBefore : 5/13/2010 3:13:46 PM
PublicKeySize : 2048
RootCAType : None
SerialNumber : 0C931EC728C6A28244F9475A44
Services : SMTP
Status : Valid
Subject : CN=rizznetex10srv1
Thumbprint : 775E81A3680EAFBBD6F97D9110
To dcraft...; the few machines I looked at do not have that KB installed...
also
get-outlookanywhere | fl
from a outlook client which is prompting for password
Press Ctrl + Right click Outlook icon on bottom right corner
Test Email Auto Config
use Autodisocver and guess smart separately.
Let me know the error code you are getting.
0x800 something.
get-outlookanywhere | fl
from a outlook client which is prompting for password
Press Ctrl + Right click Outlook icon on bottom right corner
Test Email Auto Config
use Autodisocver and guess smart separately.
Let me know the error code you are getting.
0x800 something.
ASKER
Get-Outlookanywhere:
RunspaceId : ba5ba747-2a73-4a03-b7bb-6a
ServerName : RIZZNETEX10SRV1
SSLOffloading : False
ExternalHostname : mail.rizznetworks.com
ClientAuthenticationMethod
IISAuthenticationMethods : {Basic, Ntlm}
XropUrl :
MetabasePath : IIS://rizznetex10srv1.rizz
Path : C:\Windows\System32\RpcPro
ExtendedProtectionTokenChe
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : RIZZNETEX10SRV1
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
Name : Rpc (Default Web Site)
DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols
nge Administrative Group (FYDIBOHF23SPDLT),CN=Admin
N=Microsoft Exchange,CN=Services,CN=Co
Identity : RIZZNETEX10SRV1\Rpc (Default Web Site)
Guid : d54c876b-7ba3-4450-a57e-f3
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirect
WhenChanged : 3/3/2011 6:50:54 PM
WhenCreated : 3/3/2011 6:47:38 PM
WhenChangedUTC : 3/3/2011 11:50:54 PM
WhenCreatedUTC : 3/3/2011 11:47:38 PM
OrganizationId :
OriginatingServer : RIZZNETNY2K8AD2.rizznetwor
IsValid : True
In regards to the Test Email AutoConfiguration:
There are no errors for Autodiscover... that works fine.
The Guessmart fails with: FAILED (0x80070005)
RunspaceId : ba5ba747-2a73-4a03-b7bb-6a
ServerName : RIZZNETEX10SRV1
SSLOffloading : False
ExternalHostname : mail.rizznetworks.com
ClientAuthenticationMethod
IISAuthenticationMethods : {Basic, Ntlm}
XropUrl :
MetabasePath : IIS://rizznetex10srv1.rizz
Path : C:\Windows\System32\RpcPro
ExtendedProtectionTokenChe
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : RIZZNETEX10SRV1
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
Name : Rpc (Default Web Site)
DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols
nge Administrative Group (FYDIBOHF23SPDLT),CN=Admin
N=Microsoft Exchange,CN=Services,CN=Co
Identity : RIZZNETEX10SRV1\Rpc (Default Web Site)
Guid : d54c876b-7ba3-4450-a57e-f3
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirect
WhenChanged : 3/3/2011 6:50:54 PM
WhenCreated : 3/3/2011 6:47:38 PM
WhenChangedUTC : 3/3/2011 11:50:54 PM
WhenCreatedUTC : 3/3/2011 11:47:38 PM
OrganizationId :
OriginatingServer : RIZZNETNY2K8AD2.rizznetwor
IsValid : True
In regards to the Test Email AutoConfiguration:
There are no errors for Autodiscover... that works fine.
The Guessmart fails with: FAILED (0x80070005)
are the users connecting locally over the lan
or over the vpn ?
is the user logged in to the domain when opening outlook ?
thanks
or over the vpn ?
is the user logged in to the domain when opening outlook ?
thanks
ASKER
All users having this issue (prompting for credentials), are local LAN users. VPN or any other user OUTSIDE the office works flawlessy via Outlook Anywhere.
ASKER
And yes... the users are logged into the domain when opening outlook.
That's strange :)
@ I am checking the output. will post back.
@ I am checking the output. will post back.
ASKER
Strange indeed... lol
Like I said...currently MS themselves are stumped.
Thank you sunny for your help and input. Much appreciated.
Like I said...currently MS themselves are stumped.
Thank you sunny for your help and input. Much appreciated.
start > run > inetmgr
Expand the servername
go to default website
Autodiscover
click autodiscover
click on authentication on right panel.
Check if windows auth is enabled. if not enable it.
restart iis
Expand the servername
go to default website
Autodiscover
click autodiscover
click on authentication on right panel.
Check if windows auth is enabled. if not enable it.
restart iis
ASKER
Windows (integrated) authentication is enabled for Autodiscover.
run this please.
Get-AutodiscoverVirtualDir
Get-AutodiscoverVirtualDir
ASKER
Sunny - I ran that command, reset IIS, but it made no difference....
Can you output
get-autodiscovervirtualdir
thanks
get-autodiscovervirtualdir
thanks
ASKER
sure...
RunspaceId : 723fc67e-800d-4a9b-a956-b7
Name : Autodiscover (Default Web Site)
InternalAuthenticationMeth
ExternalAuthenticationMeth
LiveIdSpNegoAuthentication
WSSecurityAuthentication : False
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://rizznetex10srv1.rizz
Path : D:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Au
ExtendedProtectionTokenChe
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : RIZZNETEX10SRV1
InternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
ExternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols
,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Admin
etworks,CN=Microsoft Exchange,CN=Services,CN=Co
Identity : RIZZNETEX10SRV1\Autodiscov
Guid : df89520e-aab4-462a-b2b8-07
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualD
WhenChanged : 3/5/2011 8:47:12 AM
WhenCreated : 9/23/2010 9:31:09 AM
WhenChangedUTC : 3/5/2011 1:47:12 PM
WhenCreatedUTC : 9/23/2010 1:31:09 PM
OrganizationId :
OriginatingServer : rizznetny2k8ad1.rizznetwor
IsValid : True
RunspaceId : 723fc67e-800d-4a9b-a956-b7
Name : Autodiscover (Default Web Site)
InternalAuthenticationMeth
ExternalAuthenticationMeth
LiveIdSpNegoAuthentication
WSSecurityAuthentication : False
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://rizznetex10srv1.rizz
Path : D:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Au
ExtendedProtectionTokenChe
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : RIZZNETEX10SRV1
InternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
ExternalUrl : https://autodiscover.rizznetworks.com/autodiscover/autodiscover.xml
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols
,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Admin
etworks,CN=Microsoft Exchange,CN=Services,CN=Co
Identity : RIZZNETEX10SRV1\Autodiscov
Guid : df89520e-aab4-462a-b2b8-07
ObjectCategory : rizznetworks.com/Configura
ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualD
WhenChanged : 3/5/2011 8:47:12 AM
WhenCreated : 9/23/2010 9:31:09 AM
WhenChangedUTC : 3/5/2011 1:47:12 PM
WhenCreatedUTC : 9/23/2010 1:31:09 PM
OrganizationId :
OriginatingServer : rizznetny2k8ad1.rizznetwor
IsValid : True
Can you restart hubtransport service.
MsExchangeTransport
After restarting.
Close outlook.
and then try to connect again.
I am in the city all day for some client work. Wont be able to respond frequently..
MsExchangeTransport
After restarting.
Close outlook.
and then try to connect again.
I am in the city all day for some client work. Wont be able to respond frequently..
If it still doesnt fix the problem, can you enable Kernel Authentication mode as per this article by demazter
http://demazter.wordpress.com/2010/02/09/outlook-continually-prompting-for-username-and-password-2/
thanks
http://demazter.wordpress.com/2010/02/09/outlook-continually-prompting-for-username-and-password-2/
thanks
ASKER
I will try that Sunny... thanks.
Yea, we originally had Kernal Authentication enabled... but Microsoft recommended we turn it off for some reason. Either way, made no difference...
Yea, we originally had Kernal Authentication enabled... but Microsoft recommended we turn it off for some reason. Either way, made no difference...
ASKER
As a follow up Sunny... I did restart the serivces and even rebooted the Exchange server. No change unfortunately...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Special thanks to Sunny for all your help and ideas. This was truly an odd issue and I hope this resolution from Microsoft can help others.
FYI - performing this solution and then doing an iisreset caused all Exchange clients to disconnect (yikes!). Restarting the server caused everything to come back up and the authentication pop-up issue window to resolve. Thank you much to Italia_NYC for going through the pain to resolve this horrific issue!
Thanks for coming back and updating the case.
a) Check if Exchange autodiscover Internal URL's are configured appropriately to local exchange server / CAS Array
b) Check if there is a certificate mismatch.
Tests:
a) ExBPA
Download and run this
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=dbab201f-4bee-4943-ac22-e2ddbd258df3&displaylang=en
b) ExRCA
www.testexchangeconnectivity.com
Run all tests one by one.
Output required;
get-clientaccessserver | fl
get-autodiscovervirtualdir
get-exchangecertificate | fl
Please post the results.
thanks