Solved

OWA on Exchange 2010

Posted on 2011-03-08
9
3,661 Views
Last Modified: 2012-05-11
Here is the setup:  Single Exchange 2010 server running on Windows 2008 R2.  SonicWall TZ210 with OS Enhanced.  I replaced our old Sonicwall Pro 2040 with Standard OS with the TZ 210 Enhanced OS.  Now my OWA is working.  I've setup the new SonicWall with the same firewall rules and added the NAT policies.  I'm still trying to figure out OS Enhanced so I'm not sure if I've done something wrong or forgot something.  When I run the testexchangeconnectivity.com test I get the following:
 ExRCA is testing Exchange ActiveSync.  
  The Exchange ActiveSync test failed.
   Test Steps
   Attempting the Autodiscover and Exchange ActiveSync test (if requested).
  Testing of Autodiscover for Exchange ActiveSync failed.
   Test Steps
   Attempting each method of contacting the Autodiscover service.
  The Autodiscover service couldn't be contacted successfully by any method.
   Test Steps
   Attempting to test potential Autodiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name mydomain in DNS.
  The host name resolved successfully.
   Additional Details
  IP addresses returned: 74.86.121.122
 
 Testing TCP port 443 on host mydomain.com to ensure it's listening and open.
  The port was opened successfully.
 Testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   Validating the certificate name.
  The certificate name was validated successfully.
   Additional Details
  Host name mydomain.com was found in the Certificate Subject Common name.
 
 Testing the certificate date to confirm the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  The certificate is valid. NotBefore = 9/25/2010 12:32:22 PM, NotAfter = 9/25/2011 12:32:22 PM
 
 
 
 Checking the IIS configuration for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates isn't configured.
 
 Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
   Test Steps
   ExRCA is attempting to retrieve an XML Autodiscover response from URL https://mydomain.com/AutoDiscover/AutoDiscover.xml for user ryan@mydomain.com.
  ExRCA failed to obtain an Autodiscover XML response.
   Additional Details
  The Autodiscover XML response received by ExRCA was invalid. Exception: Exception details:
Message: There is an error in XML document (1, 50).
Type: System.InvalidOperationException
Stack trace:
at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String encodingStyle, XmlDeserializationEvents events)
at System.Xml.Serialization.XmlSerializer.Deserialize(Stream stream)
at Microsoft.Exchange.Tools.ExRca.Tests.AutoDiscover.AutoDiscoverGetXMLBase`2.Discover()
Exception details:
Message: There is an error in XML document (1, 50).
Type: System.InvalidOperationException
Stack trace:
at System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String encodingStyle, XmlDeserializationEvents events)
at System.Xml.Serialization.XmlSerializer.Deserialize(Stream stream)
at Microsoft.Exchange.Tools.ExRca.Tests.AutoDiscover.AutoDiscoverGetXMLBase`2.Discover()
 
 
 
 
 
 
 Attempting to test potential Autodiscover URL https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name autodiscover.mydomain.com in DNS.
  The host name couldn't be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com couldn't be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
.
 
 
 
 Attempting to contact the Autodiscover service using the HTTP redirect method.
  The attempt to contact Autodiscover using the HTTP Redirect method failed.
   Test Steps
   Attempting to resolve the host name autodiscover.sosb-ia.com in DNS.
  The host name couldn't be resolved.
   Tell me more about this issue and how to resolve it
   Additional Details
  Host autodiscover.mydomain.com couldn't be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally()
.
 
 
 
 Attempting to contact the Autodiscover service using the DNS SRV redirect method.
  ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
   Test Steps
   Attempting to locate SRV record _autodiscover._tcp.mydomain.com in DNS.
  The Autodiscover SRV record wasn't found in DNS.
   Tell me more about this issue and how to resolve it
 
 
 
 
 
 
 
 
 
0
Comment
Question by:ryanthompson
  • 5
  • 2
  • 2
9 Comments
 
LVL 11

Expert Comment

by:Tasmant
ID: 35071296
you have the choice: http://technet.microsoft.com/en-us/library/bb124251.aspx
you didn't create the autodiscover.domain.com entry in DNS with your public IP assigned.
you didn't create the (A) record for the DNS zone itself with your public IP assigned
so no Url, domain.com/autodiscover, neither autodiscover.domain.com can be resolved with DNS.

more, did you configured your certificate with SAN (subject alternate name) to have:
- owa.domain.com (if this is the url of owa)
- domain.com or autodiscover.domain.com (one of the two)

to see if OWA works, you don't really need the autodiscover service, you can try to connect directly to https://owa.domain.com.


0
 

Author Comment

by:ryanthompson
ID: 35071444
The SSL certificate was created with the following
autodiscover.mydomain.com
mailsvr1
mailsvr1.mydomain.local
sites

I have created the entries in DNS for autodiscover and for the public IP as well.

Like I said this worked fine until I switched SonicWalls.
0
 
LVL 11

Expert Comment

by:Tasmant
ID: 35071507
0
 
LVL 9

Expert Comment

by:dexIT
ID: 35071648
Did you add your Exchange server in DMZ on your SW?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:ryanthompson
ID: 35071687
No, the exchange server is not in the DMZ.
0
 
LVL 9

Expert Comment

by:dexIT
ID: 35072286
Did you setup any rules to route outside Ips to it's internal address?
0
 

Author Comment

by:ryanthompson
ID: 35072392
Here are the rules:
Firewall Rules
NAT Policies
0
 

Accepted Solution

by:
ryanthompson earned 0 total points
ID: 35193014
I had to change the HTTPS management port to something other than 443 on the SonicWall.  Once I did that everything started working.
0
 

Author Closing Comment

by:ryanthompson
ID: 35225428
I found a SonicWall article on this.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now