Solved

Autodiscovery Exchange 2010

Posted on 2011-03-16
6
1,638 Views
Last Modified: 2012-05-11
Hi I got a strange problem with the autodiscovery service on Exchange 2010. Our setup is Internet -> ASA5510 -> Forefront TMG -> ASA 5510 -> Exchange 2010 (CAS)

anyway i am pretty sure this is an Exchange problem. I do have a UCC cert and this is the error code i get when running outlook autodiscovery test in testexchangeconnectivity.com

Attempting to test potential Autodiscover URL https://autodiscover.x.se/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name autodiscover.x.se in DNS.
  The host name resolved successfully.
   Additional Details
  IP addresses returned: x.x.1.45
 
 Testing TCP port 443 on host autodiscover.x.se to ensure it's listening and open.
  The port was opened successfully.
 Testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   Validating the certificate name.
  The certificate name was validated successfully.
   Additional Details
  Host name autodiscover.x.se was found in the Certificate Subject Alternative Name entry.
 
 Certificate trust is being validated.
  The certificate is trusted and all certificates are present in the chain.
   Additional Details
  The certificate chain has been validated up to a trusted root. Root = CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US.
 
 Testing the certificate date to confirm the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  The certificate is valid. NotBefore = 3/14/2011 12:00:00 AM, NotAfter = 3/18/2014 12:00:00 PM
 
 
 
 Checking the IIS configuration for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates isn't configured.
 
 Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
   Test Steps
   ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.x.se/AutoDiscover/AutoDiscover.xml for user Testtest2@x.se.
  ExRCA failed to obtain an Autodiscover XML response.
   Tell me more about this issue and how to resolve it
   Additional Details
  An error message was returned from the Autodiscover service
XML response:
<?xml version="1.0"?>
<Autodiscover xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="09:47:37.6622217" Id="2096444376">
<ErrorCode>500</ErrorCode>
<Message>The e-mail address cannot be found.</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
 
 When doing an internal test on the exchange server i Get

C:\Windows\system32>Test-OutlookWebServices -Identity: testtest@xxx.se


aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1019
      : Information
ge    : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://ma
        il.xxx.se/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1006
      : Information
ge    : Contacted the Autodiscover service at https://mail.xxx.se/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1016
      : Information
ge    : [EXCH] The AS is configured for this user in the Autodiscover response received from https://mail.xxx.se/A
        utodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1015
      : Information
ge    : [EXCH] The OAB is configured for this user in the Autodiscover response received from https://mail.xxx.se/
        Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1014
      : Information
ge    : [EXCH] The UM is configured for this user in the Autodiscover response received from https://mail.xxx.se/A
        utodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1016
      : Information
ge    : [EXPR] The AS is configured for this user in the Autodiscover response received from https://mail.xxx.se/A
        utodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1015
      : Information
ge    : [EXPR] The OAB is configured for this user in the Autodiscover response received from https://mail.xxx.se/
        Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1014
      : Information
ge    : [EXPR] The UM is configured for this user in the Autodiscover response received from https://mail.xxx.se/A
        utodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1022
      : Success
ge    : Autodiscover was tested successfully.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1106
      : Information
ge    : Contacted the Autodiscover service at https://xxxEX01.iaf.local:443/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1116
      : Information
ge    : [EXCH] The AS is configured for this user in the Autodiscover response received from https://xxxEX01.iaf.l
        ocal:443/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1115
      : Information
ge    : [EXCH] The OAB is configured for this user in the Autodiscover response received from https://xxxEX01.iaf.
        local:443/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1114
      : Information
ge    : [EXCH] The UM is configured for this user in the Autodiscover response received from https://xxxEX01.iaf.l
        ocal:443/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1116
      : Information
ge    : [EXPR] The AS is configured for this user in the Autodiscover response received from https://xxxEX01.iaf.l
        ocal:443/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1115
      : Information
ge    : [EXPR] The OAB is configured for this user in the Autodiscover response received from https://xxxEX01.x.
        local:443/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1114
      : Information
ge    : [EXPR] The UM is configured for this user in the Autodiscover response received from https://xxxEX01.x.l
        ocal:443/Autodiscover/Autodiscover.xml.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1122
      : Success
ge    : Autodiscover was tested successfully.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1024
      : Success
ge    : [EXCH] Successfully contacted the AS service at https://xxxex01.x.local/EWS/Exchange.asmx. The elapsed t
        ime was 719 milliseconds.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1026
      : Success
ge    : [EXCH] Successfully contacted the UM service at https://xxxex01.x.local/EWS/Exchange.asmx. The elapsed t
        ime was 125 milliseconds.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1024
      : Success
ge    : [EXPR] Successfully contacted the AS service at https://mail.x.se/EWS/Exchange.asmx. The elapsed time wa
        s 78 milliseconds.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1026
      : Success
ge    : [EXPR] Successfully contacted the UM service at https://mail.x.se/EWS/Exchange.asmx. The elapsed time wa
        s 46 milliseconds.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1124
      : Success
ge    : [Server] Successfully contacted the AS service at https://xxxex01.x.local/ews/exchange.asmx. The elapsed
         time was 46 milliseconds.

aceId : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
      : 1126
      : Success
ge    : [Server] Successfully contacted the UM service at https://xxxex01.x.local/ews/exchange.asmx. The elapsed
         time was 46 milliseconds.
 
Do not point me at the White paper, i´ve done it and i have also recreated the autodiscoveryvirtualdirectory cause i had internal server 500 errors before

Firewall port open in ASA is 443 and that is the port open in the TMG aswell, except LDAP ports against the domaincontrollers

On the TMG i got thoose paths published

/rpc/*
/oab/*
/microsoft-server-activesync/*
/ews/*
/Autodiscover/*
 

Next problem is the Activesync Autodiscover where i get this error message

Attempting to test potential Autodiscover URL https://autodiscover.x.se/AutoDiscover/AutoDiscover.xml 
  Testing of this potential Autodiscover URL failed.
   Test Steps
   Attempting to resolve the host name autodiscover.x.se in DNS.
  The host name resolved successfully.
   Additional Details
  IP addresses returned: x.x.1.45
 
 Testing TCP port 443 on host autodiscover.x.se to ensure it's listening and open.
  The port was opened successfully.
 Testing the SSL certificate to make sure it's valid.
  The certificate passed all validation requirements.
   Test Steps
   Validating the certificate name.
  The certificate name was validated successfully.
   Additional Details
  Host name autodiscover.x.se was found in the Certificate Subject Alternative Name entry.
 
 Certificate trust is being validated.
  The certificate is trusted and all certificates are present in the chain.
   Additional Details
  The certificate chain has been validated up to a trusted root. Root = CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US.
 
 Testing the certificate date to confirm the certificate is valid.
  Date validation passed. The certificate hasn't expired.
   Additional Details
  The certificate is valid. NotBefore = 3/14/2011 12:00:00 AM, NotAfter = 3/18/2014 12:00:00 PM
 
 
 
 Checking the IIS configuration for client certificate authentication.
  Client certificate authentication wasn't detected.
   Additional Details
  Accept/Require Client Certificates isn't configured.
 
 Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
   Test Steps
   ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.x.se/AutoDiscover/AutoDiscover.xml for user testtest2@x.se.
  ExRCA failed to obtain an Autodiscover XML response.
   Additional Details
  None of the expected XML elements were found in the XML response.
 
 Great, that would be all i think.. Thanks in advance

BTW Activesync works in the not autodiscover way
 
 
0
Comment
Question by:ptopservicedesk
  • 3
  • 3
6 Comments
 
LVL 26

Expert Comment

by:e_aravind
ID: 35153834
when you try to access the URL
https://cas=server/autodiscover/autodiscover.xml

Do we get the correct error\warning message http-600??

Do we have the internal and external URLs populated correctly?
0
 

Author Comment

by:ptopservicedesk
ID: 35156204
Yes that is correct. I have not touched the autodiscover internaluri since i recreated the folder. Before i had mail.company.se/xxxxx
Everything else is pointed at mail.company.se

But when i run this cmdlet it show the internaluri is unpopulated...

[PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | FL


RunspaceId                      : dd26e42f-d22c-4b39-bea1-c31fa9b9b2bb
Name                            : Autodiscover (Default Web Site)
InternalAuthenticationMethods   : {Basic, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods   : {Basic, Ntlm, WindowsIntegrated}
LiveIdSpNegoAuthentication      : False
WSSecurityAuthentication        : False
LiveIdBasicAuthentication       : False
BasicAuthentication             : True
DigestAuthentication            : False
WindowsAuthentication           : True
MetabasePath                    : IIS://xEX01.iaf.local/W3SVC/1/ROOT/Autodiscover
Path                            : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Autodiscover
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags         : {}
ExtendedProtectionSPNList       : {}
Server                          : xEX01
InternalUrl                     :
ExternalUrl                     :
AdminDisplayName                :
ExchangeVersion                 : 0.10 (14.0.100.0)
DistinguishedName               : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols,CN=xEX01,CN=Servers,CN=Exch
                                  ange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=x,CN=Micros
                                  oft Exchange,CN=Services,CN=Configuration,DC=x,DC=local
Identity                        : xEX01\Autodiscover (Default Web Site)
Guid                            : e7d47afb-e8b0-4821-a6a7-19471576dde8
ObjectCategory                  : iaf.local/Configuration/Schema/ms-Exch-Auto-Discover-Virtual-Directory
ObjectClass                     : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}
WhenChanged                     : 2011-03-16 09:29:37
WhenCreated                     : 2011-03-16 09:29:37
WhenChangedUTC                  : 2011-03-16 08:29:37
WhenCreatedUTC                  : 2011-03-16 08:29:37
OrganizationId                  :
OriginatingServer               : x01.x.local
IsValid                         : True



So the error code is 600

thanks Per
0
 
LVL 26

Accepted Solution

by:
e_aravind earned 500 total points
ID: 35159021
OKies...so the autodiscovery with the Outlook works fine and we need to get thsi working for the Mobile devices.

In the Mobile devices
a) They are hardcoded to use the autodiscover.domain.com
so need to have the name resolution without any issue and the certs should be fine ...without any cert. warning when accessing these URL from the mobile-device-browsers
Yes, we need to check the URL https://autodiscover.domain.com from inside the mobile device browser window

b) if it still fails...collect-n-share the control logs responsible for the mobile device.

http://blogs.technet.com/b/vik/archive/2008/12/04/setting-up-verbose-logging-in-windows-mobile-and-parsing-logs.aspx
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:ptopservicedesk
ID: 35163942
So is it possible that it actually will work with a mobile even though it doesn´t look correct in testexchangeconnectivity?
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 35164306
yes, i would say that we have some good chances to get the Mobile-device co-ordinating fine with the autodiscovery service.
0
 

Author Comment

by:ptopservicedesk
ID: 35180392
Well I think I got fooled by the Testexchangeconnectivity site.

It is working, thanks alot for the help
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now