We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Exchange 2007 autodiscovery

reliantcorp
reliantcorp asked
on
Medium Priority
544 Views
Last Modified: 2012-06-21

Ive just realized that our Exchange 2007 clients environments, those using outlook 2007 and higher (inside the lan) are getting their proxy settings automatically set. Even if I uncheck the option and restart outlook same thing happens.

Ive now found this is related to outlook-provider and outlook anywhere.

What are the downsides of disabling the outlook provider ?

btw, they get a certificate error but I dont know why. there's a certificate for mail.domain.com  I dont even understand what's the reason for that error. proxy settings pint to remote.domain.com but there's no remote A record for remote. So where's outlook actually looking for that certificate ? I mean, it shouldnt even look for domain.com from inside the network !!!

Thanks for any help.
Diego
Comment
Watch Question

Sounds like you might have a Group Policy set. Check out this article.
http://www.bictt.com/blogs/bictt.php/2011/01/09/outlook-anywhere-automatically-changes-proxy-settings

Re: the certificate error, you'll need to install your untrusted certificate to not have the cert error from coming up. http://support.microsoft.com/kb/940726
Cris HannaSr IT Support Engineer
CERTIFIED EXPERT

Commented:
Are you running SBS 2008 or SBS 2011?
Rajith EnchiparambilOffice 365 & Exchange Architect

Commented:
You need a third party cert with mail.domain,com and autodiscover.domain.com as the entires. Buy a SAN/UCC certificate.

Then, re-configure Exchange web services urls including autodiscover.

Author

Commented:
We have SBS 2008 running

The cert with the entiers is ok. But the thing is I dont want any internal outlook profile/user to look for autodiscover.domain.com . Or to get their proxy settings autoconfigured for that matter.
inside the network clints try to go to SCP to get their autodiscover settings

type get-clientaccessserver | fl *autodiscover*

to see your scp value
Cris HannaSr IT Support Engineer
CERTIFIED EXPERT

Commented:
in order to assist you better, it would help to understand your environment better
It would seem from your comments that you are not using Exchange for email, yet you are using Outlook but want it to point somewhere else for mail and thus you don't want the auto setup?

Author

Commented:

Yes, we are using Exchange for email. The thing is I don't see the point in using autodiscovery (and having the proxy settings autoconfigured) for internal users.

I now know I can remove the EXPR outlook provider. Question is, can I disabel that only for internal users and not external ?
Cris HannaSr IT Support Engineer
CERTIFIED EXPERT

Commented:
Actually the purpose (and benefit) is to all user to setup Outlook for the first time without IT help.
That alone should be huge

I understand you would like to stop the behavior but I'm not clear on what issue it's causing by being enabled.

It also sounds like you have a certificate mismatch?   you say you have a cert for mail.domain.com ?
Did you install the cert using the trusted third part cert wizard?   Is the cert from Go Daddy?

When you ran the "Setup my Internet Address Wizard", when you got to the box to enter your domain name, did you click on the advanced link below the box where you entered the domain name and change remote to mail?
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
but remeber modifying EXPR will affect ur external users

Author

Commented:
Chris:

I guess I can fix the cert problem just by doing the following:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://correctexternaldomain.com/autodiscover/autodiscover.xml 

Let me correct my previous words. What I meant is I don't see the point about having internal users to use the "EXPR outlook connector" (proxy) from autodiscovery. But like "praveenkumare_sp" said it looks like there's no way to disable it just for internal users.

The published proxy address is not even correct so I don't know how those internal clients are even working.

To make it short, by getting rid of the EXPR outlook provider I'll fix the problem but external users will have to manually configure their exchange settings.

Another strange thing I've seen is that not all of our clients (using outlook 2007 and exchange 2007) are getting proxy settings. And I have not disabled the EXPR outlook provider so far on any server.
Cris HannaSr IT Support Engineer
CERTIFIED EXPERT
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
you got it right reliantcorp: :)
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.