• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 987
  • Last Modified:

SBS 2008 Autodiscover

Have a new Small Business Server 2008.  I have having a problem with the autodiscover which is not allowing my spam software to work properly.  Note:  I don't have an SSL certificate on the server.  From what I am told I can get autodiscover to work without purchasing a certificate.
Here are the errors:

[PS] C:\Windows\System32>Test-OutlookWebServices | FL

Id      : 1003
Type    : Information
Message : About to test AutoDiscover with the e-mail address Administrator@anch

Id      : 1007
Type    : Information
Message : Testing server SERVER.anchorconveyor.local with the published name ht
          tps://mail.anchorconveyor.com/ews/exchange.asmx & .

Id      : 1019
Type    : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
           URL on this object is https://mail.anchorconveyor.com/autodiscover/a

Id      : 1005
Type    : Error
Message : When accessing https://mail.anchorconveyor.com/autodiscover/autodisco
          ver.xml the error "RemoteCertificateNameMismatch:CN=SERVER.anchorconv
          eyor.local" was reported.

Id      : 1013
Type    : Error
Message : When contacting https://mail.anchorconveyor.com/autodiscover/autodisc
          over.xml received the error The remote server returned an error: (401
          ) Unauthorized.

Id      : 1006
Type    : Error
Message : The Autodiscover service could not be contacted.

Any help is appreciated
David Barman
David Barman
  • 2
1 Solution
Either drop the SSL on the AutoDiscover VD in IIS or change the URL to match the name on the cert:

Set-ClientAccessServer -autodiscoverInternalUri "https://SERVER.Anchorconveyor.local/AutoDiscover/AutoDiscover.XML"

Internally it will work with the .local name (name on cert), but external users will get a certificate warning (external users will use DNS and not the URL above)
ya u can make autodiscover to work without requiing a certificate using HTTP redirect method

Copy pasted this from technet for your convinience
 Scenario 4: Using the Autodiscover Service with Redirection

Until the release of the update rollup for Outlook 2007, described in Microsoft Knowledge Base article 939184 and referred to in Scenario 2: Using One Single-Name Certificate earlier in this white paper, this kind of deployment scenario was, and may still be, the ideal solution to use in situations such as a hosted Exchange 2007 environment. Using the Autodiscover service with redirection may be the ideal solution because some DNS providers do not support SRV records. However, this kind of deployment can also be used for organizations that are not hosting multiple domains. With this option, you install a single-name certificate on the Default Web Site and create another Web site that contains no certificate. Domain-connected clients continue to locate the Autodiscover service by using the SCP object and will not receive any security warnings as long as the URL for connecting to the Autodiscover service which is stored in the SCP object has been changed to refer to the FQDN of the certificate installed on the Default Web Site. Clients that connect from the Internet will at first be unable to find Autodiscover by using DNS, as described in How the Autodiscover Service Works earlier in this white paper. However, before failing to connect to the Autodiscover service, Outlook will try an additional method to connect to the Autodiscover URL by using HTTP (instead of HTTPS) and connect to the Autodiscover Web site and then be redirected to the Autodiscover service hosted under the Default Web Site. When these Internet-based Outlook clients connect to this redirection site, they will see a dismissible warning messaging asking them to verify that they are being redirected to a trusted URL. In this case, you must advise your users to accept this warning message and allow Outlook to connect to this trusted URL.

David BarmanAuthor Commented:
Led me to the correct path.  thanks
Thanks for points

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now