Exchange 2010 SP1 autodiscover

Hi All
I have recently added 3 Exchange 2010 (1 x CAS array / 2 x Mailbox/HUB) into our exchange 2003/2007 environment.

Previously our OWA/ActiveSync server in the DMZ was upgraded to Exchange 2007 (been running fine for about 18 months, I know this is an unsupported config).

 This server acts as OWA & ActiveSync for our Exchange 2003 servers.

However I can’t get Auto discover working correctly.

When I run tests form outlook I get the following.

Srv Record lookup for http://autodiscover.domain.com/autodiscover/autodiscover.xml Failed (0x80004005).
Autodiscover has a CNAME record pointing to the New Exchange 2010 CAS

When I run I get the following.

[PS] C:\Users\Exchsrvc\Desktop>Get-ClientAccessServer | Select Name, AutoDiscoverServiceInternalUri | FL
Name                           : XM2
AutoDiscoverServiceInternalUri : https://xm2.domain.com/Autodiscover/Autodiscover.xml
Name                           : PRDEXCAS1
AutoDiscoverServiceInternalUri : https://prdexcas1.domain.com/Autodiscover/Autodiscover.xml

I think the problem is some clients are trying to contact the DMZ CAS 2007 (XM2 for autodiscover).

When I run Test-OutlookWebServices on the exchange 2010 CAS server I get no errors.

When I run it on XM2 I get
  Id                       Type Message
  --                       ---- -------
1003                Information About to test AutoDisc...
1007                Information Testing server xm2.med...
1019                Information Found a valid AutoDisc...
1005                      Error When accessing https:/...
1013                      Error When contacting https:...
1013                      Error When contacting https:...
1006                      Error The Autodiscover servi...

Now XM2 is running OWA and ActiveSync and working fine.

My question is.

1.      Can I remove XM2 from the Exchange 2010 autodiscover without it breaking OWA ?
Thanks

MediaMonAsked:
Who is Participating?
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
Excellent - on both counts!

Give it an few hours and then check to see if Autodiscover works happily and also Out Of Office.
0
 
MediaMonAuthor Commented:
Also it seems my clients are trying to connect via

http://autodiscover.domain.com/autodiscover/autodiscover.xml when they should be using

https://autodiscover.domain.com/autodiscover/autodiscover.xml.

Can I edit the SCP to reflect the correct URL ?

Thanks

0
 
Alan HardistyCo-OwnerCommented:
Firstly, your AUTODISCOVER DNS record should be an A record, not a CNAME record.  It should point to an IP Address not an alias.

Secondly, please run the following command in the Exchange Management Console and report back the results:

get-webservicesvirtualdirectory | fl *url*
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
MediaMonAuthor Commented:
Thanks Alan

I have removed the CNAME and added a host record.

Output of the command below.

[PS] C:\Users\Exchsrvc\Desktop>get-webservicesvirtualdirectory | fl *url*

InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl          : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl          :

InternalNLBBypassUrl : https://prdexcas1.domain.com/ews/exchange.asmx
InternalUrl          : https://prdexcas1.domain.com/EWS/Exchange.asmx
ExternalUrl          :

Thanks
0
 
Alan HardistyCo-OwnerCommented:
Okay - so no External URL's and the internal bypass URL is all lowercase and anything after the first / in a domain URL is case sensitive, thus:

InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl          : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl          :

Should be:

InternalNLBBypassUrl : https://xm2.domain.com/EWS/Exchange.asmx
InternalUrl          : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl          : https://externalname.domain.com/EWS/Exchange.asmx
0
 
MediaMonAuthor Commented:
Thank Alan

So how do I chnage these URL's ?

Also I want to remove XM2 as that is a Exchnage 2007 CAS box in our DMZ. I want it to use PRDEXCAS1 only.

Thanks
0
 
Alan HardistyCo-OwnerCommented:
You can use the following EMS comand:

Set-WebServicesVirtualDirectory -Identity DOMAIN\EWS(default Web site) -ExternalUrl https://www.domain.com/EWS/exchange.asmx -BasicAuthentication $true -InternalUrl https://SERVER.internal.local/EWS/exchange.asmx -internalnlbbypassurl https://SERVER.internal.local/EWS/exchange.asmx

Change the bits in Bold to reflect your environment.
0
 
MediaMonAuthor Commented:
Thanks Alan so I have changed the INternalNLBbypassURL.

[PS] C:\Users\Exchsrvc\Desktop>get-webservicesvirtualdirectory | fl *url*

InternalNLBBypassUrl : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl          : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl          :

InternalNLBBypassUrl : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl          : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl          :

Still it seems auto discover is first querying XM2.

Test-OutlookWebServices fails on XM2 however it works perfectly on PRDEXCAS1 anyway I can remove the entry for XM2 without decommissioning the server ?

Thanks
0
 
MediaMonAuthor Commented:
autodiscover result
0
 
MediaMonAuthor Commented:
Also just checked I am only using the In-built exchange Certificate as this CAS is not Internet facing and only PRDEXCAS1.domain.com is listed. Do I need to Assign a New Exchnage Certificate like mentioned inthe below article for autodiscover.domain.com ?

http://technet.microsoft.com/en-us/library/dd351057.aspx

Will this cause any dramas with existing mailbox users on Exchnage 2010 ?

Many Thanks

0
 
Alan HardistyCo-OwnerCommented:
To get Exchange 2010 working properly you need to buy and install a SAN / UCC SSL certificate with the following minimum names:

mail.externaldomain.com (or whatever you have chosen to use)
autodiscover.externaldomain.com
internalservername.internaldomain.local
internalservername

To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server.

Once all this is in place, Exchange will work properly and so will Autodiscover / Out Of Office etc.

GoDaddy are about the cheapest place to buy an SSL certificate.

Alan
0
 
MediaMonAuthor Commented:
Thanks Alan I will purchase a certificate and let you know how I get on.

Thanks again
0
 
MediaMonAuthor Commented:
Hi Alan

Sorr for the delay.

So I have installed a wild card certificate and I can access OWA not problem certificate seems to be working.

However autodiscover is not working. I even have to type in my cas array name when setting up an outlook profile.

I turned on loggin on the outllook client and I get.

1412      109267921      10/18/11 15:02:38      Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml starting
1412      109268046      10/18/11 15:02:38      Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
  <Response>
    <Error Time="15:02:38.5473865" Id="624335843">
      <ErrorCode>500</ErrorCode>
      <Message>The e-mail address cannot be found.</Message>
      <DebugData />
    </Error>
  </Response>
</Autodiscover>
----END XML----
1412      109268093      10/18/11 15:02:38      Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml FAILED (0x800C8203)
1412      109268109      10/18/11 15:02:38      Autodiscover to https://domain.com/autodiscover/autodiscover.xml starting
1412      109274296      10/18/11 15:02:44      Autodiscover to https://domain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
1412      109274312      10/18/11 15:02:44      Autodiscover to https://autodiscover.domain.com/autodiscover/autodiscover.xml starting
1412      109274437      10/18/11 15:02:45      Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
  <Response>
    <Error Time="15:02:44.9226313" Id="624335843">
      <ErrorCode>500</ErrorCode>
      <Message>The e-mail address cannot be found.</Message>
      <DebugData />

I am really running out of ideas I have read what seems like 100's of posts to no avail.

Any ideas would be appreciated.

Thanks
0
 
Alan HardistyCo-OwnerCommented:
Did you setup the DNS A record called Autodiscover (in external DNS)?
0
 
MediaMonAuthor Commented:
HI Alan

I am just trying to get autodiscover working internally for starters.

I have setup an A record called autodiscover and can resolve this no problems.

Looking att he above error its seems teh client is recieveing the XML but can't do anythig with it.

I can access it with a browser no problem.but i get the 600 invaild which from what I read is normal behaviour.

Thanks
0
 
Alan HardistyCo-OwnerCommented:
Where did you setup the Autodiscover A record?  In internal DNS?
0
 
MediaMonAuthor Commented:
Hi Alan

Yes internal DNS. I am ready to log a call with MS I am getting no where with this, thanks anyway for your suggestions.

0
 
Alan HardistyCo-OwnerCommented:
As per my earlier comment:

http:#a36890384

"To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server."

The Autodiscover A record needs to be created in DNS (Externally - not Internally).

Please go to your Domains Control Panel and create the A record called AUTODISCOVER and point it to the External IP Address of your server.  Once this is configured, things will start to work properly.

Alan
0
 
MediaMonAuthor Commented:
Hi Alan

Sorry I am a bit confused as to why I have to create an external record for this ? Asuming my company provides no external access to mail resources why do I need to publish autodicover.domain.com with a public IP address ?

I just want my internal clients to get to get their outlook profiles setup by autodiscover.

I If need to create this externally for example 203.116.5.x it seems crazy my clients would go outside to access something internally ?

Thanks

0
 
Alan HardistyCo-OwnerCommented:
Autodiscover is looked up using external DNS.  It does seem crazy - but that is how it works.
0
 
MediaMonAuthor Commented:
Thanks Alan so I have done as you suggested

name      class      type      data      time to live

autodiscover.domain.com      IN      A      203.110.xxx.xx      86400s      (1d)

as domain.com is actually our AD domain suffix so I still had to add an internal DNS A record to point to 203.110.xxx.xx does that sound right ?

Will be doing some tests today. Also thanks for this great article I encountered this problem to with some mobile devices.

http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/

Thanks
0
All Courses

From novice to tech pro — start learning today.