Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1008
  • Last Modified:

Exchange 2010 SP1 autodiscover

Hi All
I have recently added 3 Exchange 2010 (1 x CAS array / 2 x Mailbox/HUB) into our exchange 2003/2007 environment.

Previously our OWA/ActiveSync server in the DMZ was upgraded to Exchange 2007 (been running fine for about 18 months, I know this is an unsupported config).

 This server acts as OWA & ActiveSync for our Exchange 2003 servers.

However I can’t get Auto discover working correctly.

When I run tests form outlook I get the following.

Srv Record lookup for http://autodiscover.domain.com/autodiscover/autodiscover.xml Failed (0x80004005).
Autodiscover has a CNAME record pointing to the New Exchange 2010 CAS

When I run I get the following.

[PS] C:\Users\Exchsrvc\Desktop>Get-ClientAccessServer | Select Name, AutoDiscoverServiceInternalUri | FL
Name                           : XM2
AutoDiscoverServiceInternalUri : https://xm2.domain.com/Autodiscover/Autodiscover.xml
Name                           : PRDEXCAS1
AutoDiscoverServiceInternalUri : https://prdexcas1.domain.com/Autodiscover/Autodiscover.xml

I think the problem is some clients are trying to contact the DMZ CAS 2007 (XM2 for autodiscover).

When I run Test-OutlookWebServices on the exchange 2010 CAS server I get no errors.

When I run it on XM2 I get
  Id                       Type Message
  --                       ---- -------
1003                Information About to test AutoDisc...
1007                Information Testing server xm2.med...
1019                Information Found a valid AutoDisc...
1005                      Error When accessing https:/...
1013                      Error When contacting https:...
1013                      Error When contacting https:...
1006                      Error The Autodiscover servi...

Now XM2 is running OWA and ActiveSync and working fine.

My question is.

1.      Can I remove XM2 from the Exchange 2010 autodiscover without it breaking OWA ?
Thanks

0
MediaMon
Asked:
MediaMon
  • 12
  • 9
1 Solution
 
MediaMonAuthor Commented:
Also it seems my clients are trying to connect via

http://autodiscover.domain.com/autodiscover/autodiscover.xml when they should be using

https://autodiscover.domain.com/autodiscover/autodiscover.xml.

Can I edit the SCP to reflect the correct URL ?

Thanks

0
 
Alan HardistyCommented:
Firstly, your AUTODISCOVER DNS record should be an A record, not a CNAME record.  It should point to an IP Address not an alias.

Secondly, please run the following command in the Exchange Management Console and report back the results:

get-webservicesvirtualdirectory | fl *url*
0
 
MediaMonAuthor Commented:
Thanks Alan

I have removed the CNAME and added a host record.

Output of the command below.

[PS] C:\Users\Exchsrvc\Desktop>get-webservicesvirtualdirectory | fl *url*

InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl          : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl          :

InternalNLBBypassUrl : https://prdexcas1.domain.com/ews/exchange.asmx
InternalUrl          : https://prdexcas1.domain.com/EWS/Exchange.asmx
ExternalUrl          :

Thanks
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
Alan HardistyCommented:
Okay - so no External URL's and the internal bypass URL is all lowercase and anything after the first / in a domain URL is case sensitive, thus:

InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl          : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl          :

Should be:

InternalNLBBypassUrl : https://xm2.domain.com/EWS/Exchange.asmx
InternalUrl          : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl          : https://externalname.domain.com/EWS/Exchange.asmx
0
 
MediaMonAuthor Commented:
Thank Alan

So how do I chnage these URL's ?

Also I want to remove XM2 as that is a Exchnage 2007 CAS box in our DMZ. I want it to use PRDEXCAS1 only.

Thanks
0
 
Alan HardistyCommented:
You can use the following EMS comand:

Set-WebServicesVirtualDirectory -Identity DOMAIN\EWS(default Web site) -ExternalUrl https://www.domain.com/EWS/exchange.asmx -BasicAuthentication $true -InternalUrl https://SERVER.internal.local/EWS/exchange.asmx -internalnlbbypassurl https://SERVER.internal.local/EWS/exchange.asmx

Change the bits in Bold to reflect your environment.
0
 
MediaMonAuthor Commented:
Thanks Alan so I have changed the INternalNLBbypassURL.

[PS] C:\Users\Exchsrvc\Desktop>get-webservicesvirtualdirectory | fl *url*

InternalNLBBypassUrl : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl          : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl          :

InternalNLBBypassUrl : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl          : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl          :

Still it seems auto discover is first querying XM2.

Test-OutlookWebServices fails on XM2 however it works perfectly on PRDEXCAS1 anyway I can remove the entry for XM2 without decommissioning the server ?

Thanks
0
 
MediaMonAuthor Commented:
autodiscover result
0
 
MediaMonAuthor Commented:
Also just checked I am only using the In-built exchange Certificate as this CAS is not Internet facing and only PRDEXCAS1.domain.com is listed. Do I need to Assign a New Exchnage Certificate like mentioned inthe below article for autodiscover.domain.com ?

http://technet.microsoft.com/en-us/library/dd351057.aspx

Will this cause any dramas with existing mailbox users on Exchnage 2010 ?

Many Thanks

0
 
Alan HardistyCommented:
To get Exchange 2010 working properly you need to buy and install a SAN / UCC SSL certificate with the following minimum names:

mail.externaldomain.com (or whatever you have chosen to use)
autodiscover.externaldomain.com
internalservername.internaldomain.local
internalservername

To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server.

Once all this is in place, Exchange will work properly and so will Autodiscover / Out Of Office etc.

GoDaddy are about the cheapest place to buy an SSL certificate.

Alan
0
 
MediaMonAuthor Commented:
Thanks Alan I will purchase a certificate and let you know how I get on.

Thanks again
0
 
MediaMonAuthor Commented:
Hi Alan

Sorr for the delay.

So I have installed a wild card certificate and I can access OWA not problem certificate seems to be working.

However autodiscover is not working. I even have to type in my cas array name when setting up an outlook profile.

I turned on loggin on the outllook client and I get.

1412      109267921      10/18/11 15:02:38      Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml starting
1412      109268046      10/18/11 15:02:38      Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
  <Response>
    <Error Time="15:02:38.5473865" Id="624335843">
      <ErrorCode>500</ErrorCode>
      <Message>The e-mail address cannot be found.</Message>
      <DebugData />
    </Error>
  </Response>
</Autodiscover>
----END XML----
1412      109268093      10/18/11 15:02:38      Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml FAILED (0x800C8203)
1412      109268109      10/18/11 15:02:38      Autodiscover to https://domain.com/autodiscover/autodiscover.xml starting
1412      109274296      10/18/11 15:02:44      Autodiscover to https://domain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
1412      109274312      10/18/11 15:02:44      Autodiscover to https://autodiscover.domain.com/autodiscover/autodiscover.xml starting
1412      109274437      10/18/11 15:02:45      Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
  <Response>
    <Error Time="15:02:44.9226313" Id="624335843">
      <ErrorCode>500</ErrorCode>
      <Message>The e-mail address cannot be found.</Message>
      <DebugData />

I am really running out of ideas I have read what seems like 100's of posts to no avail.

Any ideas would be appreciated.

Thanks
0
 
Alan HardistyCommented:
Did you setup the DNS A record called Autodiscover (in external DNS)?
0
 
MediaMonAuthor Commented:
HI Alan

I am just trying to get autodiscover working internally for starters.

I have setup an A record called autodiscover and can resolve this no problems.

Looking att he above error its seems teh client is recieveing the XML but can't do anythig with it.

I can access it with a browser no problem.but i get the 600 invaild which from what I read is normal behaviour.

Thanks
0
 
Alan HardistyCommented:
Where did you setup the Autodiscover A record?  In internal DNS?
0
 
MediaMonAuthor Commented:
Hi Alan

Yes internal DNS. I am ready to log a call with MS I am getting no where with this, thanks anyway for your suggestions.

0
 
Alan HardistyCommented:
As per my earlier comment:

http:#a36890384

"To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server."

The Autodiscover A record needs to be created in DNS (Externally - not Internally).

Please go to your Domains Control Panel and create the A record called AUTODISCOVER and point it to the External IP Address of your server.  Once this is configured, things will start to work properly.

Alan
0
 
MediaMonAuthor Commented:
Hi Alan

Sorry I am a bit confused as to why I have to create an external record for this ? Asuming my company provides no external access to mail resources why do I need to publish autodicover.domain.com with a public IP address ?

I just want my internal clients to get to get their outlook profiles setup by autodiscover.

I If need to create this externally for example 203.116.5.x it seems crazy my clients would go outside to access something internally ?

Thanks

0
 
Alan HardistyCommented:
Autodiscover is looked up using external DNS.  It does seem crazy - but that is how it works.
0
 
MediaMonAuthor Commented:
Thanks Alan so I have done as you suggested

name      class      type      data      time to live

autodiscover.domain.com      IN      A      203.110.xxx.xx      86400s      (1d)

as domain.com is actually our AD domain suffix so I still had to add an internal DNS A record to point to 203.110.xxx.xx does that sound right ?

Will be doing some tests today. Also thanks for this great article I encountered this problem to with some mobile devices.

http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/

Thanks
0
 
Alan HardistyCommented:
Excellent - on both counts!

Give it an few hours and then check to see if Autodiscover works happily and also Out Of Office.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 12
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now