MediaMon
asked on
Exchange 2010 SP1 autodiscover
Hi All
I have recently added 3 Exchange 2010 (1 x CAS array / 2 x Mailbox/HUB) into our exchange 2003/2007 environment.
Previously our OWA/ActiveSync server in the DMZ was upgraded to Exchange 2007 (been running fine for about 18 months, I know this is an unsupported config).
This server acts as OWA & ActiveSync for our Exchange 2003 servers.
However I can’t get Auto discover working correctly.
When I run tests form outlook I get the following.
Srv Record lookup for http://autodiscover.domain.com/autodiscover/autodiscover.xml Failed (0x80004005).
Autodiscover has a CNAME record pointing to the New Exchange 2010 CAS
When I run I get the following.
[PS] C:\Users\Exchsrvc\Desktop> Get-Client AccessServ er | Select Name, AutoDiscoverServiceInterna lUri | FL
Name : XM2
AutoDiscoverServiceInterna lUri : https://xm2.domain.com/Autodiscover/Autodiscover.xml
Name : PRDEXCAS1
AutoDiscoverServiceInterna lUri : https://prdexcas1.domain.com/Autodiscover/Autodiscover.xml
I think the problem is some clients are trying to contact the DMZ CAS 2007 (XM2 for autodiscover).
When I run Test-OutlookWebServices on the exchange 2010 CAS server I get no errors.
When I run it on XM2 I get
Id Type Message
-- ---- -------
1003 Information About to test AutoDisc...
1007 Information Testing server xm2.med...
1019 Information Found a valid AutoDisc...
1005 Error When accessing https:/...
1013 Error When contacting https:...
1013 Error When contacting https:...
1006 Error The Autodiscover servi...
Now XM2 is running OWA and ActiveSync and working fine.
My question is.
1. Can I remove XM2 from the Exchange 2010 autodiscover without it breaking OWA ?
Thanks
I have recently added 3 Exchange 2010 (1 x CAS array / 2 x Mailbox/HUB) into our exchange 2003/2007 environment.
Previously our OWA/ActiveSync server in the DMZ was upgraded to Exchange 2007 (been running fine for about 18 months, I know this is an unsupported config).
This server acts as OWA & ActiveSync for our Exchange 2003 servers.
However I can’t get Auto discover working correctly.
When I run tests form outlook I get the following.
Srv Record lookup for http://autodiscover.domain.com/autodiscover/autodiscover.xml Failed (0x80004005).
Autodiscover has a CNAME record pointing to the New Exchange 2010 CAS
When I run I get the following.
[PS] C:\Users\Exchsrvc\Desktop>
Name : XM2
AutoDiscoverServiceInterna
Name : PRDEXCAS1
AutoDiscoverServiceInterna
I think the problem is some clients are trying to contact the DMZ CAS 2007 (XM2 for autodiscover).
When I run Test-OutlookWebServices on the exchange 2010 CAS server I get no errors.
When I run it on XM2 I get
Id Type Message
-- ---- -------
1003 Information About to test AutoDisc...
1007 Information Testing server xm2.med...
1019 Information Found a valid AutoDisc...
1005 Error When accessing https:/...
1013 Error When contacting https:...
1013 Error When contacting https:...
1006 Error The Autodiscover servi...
Now XM2 is running OWA and ActiveSync and working fine.
My question is.
1. Can I remove XM2 from the Exchange 2010 autodiscover without it breaking OWA ?
Thanks
Firstly, your AUTODISCOVER DNS record should be an A record, not a CNAME record. It should point to an IP Address not an alias.
Secondly, please run the following command in the Exchange Management Console and report back the results:
get-webservicesvirtualdire ctory | fl *url*
Secondly, please run the following command in the Exchange Management Console and report back the results:
get-webservicesvirtualdire
ASKER
Thanks Alan
I have removed the CNAME and added a host record.
Output of the command below.
[PS] C:\Users\Exchsrvc\Desktop> get-webser vicesvirtu aldirector y | fl *url*
InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl :
InternalNLBBypassUrl : https://prdexcas1.domain.com/ews/exchange.asmx
InternalUrl : https://prdexcas1.domain.com/EWS/Exchange.asmx
ExternalUrl :
Thanks
I have removed the CNAME and added a host record.
Output of the command below.
[PS] C:\Users\Exchsrvc\Desktop>
InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl :
InternalNLBBypassUrl : https://prdexcas1.domain.com/ews/exchange.asmx
InternalUrl : https://prdexcas1.domain.com/EWS/Exchange.asmx
ExternalUrl :
Thanks
Okay - so no External URL's and the internal bypass URL is all lowercase and anything after the first / in a domain URL is case sensitive, thus:
InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl :
Should be:
InternalNLBBypassUrl : https://xm2.domain.com/EWS/Exchange.asmx
InternalUrl : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl : https://externalname.domain.com/EWS/Exchange.asmx
InternalNLBBypassUrl : https://xm2.domain.com/ews/exchange.asmx
InternalUrl : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl :
Should be:
InternalNLBBypassUrl : https://xm2.domain.com/EWS/Exchange.asmx
InternalUrl : https://xm2.domain.com/EWS/Exchange.asmx
ExternalUrl : https://externalname.domain.com/EWS/Exchange.asmx
ASKER
Thank Alan
So how do I chnage these URL's ?
Also I want to remove XM2 as that is a Exchnage 2007 CAS box in our DMZ. I want it to use PRDEXCAS1 only.
Thanks
So how do I chnage these URL's ?
Also I want to remove XM2 as that is a Exchnage 2007 CAS box in our DMZ. I want it to use PRDEXCAS1 only.
Thanks
You can use the following EMS comand:
Set-WebServicesVirtualDire ctory -Identity DOMAIN\EWS(default Web site) -ExternalUrl https://www.domain.com/EWS/exchange.asmx -BasicAuthentication $true -InternalUrl https://SERVER.internal.local/EWS/exchange.asmx -internalnlbbypassurl https://SERVER.internal.local/EWS/exchange.asmx
Change the bits in Bold to reflect your environment.
Set-WebServicesVirtualDire
Change the bits in Bold to reflect your environment.
ASKER
Thanks Alan so I have changed the INternalNLBbypassURL.
[PS] C:\Users\Exchsrvc\Desktop> get-webser vicesvirtu aldirector y | fl *url*
InternalNLBBypassUrl : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl :
InternalNLBBypassUrl : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl :
Still it seems auto discover is first querying XM2.
Test-OutlookWebServices fails on XM2 however it works perfectly on PRDEXCAS1 anyway I can remove the entry for XM2 without decommissioning the server ?
Thanks
[PS] C:\Users\Exchsrvc\Desktop>
InternalNLBBypassUrl : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl : https://xm2.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl :
InternalNLBBypassUrl : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
InternalUrl : https://prdexcas1.mediamonitors.com.au/EWS/Exchange.asmx
ExternalUrl :
Still it seems auto discover is first querying XM2.
Test-OutlookWebServices fails on XM2 however it works perfectly on PRDEXCAS1 anyway I can remove the entry for XM2 without decommissioning the server ?
Thanks
ASKER
Also just checked I am only using the In-built exchange Certificate as this CAS is not Internet facing and only PRDEXCAS1.domain.com is listed. Do I need to Assign a New Exchnage Certificate like mentioned inthe below article for autodiscover.domain.com ?
http://technet.microsoft.com/en-us/library/dd351057.aspx
Will this cause any dramas with existing mailbox users on Exchnage 2010 ?
Many Thanks
http://technet.microsoft.com/en-us/library/dd351057.aspx
Will this cause any dramas with existing mailbox users on Exchnage 2010 ?
Many Thanks
To get Exchange 2010 working properly you need to buy and install a SAN / UCC SSL certificate with the following minimum names:
mail.externaldomain.com (or whatever you have chosen to use)
autodiscover.externaldomai n.com
internalservername.interna ldomain.lo cal
internalservername
To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server.
Once all this is in place, Exchange will work properly and so will Autodiscover / Out Of Office etc.
GoDaddy are about the cheapest place to buy an SSL certificate.
Alan
mail.externaldomain.com (or whatever you have chosen to use)
autodiscover.externaldomai
internalservername.interna
internalservername
To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server.
Once all this is in place, Exchange will work properly and so will Autodiscover / Out Of Office etc.
GoDaddy are about the cheapest place to buy an SSL certificate.
Alan
ASKER
Thanks Alan I will purchase a certificate and let you know how I get on.
Thanks again
Thanks again
ASKER
Hi Alan
Sorr for the delay.
So I have installed a wild card certificate and I can access OWA not problem certificate seems to be working.
However autodiscover is not working. I even have to type in my cas array name when setting up an outlook profile.
I turned on loggin on the outllook client and I get.
1412 109267921 10/18/11 15:02:38 Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml starting
1412 109268046 10/18/11 15:02:38 Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="15:02:38.5473865" Id="624335843">
<ErrorCode>500</ErrorCode>
<Message>The e-mail address cannot be found.</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
----END XML----
1412 109268093 10/18/11 15:02:38 Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml FAILED (0x800C8203)
1412 109268109 10/18/11 15:02:38 Autodiscover to https://domain.com/autodiscover/autodiscover.xml starting
1412 109274296 10/18/11 15:02:44 Autodiscover to https://domain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
1412 109274312 10/18/11 15:02:44 Autodiscover to https://autodiscover.domain.com/autodiscover/autodiscover.xml starting
1412 109274437 10/18/11 15:02:45 Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="15:02:44.9226313" Id="624335843">
<ErrorCode>500</ErrorCode>
<Message>The e-mail address cannot be found.</Message>
<DebugData />
I am really running out of ideas I have read what seems like 100's of posts to no avail.
Any ideas would be appreciated.
Thanks
Sorr for the delay.
So I have installed a wild card certificate and I can access OWA not problem certificate seems to be working.
However autodiscover is not working. I even have to type in my cas array name when setting up an outlook profile.
I turned on loggin on the outllook client and I get.
1412 109267921 10/18/11 15:02:38 Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml starting
1412 109268046 10/18/11 15:02:38 Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="15:02:38.5473865" Id="624335843">
<ErrorCode>500</ErrorCode>
<Message>The e-mail address cannot be found.</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
----END XML----
1412 109268093 10/18/11 15:02:38 Autodiscover to https://PRDEXCAS1.domain.com/Autodiscover/Autodiscover.xml FAILED (0x800C8203)
1412 109268109 10/18/11 15:02:38 Autodiscover to https://domain.com/autodiscover/autodiscover.xml starting
1412 109274296 10/18/11 15:02:44 Autodiscover to https://domain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
1412 109274312 10/18/11 15:02:44 Autodiscover to https://autodiscover.domain.com/autodiscover/autodiscover.xml starting
1412 109274437 10/18/11 15:02:45 Autodiscover XML Received
---BEGIN XML---
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="15:02:44.9226313" Id="624335843">
<ErrorCode>500</ErrorCode>
<Message>The e-mail address cannot be found.</Message>
<DebugData />
I am really running out of ideas I have read what seems like 100's of posts to no avail.
Any ideas would be appreciated.
Thanks
Did you setup the DNS A record called Autodiscover (in external DNS)?
ASKER
HI Alan
I am just trying to get autodiscover working internally for starters.
I have setup an A record called autodiscover and can resolve this no problems.
Looking att he above error its seems teh client is recieveing the XML but can't do anythig with it.
I can access it with a browser no problem.but i get the 600 invaild which from what I read is normal behaviour.
Thanks
I am just trying to get autodiscover working internally for starters.
I have setup an A record called autodiscover and can resolve this no problems.
Looking att he above error its seems teh client is recieveing the XML but can't do anythig with it.
I can access it with a browser no problem.but i get the 600 invaild which from what I read is normal behaviour.
Thanks
Where did you setup the Autodiscover A record? In internal DNS?
ASKER
Hi Alan
Yes internal DNS. I am ready to log a call with MS I am getting no where with this, thanks anyway for your suggestions.
Yes internal DNS. I am ready to log a call with MS I am getting no where with this, thanks anyway for your suggestions.
As per my earlier comment:
http:#a36890384
"To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server."
The Autodiscover A record needs to be created in DNS (Externally - not Internally).
Please go to your Domains Control Panel and create the A record called AUTODISCOVER and point it to the External IP Address of your server. Once this is configured, things will start to work properly.
Alan
http:#a36890384
"To get Out Of Office and the Offline Address book working, you will need to create a new DNS A record in your Domains Control Panel (not internal DNS), called Autodiscover and it needs to point to the IP address of your Exchange server."
The Autodiscover A record needs to be created in DNS (Externally - not Internally).
Please go to your Domains Control Panel and create the A record called AUTODISCOVER and point it to the External IP Address of your server. Once this is configured, things will start to work properly.
Alan
ASKER
Hi Alan
Sorry I am a bit confused as to why I have to create an external record for this ? Asuming my company provides no external access to mail resources why do I need to publish autodicover.domain.com with a public IP address ?
I just want my internal clients to get to get their outlook profiles setup by autodiscover.
I If need to create this externally for example 203.116.5.x it seems crazy my clients would go outside to access something internally ?
Thanks
Sorry I am a bit confused as to why I have to create an external record for this ? Asuming my company provides no external access to mail resources why do I need to publish autodicover.domain.com with a public IP address ?
I just want my internal clients to get to get their outlook profiles setup by autodiscover.
I If need to create this externally for example 203.116.5.x it seems crazy my clients would go outside to access something internally ?
Thanks
Autodiscover is looked up using external DNS. It does seem crazy - but that is how it works.
ASKER
Thanks Alan so I have done as you suggested
name class type data time to live
autodiscover.domain.com IN A 203.110.xxx.xx 86400s (1d)
as domain.com is actually our AD domain suffix so I still had to add an internal DNS A record to point to 203.110.xxx.xx does that sound right ?
Will be doing some tests today. Also thanks for this great article I encountered this problem to with some mobile devices.
http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/
Thanks
name class type data time to live
autodiscover.domain.com IN A 203.110.xxx.xx 86400s (1d)
as domain.com is actually our AD domain suffix so I still had to add an internal DNS A record to point to 203.110.xxx.xx does that sound right ?
Will be doing some tests today. Also thanks for this great article I encountered this problem to with some mobile devices.
http://alanhardisty.wordpress.com/2010/03/05/activesync-not-working-on-exchange-2010-when-inherit-permissions-not-set/
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
http://autodiscover.domain.com/autodiscover/autodiscover.xml when they should be using
https://autodiscover.domain.com/autodiscover/autodiscover.xml.
Can I edit the SCP to reflect the correct URL ?
Thanks