dangermouse1977
asked on
Exchange 2010 AutoDiscover / Outlook Anywhere issue
Having a strange problem with Outlook / Exchange 2010 here that I hope someone can help me through.
I have outlook set up on a number of company laptops, using outlook anywhere so that they work both inside and outside the corporate LAN.
on the internal LAN everything works fine, externally however Outlook refuses to connect, continually displaying a pop-up box asking for the username and password.... putting those in doesn't do anything, the message just re-appears.
After much testing, I have discovered that if I navigate within outlook to
accounts / more settings / connections tab / exchange proxy settings button
There's a section entitled connection settings - this is populated with the following
https://internal_server_name.domain.com
there's then a tick in the box saying "only connect to proxy servers that have.........
if I change the first box to https://mail.domain.com and remove the tick from the second box then everything works externally.
However, the moment the machines are plugged back into the LAN, the original settings re-populate.
This tells me it's something to do with the autodiscover file..... but I don't know exchange well enough to fiddle.
Can someone either help me sort the problem, or disable autodiscover somehow as (to my knowledge) we don;t actually need autodiscover to work.
I have outlook set up on a number of company laptops, using outlook anywhere so that they work both inside and outside the corporate LAN.
on the internal LAN everything works fine, externally however Outlook refuses to connect, continually displaying a pop-up box asking for the username and password.... putting those in doesn't do anything, the message just re-appears.
After much testing, I have discovered that if I navigate within outlook to
accounts / more settings / connections tab / exchange proxy settings button
There's a section entitled connection settings - this is populated with the following
https://internal_server_name.domain.com
there's then a tick in the box saying "only connect to proxy servers that have.........
if I change the first box to https://mail.domain.com and remove the tick from the second box then everything works externally.
However, the moment the machines are plugged back into the LAN, the original settings re-populate.
This tells me it's something to do with the autodiscover file..... but I don't know exchange well enough to fiddle.
Can someone either help me sort the problem, or disable autodiscover somehow as (to my knowledge) we don;t actually need autodiscover to work.
ASKER
OK, I understand the words you've written, but have absolutely no idea how to achieve any of the things you mention.
Any chance of a step by step for someone who's open exchange management console perhaps 3 times total!!
Any chance of a step by step for someone who's open exchange management console perhaps 3 times total!!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In adsiedit you need to remove the setting scp as per below.
CN=<CAS_server>,CN=AutoDis cover,CN=P rotocols,C N=<CAS_Ser ver>,CN=Se rvers,CN=E xchange Administrative Group, CN=AdministrativeGroup,CN= <Organizat ion>,CN=Se rvices,[Co nfiguratio n Naming Context].
http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/configuring-outlook-2007-exchange-server-2007.html
CN=<CAS_server>,CN=AutoDis
http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/configuring-outlook-2007-exchange-server-2007.html
Dont do this "In adsiedit you need to remove the setting scp as per below."
This will prevent your clients auto configuring when on the domain, it doesnt resolve the problem.
Go to the Website https://www.testexchangeconnectivity.com/
From there run the test Outlook Anywhere (RPC over HTTP)
this will return to you some errors, you can cut and paste the results here and an Expert can help you resolve the problem.
This will prevent your clients auto configuring when on the domain, it doesnt resolve the problem.
Go to the Website https://www.testexchangeconnectivity.com/
From there run the test Outlook Anywhere (RPC over HTTP)
this will return to you some errors, you can cut and paste the results here and an Expert can help you resolve the problem.
ASKER
OK, test has been run, I've pasted the results below.... there's something strange though, the IP address that it's returned is the IP address of the domain hosting company that used to host the POP mail on the domain months ago before we converted to an Internal exchange server..... not sure why that is?
Testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
ExRCA is attempting to test Autodiscover for d.mines@adc-international. com.
Testing Autodiscover failed.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential Autodiscover URL https://adc-international.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name adc-international.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 84.18.207.37
Testing TCP port 443 on host adc-international.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server adc-international.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Attempting to test potential Autodiscover URL https://autodiscover.adc-international.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.adc-internati onal.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 84.18.207.37
Testing TCP port 443 on host autodiscover.adc-internati onal.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.adc-internati onal.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.adc-internati onal.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 84.18.207.37
Testing TCP port 80 on host autodiscover.adc-internati onal.com to ensure it's listening and open.
The port was opened successfully.
ExRCA is checking the host autodiscover.adc-internati onal.com for an HTTP redirect to the Autodiscover service.
ExRCA failed to get an HTTP redirect response for Autodiscover.
Additional Details
A Web exception occurred because an HTTP 400 - BadRequest response was received from Unknown.
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.adc-int ernational .com in DNS.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
Testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
ExRCA is attempting to test Autodiscover for d.mines@adc-international.
Testing Autodiscover failed.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential Autodiscover URL https://adc-international.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name adc-international.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 84.18.207.37
Testing TCP port 443 on host adc-international.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server adc-international.com on port 443.
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Attempting to test potential Autodiscover URL https://autodiscover.adc-international.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.adc-internati
The host name resolved successfully.
Additional Details
IP addresses returned: 84.18.207.37
Testing TCP port 443 on host autodiscover.adc-internati
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.adc-internati
ExRCA wasn't able to obtain the remote SSL certificate.
Additional Details
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.adc-internati
The host name resolved successfully.
Additional Details
IP addresses returned: 84.18.207.37
Testing TCP port 80 on host autodiscover.adc-internati
The port was opened successfully.
ExRCA is checking the host autodiscover.adc-internati
ExRCA failed to get an HTTP redirect response for Autodiscover.
Additional Details
A Web exception occurred because an HTTP 400 - BadRequest response was received from Unknown.
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.adc-int
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it
ASKER
I should probably mention that the ISP who own that IP address still host the web presence attached to the domain and the domain is registered through them.
Our exchange server is internal though and should be on 94.200.114.*** address
Our exchange server is internal though and should be on 94.200.114.*** address
You need to contact the ISP and get them to modify the autodiscover record in public dns to alias the owa address. You can goto the ip of the firewall but like mx records it's not best practice.
ASKER
OK, so what exactly do I need to ask the ISP to do,
ie: Dear ISP... please alter the autodiscover record for our domain in public DNS to alias ????????
are they looking for an IP address, a domain name or.....?
ie: Dear ISP... please alter the autodiscover record for our domain in public DNS to alias ????????
are they looking for an IP address, a domain name or.....?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
did you go where I told you ? did you check the settings I asked you to ?
ASKER
@ Akhater
I went there and it did say internal name, so I changed it to mail.domain.com but the error still persists
I went there and it did say internal name, so I changed it to mail.domain.com but the error still persists
Good you changed it this is one step closer to solving your problem.
what do you mean the error persists, when you connect a computer what are the settings by outlook now ? it should be the mail.domain.com and not internalname.domain.com
what do you mean the error persists, when you connect a computer what are the settings by outlook now ? it should be the mail.domain.com and not internalname.domain.com
ASKER
OK, thanks for the help, I'm actually in Dubai, so Friday / Saturday am not in the office as it's our weekend.
I'll pick this up again on Sunday morning and try and work through to a solution.
Thanks again
I'll pick this up again on Sunday morning and try and work through to a solution.
Thanks again
ASKER
I've accepted both answers as I'm not sure which change actually fixed the issue, either way everything is now functioning as it should.
As a helper, you can use the tools provided by https://www.testexchangeconnectivity.com/