Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Exchange 2010 AutoDiscover / Outlook Anywhere issue

Posted on 2011-10-20
15
Medium Priority
?
2,283 Views
Last Modified: 2012-05-12
Having a strange problem with Outlook / Exchange 2010 here that I hope someone can help me through.

I have outlook set up on a number of company laptops, using outlook anywhere so that they work both inside and outside the corporate LAN.
on the internal LAN everything works fine, externally however Outlook refuses to connect, continually displaying a pop-up box asking for the username and password.... putting those in doesn't do anything, the message just re-appears.

After much testing, I have discovered that if I navigate within outlook to
accounts / more settings / connections tab / exchange proxy settings button

There's a section entitled connection settings - this is populated with the following
https://internal_server_name.domain.com
there's then a tick in the box saying "only connect to proxy servers that have.........

if I change the first box to https://mail.domain.com and remove the tick from the second box then everything works externally.

However, the moment the machines are plugged back into the LAN, the original settings re-populate.

This tells me it's something to do with the autodiscover file..... but I don't know exchange well enough to fiddle.

Can someone either help me sort the problem, or disable autodiscover somehow as (to my knowledge) we don;t actually need autodiscover to work.
0
Comment
Question by:dangermouse1977
  • 7
  • 4
  • 3
  • +1
15 Comments
 
LVL 14

Expert Comment

by:Radweld
ID: 36999555
You need to ensure you have a DNS entry for Autodiscover.yourdomain.com and that the public certificate installed on the client access server contains the subject of yourdomain.com and also subject alternative names of mail or webmail.yourdomain.com and autodiscover.yourdomain.com

As a helper, you can use the tools provided by https://www.testexchangeconnectivity.com/
0
 

Author Comment

by:dangermouse1977
ID: 36999624
OK, I understand the words you've written, but have absolutely no idea how to achieve any of the things you mention.

Any chance of a step by step for someone who's open exchange management console perhaps 3 times total!!
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 1000 total points
ID: 36999636
Open Exchamge Mangement Console -> server configuration => Client Access  

on the right hand side select your server and right click properties

go to the last tab (outlook anywehre) what is written in the external host name ? make sure it is mail.domain.com and not internalname.domain.com
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 7

Expert Comment

by:viveksahu
ID: 36999708
In adsiedit you need to remove the setting scp as per below.

CN=<CAS_server>,CN=AutoDiscover,CN=Protocols,CN=<CAS_Server>,CN=Servers,CN=Exchange Administrative Group, CN=AdministrativeGroup,CN=<Organization>,CN=Services,[Configuration Naming Context].

http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/configuring-outlook-2007-exchange-server-2007.html
0
 
LVL 14

Expert Comment

by:Radweld
ID: 37000122
Dont do this "In adsiedit you need to remove the setting scp as per below."

This will prevent your clients auto configuring when on the domain, it doesnt resolve the problem.

Go to the Website https://www.testexchangeconnectivity.com/

From there run the test Outlook Anywhere (RPC over HTTP)

 Test Exchange
this will return to you some errors, you can cut and paste the results here and an Expert can help you resolve the problem.
0
 

Author Comment

by:dangermouse1977
ID: 37001850
OK, test has been run, I've pasted the results below.... there's something strange though, the IP address that it's returned is the IP address of the domain hosting company that used to host the POP mail on the domain months ago before we converted to an Internal exchange server..... not sure why that is?

Testing RPC/HTTP connectivity.
 The RPC/HTTP test failed.
 Test Steps
 ExRCA is attempting to test Autodiscover for d.mines@adc-international.com.
 Testing Autodiscover failed.
 Test Steps
 Attempting each method of contacting the Autodiscover service.
 The Autodiscover service couldn't be contacted successfully by any method.
 Test Steps
 Attempting to test potential Autodiscover URL https://adc-international.com/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name adc-international.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 84.18.207.37

Testing TCP port 443 on host adc-international.com to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The SSL certificate failed one or more certificate validation checks.
 Test Steps
 ExRCA is attempting to obtain the SSL certificate from remote server adc-international.com on port 443.
 ExRCA wasn't able to obtain the remote SSL certificate.
 Additional Details
 The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.





Attempting to test potential Autodiscover URL https://autodiscover.adc-international.com/AutoDiscover/AutoDiscover.xml
 Testing of this potential Autodiscover URL failed.
 Test Steps
 Attempting to resolve the host name autodiscover.adc-international.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 84.18.207.37

Testing TCP port 443 on host autodiscover.adc-international.com to ensure it's listening and open.
 The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
 The SSL certificate failed one or more certificate validation checks.
 Test Steps
 ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.adc-international.com on port 443.
 ExRCA wasn't able to obtain the remote SSL certificate.
 Additional Details
 The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.





Attempting to contact the Autodiscover service using the HTTP redirect method.
 The attempt to contact Autodiscover using the HTTP Redirect method failed.
 Test Steps
 Attempting to resolve the host name autodiscover.adc-international.com in DNS.
 The host name resolved successfully.
 Additional Details
 IP addresses returned: 84.18.207.37

Testing TCP port 80 on host autodiscover.adc-international.com to ensure it's listening and open.
 The port was opened successfully.
ExRCA is checking the host autodiscover.adc-international.com for an HTTP redirect to the Autodiscover service.
 ExRCA failed to get an HTTP redirect response for Autodiscover.
 Additional Details
 A Web exception occurred because an HTTP 400 - BadRequest response was received from Unknown.



Attempting to contact the Autodiscover service using the DNS SRV redirect method.
 ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
 Test Steps
 Attempting to locate SRV record _autodiscover._tcp.adc-international.com in DNS.
 The Autodiscover SRV record wasn't found in DNS.
  Tell me more about this issue and how to resolve it
0
 

Author Comment

by:dangermouse1977
ID: 37001857
I should probably mention that the ISP who own that IP address still host the web presence attached to the domain and the domain is registered through them.
Our exchange server is internal though and should be on 94.200.114.*** address
0
 
LVL 14

Expert Comment

by:Radweld
ID: 37002214
You need to contact the ISP and get them to modify the autodiscover record in public dns to alias the owa address. You can goto the ip of the firewall but like mx records it's not best practice.
0
 

Author Comment

by:dangermouse1977
ID: 37002241
OK, so what exactly do I need to ask the ISP to do,

ie: Dear ISP... please alter the autodiscover record for our domain in public DNS to alias ????????
 
are they looking for an IP address, a domain name or.....?
0
 
LVL 14

Accepted Solution

by:
Radweld earned 1000 total points
ID: 37002348
The simple answer would be the external ip of your firewall, the ideal answer would be to the Dns alias your using fo outlook web access. As long as autodiscover resolves is dns to you internal server instead of the wrong one.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37002931
did you go where I told you ? did you check the settings I asked you to ?
0
 

Author Comment

by:dangermouse1977
ID: 37004724
@ Akhater

I went there and it did say internal name, so I changed it to mail.domain.com but the error still persists
0
 
LVL 49

Expert Comment

by:Akhater
ID: 37005317
Good you changed it this is one step closer to solving your problem.

what do you mean the error persists, when you connect a computer what are the settings by outlook now ? it should be the mail.domain.com and not internalname.domain.com
0
 

Author Comment

by:dangermouse1977
ID: 37005486
OK, thanks for the help, I'm actually in Dubai, so Friday / Saturday am not in the office as it's our weekend.
I'll pick this up again on Sunday morning and try and work through to a solution.
Thanks again
0
 

Author Closing Comment

by:dangermouse1977
ID: 37105960
I've accepted both answers as I'm not sure which change actually fixed the issue, either way everything is now functioning as it should.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Suggested Courses
Course of the Month21 days, 6 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question