Autodiscover service making life with Outlook 2007/2010 hell

Barthax used Ask the Experts™

We have a customer that has migrated their SBS 2003 Exchange install to Exchange 2010 on a new Windows 2008 R2 server.  All Outlook 2003 clients and iPhone/iPad clients are working fine with the migration.

Outlook 2007 and Outlook 2010 clients, however, continuously nag the user for credentials to log into  These clients perform all the normal activities - sending, receiving, etc.  When not using cached mode, a manual Send/Receive will collect the new e-mail and then pause at about 98% of the receive connection.  After about a minute the client will then ask the user for credentials to log into - something the customer has never been a part of nor do they have an account.

After some research, I can confirm that the Exchange 2010 installation:

- Has "Get-ClientAccessServer | fl AutoDiscoverServiceInternalUri" set to their internal server's "https://<server>/Autodiscover/Autodiscover.xml" URL.
- Has "Get-AutoDiscoverVirtualDirectory | fl InternalUrl, ExternalUrl" both set to their internal server's "https://<server>/Autodiscover/Autodiscover.xml" URL (they have no external Outlook clients).

I have discovered Microsoft Knowledge Base Article 2480582 and have altered the registry on these workstations to include the internal server's address (removing the entry there).  This made no changes.

This is a small company with one Exchange server, no requirement for external Outlook clients and no affiliation/requirement for  How can the installation be configured to prevent this CONSTANT nagging for credentials?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
It sounds like this company's DNS A record might be pointing to the wrong IP address maybe?

Check what Outlook is actually getting for autodiscover by doing ctrl+right click on the Outlook tray icon, and checking "Connection status" (to see what Outlook is trying to connect to) and "Test e-mail autoconfiguration" (to see what Outlook is getting from autodiscover, as opposed to how autodiscover is configured on the server).

When you do test autoconfig, uncheck the "GuessSmart" options, then maybe do it again with just those checked, to see if there's a difference.
There is no (equivalent) domain for the customer.  Why would there be when everything required of the server is internal.  Note: the AD domain is atypical SBS 2003: "<company>.local" whereas the live DNS domain is very different.  Just to clarify: you don't mean "autodiscover.<company>.local", do you?

Thanks for the pointers on Outlook, will check them.
Well, what I mean is that Outlook 2007 and 2010 use autodiscover, where Outlook 2003 does not, so if OL07/10 is trying to connect (at least in part) to some foreign FQDN for something that you don't have any idea about, it's probably coming from autodiscover.

Since you don't know anything about that FQDN, you didn't put it anywhere in the new system's autodiscover settings - so it stands to reason that the clients are getting something from autodiscover from a server that isn't the one you expect it to be. Outlook goes through a series of default URLs to look for autodiscover information for an email domain, and this article has an explanation of how that works (even though it's for OL2011 for Mac, it's still relevant):

And the last link in the above article goes to some internal CAS troubleshooting script usage information:
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Thanks for the links - I will go through them shortly.

The Outlook options you mention do not exist.  CTRL+right click does not give a different menu from the normal right-click menu (a series of which messages to display to the user and whether to open outlook).

No, no, not the taskbar icon to launch the program - when Outlook is running, there's an Outlook tray icon next to the clock. Might be autohidden, but there should be a little arrow on the edge of the tray to expand the hidden icons. This is all where the network and audio icons show up.
Hehe, yeah, that's the icon I was referring to: next to the clock, click the up arrow to see the hidden icons, then right-click or CTRL+right-click: there's no difference.

However, that all said, there really is an autodiscover.<DNS-domain> which no-one seems to have been aware of.  I can only guess at some stage, someone had agreed to a demo of the service and it had been created.

Much obliged. :)
Spot-on: the autodiscover sub-domain existed and was pointing to the incorrect location.  The link to the Tim Harrington article ( included a subsequent link to a which aided the discovery of the autodiscover sub-domain.

Darn, I almost recommended testexchangeconnectivity, too, but I didn't put together that it would be internet-facing for some reason. That you have ActiveSync devices should have told me that.

Glad you got it sorted out.
Whatever you do, don't second-guess gut-instinct.  Your first sentence in your first answer was the reason & I just didn't believe it - thinking I'd ruled it out through other means, I didn't check thoroughly.  Everything else just guided me back to your first sentence.  Thanks again. :)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial