Exch 2k10 AutoDiscover - HTTP 500 response returned from Unknown
Experts,
I've been following a million and a half different posts here on EE, but am having some serious issues still with my Exch2k10 Autodiscover settings. Internal non-windows clients (i.e. MAC, iPAD w/mail, etc) are unable to configure their mail settings correctly, as well as anything external (Android, etc.)
Here's a breakdown, I'll try to keep it as specific and short as possible.
Here is the error we receive when we run the
"Microsoft Remote Connectivity Analyzer" at https://www.testexchangeconnectivity.com/
All other tests prior to this pass without issue (Certificate / DNS / etc). I've deleted and recreated the autodiscover virtual directory via the Exchange Shell, but the problem hasn't been able to be rectified.
Going to "http://mail.domain.com/autodiscover/autodiscover.xml", it prompts for credentials and then gives me an "Invalid Request, Error 600" - which tells me that the service itself is working.
I've done quite a bit of troubleshooting on this, based on other EE posts - but I'm open to trying anything to get this working, so if anybody has any information on how I can - I'd be more than willing to try their suggestions out.
Google has a plathora of people with the same error code, each with a different solution that worked for them. Unfortunately, I haven't been so lucky. :(
I've been following a million and a half different posts here on EE, but am having some serious issues still with my Exch2k10 Autodiscover settings. Internal non-windows clients (i.e. MAC, iPAD w/mail, etc) are unable to configure their mail settings correctly, as well as anything external (Android, etc.)
Here's a breakdown, I'll try to keep it as specific and short as possible.
Here is the error we receive when we run the
"Microsoft Remote Connectivity Analyzer" at https://www.testexchangeconnectivity.com/
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Test Steps
ExRCA is attempting to retrieve an XML Autodiscover response from URL https://DOMAIN.COM/AutoDiscover/AutoDiscover.xml for user TEST@DOMAIN.COM.
ExRCA failed to obtain an Autodiscover XML response.
Additional Details
An HTTP 500 response was returned from Unknown. All other tests prior to this pass without issue (Certificate / DNS / etc). I've deleted and recreated the autodiscover virtual directory via the Exchange Shell, but the problem hasn't been able to be rectified.
Going to "http://mail.domain.com/autodiscover/autodiscover.xml", it prompts for credentials and then gives me an "Invalid Request, Error 600" - which tells me that the service itself is working.
I've done quite a bit of troubleshooting on this, based on other EE posts - but I'm open to trying anything to get this working, so if anybody has any information on how I can - I'd be more than willing to try their suggestions out.
Google has a plathora of people with the same error code, each with a different solution that worked for them. Unfortunately, I haven't been so lucky. :(
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
~~Oh~~ and yes, same error for both.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So sorry for the late response. Thank you for assisting.
I work in a school environment, and with the amount of crazyness that comes at the start of each cycle, it's hard to stay focused on a single issue.
Let me see if I can't answer your questions here:
Again, so sorry for the delayed response. I can't thank you enough for chiming in here to assist.
I work in a school environment, and with the amount of crazyness that comes at the start of each cycle, it's hard to stay focused on a single issue.
Let me see if I can't answer your questions here:
I believe so. I have "autodiscover", and "mail", as CNAMES to the root domain (We only have one public IP). I've also added an SRV record pointing to the same address.
1. Your Internal and External URLs for AutodiscoverURI/EWS/OAB are setup properly.
No sir. Unfortunately, I've never been able to get it working according to the Exchange connectivity analyzer. Internal clients (non-windows) clients did in fact work though when the unit was using self-signed certificates. Moving forward with an official cert, it seems to have a breakdown at some point.
2. I guess it was working fine internally and externally
Give me a minute to piece together one of these tests for output. I don't have an answer right this second for this.
1. When we do Test-EmailAutoconfiguration on outlook 2007 or later, whats the result?
No changes. I did recently purchase an official SSL cert, but the Exchange connectivity analyzer has always reported that autodiscover did not work.
2. What is the recent change in the network & on the server?
No. We have a direct connection between the internal server --> Router/NAT --> Internet. No proxy involved. I'm forwarding all the standard ports to the server, 25, 110, 80, 443.
3. Do you use any proxy server to connect to internet (to limit user access on WWW)?
Again, so sorry for the delayed response. I can't thank you enough for chiming in here to assist.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Test-OutlookWebServices:
Autodiscover test:
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1019
Type : Information
Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://ma
il.DOMAIN.com/autodiscover/autodiscover.xml.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1013
Type : Error
Message : When contacting https://mail.DOMAIN.com/autodiscover/autodiscover.xml received the error The remote
server returned an error: (500) Internal Server Error.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1023
Type : Error
Message : The Autodiscover service couldn't be contacted.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1113
Type : Error
Message : When contacting https://SERVER.DOMAIN.com:443/autodiscover/autodiscover.xml received the error The
remote server returned an error: (500) Internal Server Error.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1123
Type : Error
Message : The Autodiscover service couldn't be contacted.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1013
Type : Error
Message : When contacting https://mail.DOMAIN.com/ews/exchange.asmx received the error Client found response c
ontent type of '', but expected 'text/xml'.
The request failed with an empty response.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1025
Type : Error
Message : [EXCH] Error contacting the AS service at https://mail.DOMAIN.com/ews/exchange.asmx. Elapsed time wa
s 44 milliseconds.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1026
Type : Success
Message : [EXCH] Successfully contacted the UM service at https://mail.DOMAIN.com/ews/exchange.asmx. The elaps
ed time was 12 milliseconds.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1104
Type : Error
Message : The certificate for the URL https://SERVER.DOMAIN.com/EWS/Exchange.asmx is incorrect. For SSL to w
ork, the certificate needs to have a subject of SERVER.DOMAIN.com, instead the subject found is us
sLastName.com. Consider correcting service discovery, or installing a correct SSL certificate.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1113
Type : Error
Message : When contacting https://SERVER.DOMAIN.com/EWS/Exchange.asmx received the error Client found respon
se content type of '', but expected 'text/xml'.
The request failed with an empty response.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1125
Type : Error
Message : [Server] Error contacting the AS service at https://SERVER.DOMAIN.com/EWS/Exchange.asmx. Elapsed t
ime was 43 milliseconds.
RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id : 1126
Type : Success
Message : [Server] Successfully contacted the UM service at https://SERVER.DOMAIN.com/EWS/Exchange.asmx. The
elapsed time was 12 milliseconds.Autodiscover test:
Connectivity Test Failed
Test Details
ExRCA is attempting to test Autodiscover for test@DOMAIN.com.
Testing Autodiscover failed.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.
Test Steps
Attempting to test potential Autodiscover URL https://DOMAIN.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name DOMAIN.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 210.163.188.237
Testing TCP port 443 on host DOMAIN.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server DOMAIN.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=STATE, PostalCode=#####, C=US, Issuer: CN=USERTrust Legacy Secure Server CA, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name DOMAIN.com was found in the Certificate Subject Common name.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=STATE, PostalCode=#####, C=US.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 6/25/2012 12:00:00 AM, NotAfter = 6/25/2013 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Test Steps
ExRCA is attempting to retrieve an XML Autodiscover response from URL https://DOMAIN.com/AutoDiscover/AutoDiscover.xml for user test@DOMAIN.com.
ExRCA failed to obtain an Autodiscover XML response.
Additional Details
An HTTP 500 response was returned from Unknown.
Attempting to test potential Autodiscover URL https://autodiscover.DOMAIN.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name autodiscover.DOMAIN.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 210.163.188.237
Testing TCP port 443 on host autodiscover.DOMAIN.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.DOMAIN.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US, Issuer: CN=USERTrust Legacy Secure Server CA, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name autodiscover.DOMAIN.com was found in the Certificate Subject Alternative Name entry.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 6/25/2012 12:00:00 AM, NotAfter = 6/25/2013 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Test Steps
ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.DOMAIN.com/AutoDiscover/AutoDiscover.xml for user test@DOMAIN.com.
ExRCA failed to obtain an Autodiscover XML response.
Additional Details
An HTTP 500 response was returned from Unknown.
Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.
Test Steps
Attempting to resolve the host name autodiscover.DOMAIN.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 210.163.188.237
Testing TCP port 80 on host autodiscover.DOMAIN.com to ensure it's listening and open.
The port was opened successfully.
ExRCA is checking the host autodiscover.DOMAIN.com for an HTTP redirect to the Autodiscover service.
ExRCA failed to get an HTTP redirect response for Autodiscover.
Additional Details
An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name (UPN).
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.DOMAIN.com in DNS.
The Autodiscover SRV record was successfully retrieved from DNS.
Additional Details
The Service Location (SRV) record lookup returned host mail.DOMAIN.com.
Attempting to test potential Autodiscover URL https://mail.DOMAIN.com/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name mail.DOMAIN.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 210.163.188.237
Testing TCP port 443 on host mail.DOMAIN.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server mail.DOMAIN.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US, Issuer: CN=USERTrust Legacy Secure Server CA, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name mail.DOMAIN.com was found in the Certificate Subject Alternative Name entry.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 6/25/2012 12:00:00 AM, NotAfter = 6/25/2013 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Test Steps
ExRCA is attempting to retrieve an XML Autodiscover response from URL https://mail.DOMAIN.com/Autodiscover/Autodiscover.xml for user test@DOMAIN.com.
ExRCA failed to obtain an Autodiscover XML response.
Additional Details
An HTTP 500 response was returned from Unknown.
© 2011 Microsoft | Version 1.4 | Feedback | Privacy | LegalSOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much for the response.
I had already used those commands previously - but to be sure I'm not missing anything I ran them again. They took without error, but the same problem came back from both the tests earlier.
Same output from both of them, where it's receiving "ExRCA failed to obtain an Autodiscover XML response" from the connectivity analyzer.
I had already used those commands previously - but to be sure I'm not missing anything I ran them again. They took without error, but the same problem came back from both the tests earlier.
Same output from both of them, where it's receiving "ExRCA failed to obtain an Autodiscover XML response" from the connectivity analyzer.
ASKER
Thank you guys for jumping in and assisting. I ended up migrating the Exchange server to a fresh install.
After exporting our official SSL Cert from the original box, and importing over to the fresh instance of Exchange - everything's working great!
After exporting our official SSL Cert from the original box, and importing over to the fresh instance of Exchange - everything's working great!
ASKER
The url is same for internal as well as external. I do have "autodiscover.domain.com" and "mail.domain.com" all pointing to the same server.
My internal dns is using the private IP while the external is using public.