• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5005
  • Last Modified:

Exch 2k10 AutoDiscover - HTTP 500 response returned from Unknown

Experts,

I've been following a million and a half different posts here on EE, but am having some serious issues still with my Exch2k10 Autodiscover settings.  Internal non-windows clients (i.e. MAC, iPAD w/mail, etc) are unable to configure their mail settings correctly, as well as anything external (Android, etc.)

Here's a breakdown, I'll try to keep it as specific and short as possible.

Here is the error we receive when we run the
"Microsoft Remote Connectivity Analyzer" at https://www.testexchangeconnectivity.com/


Attempting to send an Autodiscover POST request to potential Autodiscover URLs. 
  Autodiscover settings weren't obtained when the Autodiscover POST request was sent. 
   Test Steps 
   ExRCA is attempting to retrieve an XML Autodiscover response from URL https://DOMAIN.COM/AutoDiscover/AutoDiscover.xml for user TEST@DOMAIN.COM. 
  ExRCA failed to obtain an Autodiscover XML response. 
   Additional Details 
  An HTTP 500 response was returned from Unknown. 

Open in new window


All other tests prior to this pass without issue (Certificate / DNS / etc).  I've deleted and recreated the autodiscover virtual directory via the Exchange Shell, but the problem hasn't been able to be rectified.

Going to "http://mail.domain.com/autodiscover/autodiscover.xml", it prompts for credentials and then gives me an "Invalid Request, Error 600" - which tells me that the service itself is working.

I've done quite a bit of troubleshooting on this, based on other EE posts - but I'm open to trying anything to get this working, so if anybody has any information on how I can - I'd be more than willing to try their suggestions out.

Google has a plathora of people with the same error code, each with a different solution that worked for them.  Unfortunately, I haven't been so lucky.  :(
0
usslindstrom
Asked:
usslindstrom
  • 6
  • 3
  • 2
5 Solutions
 
mmichaCommented:
I just tested the url below against my Exchange 2010.  It prompts the same way with the error 600 after authenticating:

http://mail.domain.com/autodiscover/autodiscover.xml

What I'm wondering, is what things would do if you added the autodiscover a record...

autodiscover.domain.com = CAS role

I'm not sure mobile devices and such look to the other ways to get autodiscover information.  It makes sense that internal windows clients with outlook work, as they check for SRV records first I believe in AD.
0
 
mmichaCommented:
I guess the other wonder in my mind, is are you testing that URL from internally or externally?  Same error for both?
0
 
usslindstromAuthor Commented:
Thanks for chiming in here.

The url is same for internal as well as external.  I do have "autodiscover.domain.com" and "mail.domain.com" all pointing to the same server.

My internal dns is using the private IP while the external is using public.
0
Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

 
usslindstromAuthor Commented:
~~Oh~~ and yes, same error for both.
0
 
ExchangePanditCommented:
My Assumptions (please correct where I am wrong):

1. Your Internal and External URLs for AutodiscoverURI/EWS/OAB are setup properly.
2. I guess it was working fine internally and externally

Questions:

1. When we do Test-EmailAutoconfiguration on outlook 2007 or later, whats the result?
2. What is the recent change in the network & on the server?
3. Do you use any proxy server to connect to internet (to limit user access on WWW)?

Please advise on above..

Cheers
0
 
usslindstromAuthor Commented:
So sorry for the late response.  Thank you for assisting.

I work in a school environment, and with the amount of crazyness that comes at the start of each cycle, it's hard to stay focused on a single issue.

Let me see if I can't answer your questions here:


1. Your Internal and External URLs for AutodiscoverURI/EWS/OAB are setup properly.
I believe so.  I have "autodiscover", and "mail", as CNAMES to the root domain (We only have one public IP).  I've also added an SRV record pointing to the same address.


2. I guess it was working fine internally and externally
No sir.  Unfortunately, I've never been able to get it working according to the Exchange connectivity analyzer.  Internal clients (non-windows) clients did in fact work though when the unit was using self-signed certificates.  Moving forward with an official cert, it seems to have a breakdown at some point.


1. When we do Test-EmailAutoconfiguration on outlook 2007 or later, whats the result?
Give me a minute to piece together one of these tests for output.  I don't have an answer right this second for this.


2. What is the recent change in the network & on the server?
No changes.  I did recently purchase an official SSL cert, but the Exchange connectivity analyzer has always reported that autodiscover did not work.


3. Do you use any proxy server to connect to internet (to limit user access on WWW)?
No.  We have a direct connection between the internal server --> Router/NAT --> Internet.  No proxy involved.  I'm forwarding all the standard ports to the server, 25, 110, 80, 443.



Again, so sorry for the delayed response.  I can't thank you enough for chiming in here to assist.
0
 
ExchangePanditCommented:
1. Please run this command on Exchange Mgmt Shell:

Test-OutlookWebServices -ClientAccessServer "CASServer_Name"

2. Screenshot Test-EmailAutoconfiguration on outlook 2007 or later

3. Also run Outlook Autodiscover test on:

https://www.testexchangeconnectivity.com/

Regards
0
 
usslindstromAuthor Commented:
Test-OutlookWebServices:

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1019
Type       : Information
Message    : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://ma
             il.DOMAIN.com/autodiscover/autodiscover.xml.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1013
Type       : Error
Message    : When contacting https://mail.DOMAIN.com/autodiscover/autodiscover.xml received the error The remote
             server returned an error: (500) Internal Server Error.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1023
Type       : Error
Message    : The Autodiscover service couldn't be contacted.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1113
Type       : Error
Message    : When contacting https://SERVER.DOMAIN.com:443/autodiscover/autodiscover.xml received the error The
              remote server returned an error: (500) Internal Server Error.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1123
Type       : Error
Message    : The Autodiscover service couldn't be contacted.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1013
Type       : Error
Message    : When contacting https://mail.DOMAIN.com/ews/exchange.asmx received the error Client found response c
             ontent type of '', but expected 'text/xml'.
             The request failed with an empty response.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1025
Type       : Error
Message    : [EXCH] Error contacting the AS service at https://mail.DOMAIN.com/ews/exchange.asmx. Elapsed time wa
             s 44 milliseconds.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1026
Type       : Success
Message    : [EXCH] Successfully contacted the UM service at https://mail.DOMAIN.com/ews/exchange.asmx. The elaps
             ed time was 12 milliseconds.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1104
Type       : Error
Message    : The certificate for the URL https://SERVER.DOMAIN.com/EWS/Exchange.asmx is incorrect. For SSL to w
             ork, the certificate needs to have a subject of SERVER.DOMAIN.com, instead the subject found is us
             sLastName.com. Consider correcting service discovery, or installing a correct SSL certificate.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1113
Type       : Error
Message    : When contacting https://SERVER.DOMAIN.com/EWS/Exchange.asmx received the error Client found respon
             se content type of '', but expected 'text/xml'.
             The request failed with an empty response.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1125
Type       : Error
Message    : [Server] Error contacting the AS service at https://SERVER.DOMAIN.com/EWS/Exchange.asmx. Elapsed t
             ime was 43 milliseconds.

RunspaceId : fab8f6e3-bd46-437d-afd4-c22ef56a53ba
Id         : 1126
Type       : Success
Message    : [Server] Successfully contacted the UM service at https://SERVER.DOMAIN.com/EWS/Exchange.asmx. The
              elapsed time was 12 milliseconds.

Open in new window







Autodiscover test:

	Connectivity Test Failed
 
Test Details
	ExRCA is attempting to test Autodiscover for test@DOMAIN.com.
 	Testing Autodiscover failed.
 	
	Test Steps
 	
	Attempting each method of contacting the Autodiscover service.
 	The Autodiscover service couldn't be contacted successfully by any method.
 	
	Test Steps
 	
	Attempting to test potential Autodiscover URL https://DOMAIN.com/AutoDiscover/AutoDiscover.xml
 	Testing of this potential Autodiscover URL failed.
 	
	Test Steps
 	
	Attempting to resolve the host name DOMAIN.com in DNS.
 	The host name resolved successfully.
 	
	Additional Details
 	IP addresses returned: 210.163.188.237
	Testing TCP port 443 on host DOMAIN.com to ensure it's listening and open.
 	The port was opened successfully.
	Testing the SSL certificate to make sure it's valid.
 	The certificate passed all validation requirements.
 	
	Test Steps
 	
	ExRCA is attempting to obtain the SSL certificate from remote server DOMAIN.com on port 443.
 	ExRCA successfully obtained the remote SSL certificate.
 	
	Additional Details
 	Remote Certificate Subject: CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=STATE, PostalCode=#####, C=US, Issuer: CN=USERTrust Legacy Secure Server CA, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US.
	Validating the certificate name.
 	The certificate name was validated successfully.
 	
	Additional Details
 	Host name DOMAIN.com was found in the Certificate Subject Common name.
	Certificate trust is being validated.
 	The certificate is trusted and all certificates are present in the chain.
 	
	Test Steps
 	
	ExRCA is attempting to build certificate chains for certificate CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=STATE, PostalCode=#####, C=US.
 	One or more certificate chains were constructed successfully.
 	
	Additional Details
 	A total of 1 chains were built. The highest quality chain ends in root certificate CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
	Analyzing the certificate chains for compatibility problems with versions of Windows.
 	No Windows compatibility problems were identified.
 	
	Additional Details
 	The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
	Testing the certificate date to confirm the certificate is valid.
 	Date validation passed. The certificate hasn't expired.
 	
	Additional Details
 	The certificate is valid. NotBefore = 6/25/2012 12:00:00 AM, NotAfter = 6/25/2013 11:59:59 PM
	Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication wasn't detected.
 	
	Additional Details
 	Accept/Require Client Certificates isn't configured.
	Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
 	Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
 	
	Test Steps
 	
	ExRCA is attempting to retrieve an XML Autodiscover response from URL https://DOMAIN.com/AutoDiscover/AutoDiscover.xml for user test@DOMAIN.com.
 	ExRCA failed to obtain an Autodiscover XML response.
 	
	Additional Details
 	An HTTP 500 response was returned from Unknown.
	Attempting to test potential Autodiscover URL https://autodiscover.DOMAIN.com/AutoDiscover/AutoDiscover.xml
 	Testing of this potential Autodiscover URL failed.
 	
	Test Steps
 	
	Attempting to resolve the host name autodiscover.DOMAIN.com in DNS.
 	The host name resolved successfully.
 	
	Additional Details
 	IP addresses returned: 210.163.188.237
	Testing TCP port 443 on host autodiscover.DOMAIN.com to ensure it's listening and open.
 	The port was opened successfully.
	Testing the SSL certificate to make sure it's valid.
 	The certificate passed all validation requirements.
 	
	Test Steps
 	
	ExRCA is attempting to obtain the SSL certificate from remote server autodiscover.DOMAIN.com on port 443.
 	ExRCA successfully obtained the remote SSL certificate.
 	
	Additional Details
 	Remote Certificate Subject: CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US, Issuer: CN=USERTrust Legacy Secure Server CA, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US.
	Validating the certificate name.
 	The certificate name was validated successfully.
 	
	Additional Details
 	Host name autodiscover.DOMAIN.com was found in the Certificate Subject Alternative Name entry.
	Certificate trust is being validated.
 	The certificate is trusted and all certificates are present in the chain.
 	
	Test Steps
 	
	ExRCA is attempting to build certificate chains for certificate CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US.
 	One or more certificate chains were constructed successfully.
 	
	Additional Details
 	A total of 1 chains were built. The highest quality chain ends in root certificate CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
	Analyzing the certificate chains for compatibility problems with versions of Windows.
 	No Windows compatibility problems were identified.
 	
	Additional Details
 	The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
	Testing the certificate date to confirm the certificate is valid.
 	Date validation passed. The certificate hasn't expired.
 	
	Additional Details
 	The certificate is valid. NotBefore = 6/25/2012 12:00:00 AM, NotAfter = 6/25/2013 11:59:59 PM
	Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication wasn't detected.
 	
	Additional Details
 	Accept/Require Client Certificates isn't configured.
	Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
 	Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
 	
	Test Steps
 	
	ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.DOMAIN.com/AutoDiscover/AutoDiscover.xml for user test@DOMAIN.com.
 	ExRCA failed to obtain an Autodiscover XML response.
 	
	Additional Details
 	An HTTP 500 response was returned from Unknown.
	Attempting to contact the Autodiscover service using the HTTP redirect method.
 	The attempt to contact Autodiscover using the HTTP Redirect method failed.
 	
	Test Steps
 	
	Attempting to resolve the host name autodiscover.DOMAIN.com in DNS.
 	The host name resolved successfully.
 	
	Additional Details
 	IP addresses returned: 210.163.188.237
	Testing TCP port 80 on host autodiscover.DOMAIN.com to ensure it's listening and open.
 	The port was opened successfully.
	ExRCA is checking the host autodiscover.DOMAIN.com for an HTTP redirect to the Autodiscover service.
 	ExRCA failed to get an HTTP redirect response for Autodiscover.
 	
	Additional Details
 	An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name (UPN).
	Attempting to contact the Autodiscover service using the DNS SRV redirect method.
 	ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
 	
	Test Steps
 	
	Attempting to locate SRV record _autodiscover._tcp.DOMAIN.com in DNS.
 	The Autodiscover SRV record was successfully retrieved from DNS.
 	
	Additional Details
 	The Service Location (SRV) record lookup returned host mail.DOMAIN.com.
	Attempting to test potential Autodiscover URL https://mail.DOMAIN.com/Autodiscover/Autodiscover.xml
 	Testing of this potential Autodiscover URL failed.
 	
	Test Steps
 	
	Attempting to resolve the host name mail.DOMAIN.com in DNS.
 	The host name resolved successfully.
 	
	Additional Details
 	IP addresses returned: 210.163.188.237
	Testing TCP port 443 on host mail.DOMAIN.com to ensure it's listening and open.
 	The port was opened successfully.
	Testing the SSL certificate to make sure it's valid.
 	The certificate passed all validation requirements.
 	
	Test Steps
 	
	ExRCA is attempting to obtain the SSL certificate from remote server mail.DOMAIN.com on port 443.
 	ExRCA successfully obtained the remote SSL certificate.
 	
	Additional Details
 	Remote Certificate Subject: CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US, Issuer: CN=USERTrust Legacy Secure Server CA, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US.
	Validating the certificate name.
 	The certificate name was validated successfully.
 	
	Additional Details
 	Host name mail.DOMAIN.com was found in the Certificate Subject Alternative Name entry.
	Certificate trust is being validated.
 	The certificate is trusted and all certificates are present in the chain.
 	
	Test Steps
 	
	ExRCA is attempting to build certificate chains for certificate CN=DOMAIN.com, OU=Unified Communications, O=FirstName LastName, STREET=ADDRESS, L=CITY, S=AP, PostalCode=96379, C=US.
 	One or more certificate chains were constructed successfully.
 	
	Additional Details
 	A total of 1 chains were built. The highest quality chain ends in root certificate CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
	Analyzing the certificate chains for compatibility problems with versions of Windows.
 	No Windows compatibility problems were identified.
 	
	Additional Details
 	The certificate chain has been validated up to a trusted root. Root = CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US.
	Testing the certificate date to confirm the certificate is valid.
 	Date validation passed. The certificate hasn't expired.
 	
	Additional Details
 	The certificate is valid. NotBefore = 6/25/2012 12:00:00 AM, NotAfter = 6/25/2013 11:59:59 PM
	Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication wasn't detected.
 	
	Additional Details
 	Accept/Require Client Certificates isn't configured.
	Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
 	Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
 	
	Test Steps
 	
	ExRCA is attempting to retrieve an XML Autodiscover response from URL https://mail.DOMAIN.com/Autodiscover/Autodiscover.xml for user test@DOMAIN.com.
 	ExRCA failed to obtain an Autodiscover XML response.
 	
	Additional Details
 	An HTTP 500 response was returned from Unknown.


© 2011 Microsoft | Version 1.4 | Feedback | Privacy | Legal

Open in new window

0
 
ExchangePanditCommented:
Please make sure you have followed this kb 940726 just to make sure all internal/external URLs are set and are pointing to "mail.usslindstrom.com".

e.g.

To set Internal URL command is:

Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx

External URL

To set External URL command is:

Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -ExternalUrl https://mail.contoso.com/ews/exchange.asmx

Regards
0
 
usslindstromAuthor Commented:
Thank you very much for the response.

I had already used those commands previously - but to be sure I'm not missing anything I ran them again.  They took without error, but the same problem came back from both the tests earlier.

Same output from both of them, where it's receiving "ExRCA failed to obtain an Autodiscover XML response" from the connectivity analyzer.
0
 
usslindstromAuthor Commented:
Thank you guys for jumping in and assisting.  I ended up migrating the Exchange server to a fresh install.

After exporting our official SSL Cert from the original box, and importing over to the fresh instance of Exchange - everything's working great!
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 6
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now