Lync 2010 autodicover and EWS problem

Posted on 2012-09-05
Last Modified: 2015-06-23
¿my primary domain is, which is used for both SMTP and SIP address.
everything in Lync has been working ok, including MAPI and EWS connection to Exchange.
Long story short, we have  few users need to use different SMTP address as primary (

Since it's only a few users, I don't like do too much changes in system such as introducing new domain, etc.
These users have primary SMTP address of, secondary SMTP, and SIP address

All good, except I cannot get the EWS to work, getting error 'EWS Not Deployed' on Configufation info.
Have tried quite a few things including DisableEmailComparison check on client side (via registry key) and also server side (using Set-CsClientPolicy).
Since everything is already working for other "normal" users who has matching SMTP and SIP address, I don't think solution like "Set-organizationConfig -EwsEnabled $true - EwsApplicationAccessPolicy EnforceBlockList" will help.

I also created a host file to point to the Exchange server, and can open and, which gives certificate error prompt because we don't have cert installed on the exchange virtual directory for
Saying that, I guess configuring autodiscovery SRV record (as suggested on many other threads) won't help.

From the client log .ETL file, I can see this:

<O_TRC><ADR>0x00109168</ADR>HttpSendRequest failed., Path=/autodiscover/autodiscover.xml</O_TRC>
<O_TRC><ADR>0x00000000</ADR>GetServerCert failed with 0x80072f06</O_TRC>
<O_TRC><ADR>0x0328F800</ADR>Server is not trusted, hr=0x80072f06.</O_TRC>

Looks like the certificate is what causing the issue?
I can think of 2 possible solutins:
a. forcing Exchange autodiscover and EWS to support http
b. create new virtual directory on Exchange for domain2, and have cert installed.

However, I tried not to change anything on the Exchange side. Since this is only 3-4 users we are talking about, I don't mind if I have to manually configure something on the client side.
Can you think of any other solution or work around? Or please let me know if my analysis above is incorrect and I may have missed something.
Question by:william_p
    LVL 63

    Accepted Solution

    If you are getting an SSL prompt, that will stop everything else from working as it cannot cope.
    The easist solution would be to add autodiscover for the second domain to the SSL certificate.

    If this is just for internal traffic, then you should be able to modify the DNS and lync configuration to use the name on the SSL certificate.

    LVL 56

    Expert Comment

    by:Cliff Galiher
    Multiple exchange domains means a UCC/SAN certificate. It is one of the few times this is required no generally I feel people recommend them more than necessary, but this is a rare exception. Replace your certificate and your problem will clear right up.

    Author Comment

    yes agree. replacing the cert, problem solved. should be as simple as that, but unfortunately what i was looking for is a way to do it differently.

    what i am currently doing is:
    1. on client, using host file, point to a reverse proxy server
    2. on reverse proxy, install cert for issued by our internal CA and publish a rule for, and forwarding to the CAS server. CAS server trusts the internal CA.

    and now i can see Lync shows EWS status ok, and found the EWS URL!
    I'll do some more test.
    LVL 34

    Expert Comment

    by:Seth Simmons
    This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
    This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
    In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now