Exchange 2010 Autodiscovery Issue

So I see that you need both

https://<smtp-address-domain>/autodiscover/autodiscover.xml
https://autodiscover.<smtp-address-domain>/autodiscover/autodiscover.xml

to resolve for EWS external access. The latter resolves fine as I created the DNS record with no issue and tested successfully.  The problem is the host record @<smtp_address_domain> points to our corporate website.  Is there a way I can resolve this?

Thanks!
ecosysAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Adam FarageSr. Enterprise ArchitectCommented:
So ...

That isnt really a huge problem. The way autodiscover works is that it will try the domain.com/autodiscover/... first and then fail back to autodiscover.domain.com/autodiscover...

You can leave it the way it is, and as long as the A record is pointing to the correct external address / SSL is valid it should work without an issue.
0
btassureCommented:
You could put a redirect on that URL on your corporate website?

But if you don't have an entry for https://<smtp-address-domain> it will then fall back to trying https://autodiscover.<smtp-address-domain>

More info here:

http://acbrownit.wordpress.com/2012/12/20/internal-dns-and-exchange-autodiscover/
0
ecosysAuthor Commented:
So I tested from Outlook client outside domain. I configure new profile and enter email address and password. A separate box appears and prompts for authentication with my email address already filled. My password does not work in this box for some reason. I assume it's looking at the https://<smtp_address_domain> which points to our web site and is failing to authenticate. So I cancel the authentication box and it finishes the profile successfully.  Then I try to log in but it drags me through profile creation again.  I get to authentication, again, and cancel and then it finally opens my mailbox.   This isn't ideal.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

btassureCommented:
What happens when you enter the URL for
https://<smtp-address-domain>/autodiscover/autodiscover.xml
in a browser?

Does it prompt for credentials or give a 404? The former would validate your suspicion, and be harder to fix, the latter would suggest it is behaving as expected at that point and that your credentials issue is with the CAS?
0
ecosysAuthor Commented:
This URL: https://<smtp-address-domain>/autodiscover/autodiscover.xml takes me an invalid cert page of our company website.


As I said the A record @domain.net points to our company website. I've set up autodiscover@domain.net and that works fine but from a client perspective there are issues as I noted earlier.
0
Simon Butler (Sembee)ConsultantCommented:
This is becoming a pretty common problem and is due to your web host.
One of the major control panel vendors has an Autodiscover module for configuring email services hosted by the web hosting company. From what I can tell, this can be disabled, but most web hosts either don't know how or presume that all of their clients are using their email services.

This sits on https://example.com/Autodiscover/Autodiscover.xml

If you browse to that address and don't get a 404 then that is the problem and you need to get your web host to disable the Autodiscover feature for your domain. I don't think it can be done in the control panel yourself.

Simon.
0
ecosysAuthor Commented:
Well, what I can do is delete the @ record that points to my web server, but won't external users be unable to resolve my web server? So you are saying the web server has a feature that needs to be disabled?
0
btassureCommented:
They would only be unable to resolve domainname.tld which, depending on your website design and SEO might not be too bad as generally you would use www.domainname.tld but it would certainly not be my first choice. I would definitely follow what Sembee said, and I would talk to the hosting provider.

If you have enough control over those parts of your site, you could also put a redirect page on (or possibly even see the files yourself on the website and delete them!) the URL mentioned.
0
ecosysAuthor Commented:
We host our own mail server so I'm still not sure I understand how our web server could control autodiscover settings. Our provider only provides DNS and SSL.  Can you explain?
0
Simon Butler (Sembee)ConsultantCommented:
I am talking about your WEB server.
From an external host, check where the root of the domain resolves to - so example.com, not www.example.com.

Simon.
0
ecosysAuthor Commented:
It resolves to our web server.
0
Simon Butler (Sembee)ConsultantCommented:
That is where the problem is, or requires investigation.
What happens when you try the URL I posted above?

Simon.
0
ecosysAuthor Commented:
The https://example.com/Autodiscover/Autodiscover.xml URL takes me to our company website "Page Not Found."

Both www.example.com and example.com resolve to same - our company website.
0
btassureCommented:
What is your web hosting platform? Is it easy to put redirects in place with it? It looks like that might be the way to go if you don't want to change the DNS resolution of example.com (but still leave www.example.com pointing at your webhost).
0
ecosysAuthor Commented:
The web server is a CentOS Linux 6.2 box running Apache hosted by GoDaddy.  I can make the request to have something changed to the 3rd party that manages it.
0
ecosysAuthor Commented:
Resolved by adding a wildcard certificate on our mail server.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ecosysAuthor Commented:
Problem resolved with wildcard cert.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.