Solved

Exchange 2007 external Autodiscover issues

Posted on 2013-11-01
11
234 Views
Last Modified: 2013-11-04
I'm having an issue where externally we are getting weird results with our autodiscover.

When we try to create a new Outlook account externally, it gives a certificate error and points to some wrong URL/cert that it wants to pull down. I'm assuming this is because its trying to go to http://mydomain.com/AutoDiscover but our @ is pointing to our website host.

So I created an autodiscover.mydomain.com and I also created a SRV record which points at autodiscover.mydomain.com which points to the same IP as our mail.mydomain.com

When I do the tests at testexchangeconnectivity.com - it passes but it does fail the first step at http://mydomain.com/autodiscover - which is giving the same exact result that we're seeing on outlook clients.

what am i missing....
0
Comment
Question by:Metaltree
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 

Expert Comment

by:lpadmin1
ID: 39616980
I would post the results of your autodiscover tests.  This sounds like a DNS issue.  Did you try an MX record and is your firewall configured properly?  Do previous users also have this issue with OWA or only new mailboxes?
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617003
Yes, obviously this is a DNS issue, thats what Autodiscover utilizes.
What does a MX record have to do with it?
There is already a NAT policy for 443 in place to the Exchange server, so yes the firewall is configured properly.
This is not an OWA issue.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39617021
Autodiscover tries to use https://example.com/Autodiscover/Autodiscover.xml first.
If that works then you get an SSL error. You need to speak to your web host and get them to turn it off for your domain so that Outlook goes on to the next variant.

Simon.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 5

Author Comment

by:Metaltree
ID: 39617033
Thanks Simon, I thought that might be the issue.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617077
Simon,

Apparently our webhost is claiming that there is no /AutoDiscover/ under our root domain, so I explained that we're getting the Cert from another company which I'm guessing is hosted on that same server, which he confirmed it is. He said hes going to look as to how to disable it completely so that the /AutoDiscover/ offers no response.

Seem right to you?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39617088
That is usually what happens.
A server can host multiple sites on HTTP, but only one site on HTTPS. It is the one site that will be causing the problems.

Therefore it isn't that you have /Autodiscover under your domain, but /Autodiscover is on the SSL site.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617550
My web hosting guy's mind appears to be blown and he is literally clueless on how to fix this issue. Simon, or anyone who might know a thing or two about IIS/web servers can you shed some light on what I can tell him needs to get done?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39618652
If there is a control panel on the server then it needs to be removed using that. It is control panels that cause the problem.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39618794
What?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39619017
I thought it was pretty clear.

Most web hosts use control panels for managing their sites. That is the cause of this problem - one of the control panel vendors has started to use the Autodiscover protocol for their own needs and most web hosts just use the default settings for everything, when in actual fact, most web hosts aren't setup correctly to use Autodiscover and it just gets in the way of Exchange servers.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39619329
So you're saying like a 3rd party control panel for web services?
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VMWare Server 2.0 virtual machine won't start 30 66
office 365 5 44
Export email data from Google to PST files 8 75
SCCM 2012 Queries 2 15
Read this checklist to learn more about the 15 things you should never include in an email signature.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question