Solved

Exchange 2007 external Autodiscover issues

Posted on 2013-11-01
11
237 Views
Last Modified: 2013-11-04
I'm having an issue where externally we are getting weird results with our autodiscover.

When we try to create a new Outlook account externally, it gives a certificate error and points to some wrong URL/cert that it wants to pull down. I'm assuming this is because its trying to go to http://mydomain.com/AutoDiscover but our @ is pointing to our website host.

So I created an autodiscover.mydomain.com and I also created a SRV record which points at autodiscover.mydomain.com which points to the same IP as our mail.mydomain.com

When I do the tests at testexchangeconnectivity.com - it passes but it does fail the first step at http://mydomain.com/autodiscover - which is giving the same exact result that we're seeing on outlook clients.

what am i missing....
0
Comment
Question by:Metaltree
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 

Expert Comment

by:lpadmin1
ID: 39616980
I would post the results of your autodiscover tests.  This sounds like a DNS issue.  Did you try an MX record and is your firewall configured properly?  Do previous users also have this issue with OWA or only new mailboxes?
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617003
Yes, obviously this is a DNS issue, thats what Autodiscover utilizes.
What does a MX record have to do with it?
There is already a NAT policy for 443 in place to the Exchange server, so yes the firewall is configured properly.
This is not an OWA issue.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39617021
Autodiscover tries to use https://example.com/Autodiscover/Autodiscover.xml first.
If that works then you get an SSL error. You need to speak to your web host and get them to turn it off for your domain so that Outlook goes on to the next variant.

Simon.
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 5

Author Comment

by:Metaltree
ID: 39617033
Thanks Simon, I thought that might be the issue.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617077
Simon,

Apparently our webhost is claiming that there is no /AutoDiscover/ under our root domain, so I explained that we're getting the Cert from another company which I'm guessing is hosted on that same server, which he confirmed it is. He said hes going to look as to how to disable it completely so that the /AutoDiscover/ offers no response.

Seem right to you?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39617088
That is usually what happens.
A server can host multiple sites on HTTP, but only one site on HTTPS. It is the one site that will be causing the problems.

Therefore it isn't that you have /Autodiscover under your domain, but /Autodiscover is on the SSL site.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617550
My web hosting guy's mind appears to be blown and he is literally clueless on how to fix this issue. Simon, or anyone who might know a thing or two about IIS/web servers can you shed some light on what I can tell him needs to get done?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39618652
If there is a control panel on the server then it needs to be removed using that. It is control panels that cause the problem.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39618794
What?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39619017
I thought it was pretty clear.

Most web hosts use control panels for managing their sites. That is the cause of this problem - one of the control panel vendors has started to use the Autodiscover protocol for their own needs and most web hosts just use the default settings for everything, when in actual fact, most web hosts aren't setup correctly to use Autodiscover and it just gets in the way of Exchange servers.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39619329
So you're saying like a 3rd party control panel for web services?
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question