?
Solved

Exchange 2007 external Autodiscover issues

Posted on 2013-11-01
11
Medium Priority
?
240 Views
Last Modified: 2013-11-04
I'm having an issue where externally we are getting weird results with our autodiscover.

When we try to create a new Outlook account externally, it gives a certificate error and points to some wrong URL/cert that it wants to pull down. I'm assuming this is because its trying to go to http://mydomain.com/AutoDiscover but our @ is pointing to our website host.

So I created an autodiscover.mydomain.com and I also created a SRV record which points at autodiscover.mydomain.com which points to the same IP as our mail.mydomain.com

When I do the tests at testexchangeconnectivity.com - it passes but it does fail the first step at http://mydomain.com/autodiscover - which is giving the same exact result that we're seeing on outlook clients.

what am i missing....
0
Comment
Question by:Metaltree
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 

Expert Comment

by:lpadmin1
ID: 39616980
I would post the results of your autodiscover tests.  This sounds like a DNS issue.  Did you try an MX record and is your firewall configured properly?  Do previous users also have this issue with OWA or only new mailboxes?
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617003
Yes, obviously this is a DNS issue, thats what Autodiscover utilizes.
What does a MX record have to do with it?
There is already a NAT policy for 443 in place to the Exchange server, so yes the firewall is configured properly.
This is not an OWA issue.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39617021
Autodiscover tries to use https://example.com/Autodiscover/Autodiscover.xml first.
If that works then you get an SSL error. You need to speak to your web host and get them to turn it off for your domain so that Outlook goes on to the next variant.

Simon.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 5

Author Comment

by:Metaltree
ID: 39617033
Thanks Simon, I thought that might be the issue.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617077
Simon,

Apparently our webhost is claiming that there is no /AutoDiscover/ under our root domain, so I explained that we're getting the Cert from another company which I'm guessing is hosted on that same server, which he confirmed it is. He said hes going to look as to how to disable it completely so that the /AutoDiscover/ offers no response.

Seem right to you?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39617088
That is usually what happens.
A server can host multiple sites on HTTP, but only one site on HTTPS. It is the one site that will be causing the problems.

Therefore it isn't that you have /Autodiscover under your domain, but /Autodiscover is on the SSL site.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617550
My web hosting guy's mind appears to be blown and he is literally clueless on how to fix this issue. Simon, or anyone who might know a thing or two about IIS/web servers can you shed some light on what I can tell him needs to get done?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39618652
If there is a control panel on the server then it needs to be removed using that. It is control panels that cause the problem.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39618794
What?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39619017
I thought it was pretty clear.

Most web hosts use control panels for managing their sites. That is the cause of this problem - one of the control panel vendors has started to use the Autodiscover protocol for their own needs and most web hosts just use the default settings for everything, when in actual fact, most web hosts aren't setup correctly to use Autodiscover and it just gets in the way of Exchange servers.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39619329
So you're saying like a 3rd party control panel for web services?
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
This video discusses moving either the default database or any database to a new volume.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question