Solved

Exchange 2007 external Autodiscover issues

Posted on 2013-11-01
11
231 Views
Last Modified: 2013-11-04
I'm having an issue where externally we are getting weird results with our autodiscover.

When we try to create a new Outlook account externally, it gives a certificate error and points to some wrong URL/cert that it wants to pull down. I'm assuming this is because its trying to go to http://mydomain.com/AutoDiscover but our @ is pointing to our website host.

So I created an autodiscover.mydomain.com and I also created a SRV record which points at autodiscover.mydomain.com which points to the same IP as our mail.mydomain.com

When I do the tests at testexchangeconnectivity.com - it passes but it does fail the first step at http://mydomain.com/autodiscover - which is giving the same exact result that we're seeing on outlook clients.

what am i missing....
0
Comment
Question by:Metaltree
  • 6
  • 4
11 Comments
 

Expert Comment

by:lpadmin1
ID: 39616980
I would post the results of your autodiscover tests.  This sounds like a DNS issue.  Did you try an MX record and is your firewall configured properly?  Do previous users also have this issue with OWA or only new mailboxes?
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617003
Yes, obviously this is a DNS issue, thats what Autodiscover utilizes.
What does a MX record have to do with it?
There is already a NAT policy for 443 in place to the Exchange server, so yes the firewall is configured properly.
This is not an OWA issue.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39617021
Autodiscover tries to use https://example.com/Autodiscover/Autodiscover.xml first.
If that works then you get an SSL error. You need to speak to your web host and get them to turn it off for your domain so that Outlook goes on to the next variant.

Simon.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 5

Author Comment

by:Metaltree
ID: 39617033
Thanks Simon, I thought that might be the issue.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617077
Simon,

Apparently our webhost is claiming that there is no /AutoDiscover/ under our root domain, so I explained that we're getting the Cert from another company which I'm guessing is hosted on that same server, which he confirmed it is. He said hes going to look as to how to disable it completely so that the /AutoDiscover/ offers no response.

Seem right to you?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39617088
That is usually what happens.
A server can host multiple sites on HTTP, but only one site on HTTPS. It is the one site that will be causing the problems.

Therefore it isn't that you have /Autodiscover under your domain, but /Autodiscover is on the SSL site.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39617550
My web hosting guy's mind appears to be blown and he is literally clueless on how to fix this issue. Simon, or anyone who might know a thing or two about IIS/web servers can you shed some light on what I can tell him needs to get done?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39618652
If there is a control panel on the server then it needs to be removed using that. It is control panels that cause the problem.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39618794
What?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39619017
I thought it was pretty clear.

Most web hosts use control panels for managing their sites. That is the cause of this problem - one of the control panel vendors has started to use the Autodiscover protocol for their own needs and most web hosts just use the default settings for everything, when in actual fact, most web hosts aren't setup correctly to use Autodiscover and it just gets in the way of Exchange servers.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39619329
So you're saying like a 3rd party control panel for web services?
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Find out what you should include to make the best professional email signature for your organization.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question