Solved

Autodiscover fails for Outlook 2007 only

Posted on 2013-11-01
8
1,171 Views
Last Modified: 2013-11-12
Hello Everyone,

For some reason, auto discover is failing for outlook 2007 only. Auto-discover works fine for the users with outlook 2010 and 2013. We have combed through every possible setting that could be affecting this. The auto discover and mail DNS records are point to the correct server. We have gone through IIS, and verified correct links. We have rebuilt the EWS directory. When running the outlook Email test auto configuration, it fails every attempt to pull in auto discover settings. If you need additional information, just let us know and we will be happy to post.

Thank you,
0
Comment
Question by:IntegratedBizTech
  • 4
  • 2
  • 2
8 Comments
 
LVL 19

Expert Comment

by:Patricksr1972
Comment Utility
What exchange server are you running and what events are displayed in the clients computers events?
0
 

Author Comment

by:IntegratedBizTech
Comment Utility
It's exchange server 2010, there are no error messages in the event log, prior, during, or after running outlook. The error message returned by the test email autoconfiguration are as follow.
"attempting URL https://mail.company.com/autodiscover/autodiscover.xml found through SCP
Autodiscover to https://mail.company.com/autodiscover/autodiscover.xml starting
getlasterror=o; httpstatus=200.
Autodiscover to https://mail.company.com/autodiscover/autodiscover.xml FAILED (0x800c8202)
Autodiscover to https://mail.company.com/autodiscover/autodiscover.xml starting
getlasterror=12030; httpstatus=200.
Autodiscover to https://company.com/autodiscover/autodiscover.xml FAILED (0x800c8203)
Autodiscover to https://autodiscover.company.com/autodiscover/autodiscover.xml starting
getlasterror=12175; httpstatus=o.
getlasterror=0; httpstatus=401
getlasterror=0; httpstatus=401
getlasterror=0; httpstatus=200.
Autodiscover to https://autodiscover.company.com/autodiscover/autodiscover.xml FAILED (0x800c8202)
Redirect check to http://autodiscover.company.com/autodiscover/autodiscover.xml starting
Redirect check to http://autodiscover.company.com/autodiscover/autodiscover.xml FAILED (0x80004005)
Srv Record lookup for company.com starting
Autodiscover URL redirection to https://mail.company.com/autodiscover/autodiscover.xml
Autodiscover to https://mail.company.com/autodiscover/autodiscover.xmll starting
getlaterror=0; httpstatus=200.
autodiscover to https://mail.company.com/autodiscover/autodiscover.xml FAILED (0x800c8202)
Srv record lookup for company.com FAILED (0x800c8202)"

A few additonal notes.  We discovered that autodiscover not work for outlook 2010 as well, but you can still access the out of office assitant and offline address book. All of which you shouldn't be able to if autodiscover is not working correctly, but Offline address book and out of office will not work in outlook 2007. The autodiscover for outlook 2010 was working a week ago. The error message for outlook 2010 is the same as the one posted above.
0
 
LVL 19

Expert Comment

by:Patricksr1972
Comment Utility
Hmm what about the certificate? is it still valid for the internal URL?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
Does the host name in the error message resolve to the INTERNAL IP address of the server?
If so, is the SSL certificate still valid?

Does OWA etc work?
Another option would be to recreate the Autodiscover virtual directory, using the wizard in EMC.

Simon.
0
Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

 

Author Comment

by:IntegratedBizTech
Comment Utility
The host can resolve over the internal IP address of the server. All the mail settings pull in because the computer are joined to the domain, so it is resolving over internally. The SSL certificate is still valid. We have one Certificate for this domain.This is the Certificate we have is attached to this post. The certificate is for the mail.company.com but we have a cname record in DNS for autodiscover.company.com to point over to the mail.company.com. All versions of outlook do get an SSL certificate error. It states
"autodiscover.company.com

Information you exchange  with this site cannot be viewed or viewed or changed by others. However, there is a problem with this site's certificate.

The security certificate is from a trusted certifying Authority (Check)
The security certificate date is valid (check)
The name on the security certificate is invalid or does not match the name of the site (failed
"
When viewing the record, it brings up the same information for the cert as it does from the EMC.

We have already tried recreating the Autodiscover Virtual Directory with no success. OWA also works fine with no issue, internally or externally.
certificate.txt
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
"This is the Certificate we have is attached to this post. The certificate is for the mail.company.com but we have a cname record in DNS for autodiscover.company.com to point over to the mail.company.com"

There is your problem.
You cannot do Autodiscover like that.
The client is trying to use Autodiscover.example.com, which resolves, but isn't on the DNS record.

You need to do one of two things.
1. Remove the CNAME and replace it with an SRV record, both internally and externally.
2. Add Autodiscover.example.com to the SSL certificate. That will probably mean a different kind of certificate being purchased.

Simon.
0
 

Accepted Solution

by:
IntegratedBizTech earned 0 total points
Comment Utility
We have resolved the problem. We had to remove client access and re-install client access and rebuild the virtual directory's in IIS, After doing that, Auto-discover worked both internally and externally. Did not have to purchase a new certificate. Thank you all for your help.
0
 

Author Closing Comment

by:IntegratedBizTech
Comment Utility
We figured out the solution without any intervention.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now