Solved

Exchange 2007 external Autodiscover, wrong server when prompted

Posted on 2013-11-21
15
359 Views
Last Modified: 2013-12-30
I have an Exchange 2007 server.  

When users go to create a new mail profile and they put in their email address and password, everything works fine.

However, it then prompts the user for the mail server address and username. A box pops up with the internal server name and the username field has SMTP=user@domain.com in it.

Where are these settings received from?  I need to make it so the users do not get prompted for server/username information.
0
Comment
Question by:Metaltree
  • 8
  • 5
  • 2
15 Comments
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39667187
Did you create and internal & External DNS record for autodiscover.domain.com pointing to your exchange server?

http://smarthost.blogspot.com/2008/12/configuring-autodiscover-for-exchange.html
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39667203
Yes
0
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39667282
I think what you have to do then is look at IIS.  Check the Active Sync Virtual directory authentication.  Set the default domain under Basic Authentication Settings.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39667606
It is the server autodiscover is trying to contact the internal server name but the external server name autodiscover should contact is different. I need to know where it is pulling the name from , which is wrong, and how to change it
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39668459
Internally the clients will use the host name that you can see here:

get-clientaccessserver | select identity, autodiscoverinternalURI

The host name should resolve to Exchange, be on the SSL certificate and the certificate should be trusted.

Externally, clients go through a number of methods until one works. The main one that is used is Autodiscover.example.com.

Now the problem that we are seeing more often is that some web hosts are supporting Autodiscover in their default configuration and are getting in the way. This is because the first URL that Outlook tries is https://example.com/Autodiscover/Autodiscover.xml which usually resolves to the public web site and that is where the web host has their Autodiscover service. If that is the case then you need to get the web host to disable it - although most of them don't seem to know it even exists.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39669008
Sembee, you actually helped me with the original issue that the web host was allowing another websites cert to be inherited.

That is fixed, we have our cert working now. Autodiscover works, The problem I get is that after i get the 2 green check boxes and its about to load the profile, it prompts me for a server name. this server name happens to be the internal name on our domain, but I know at one time was an external DNS record as well.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39669609
Clients always will get the internal server name in their profile, but you shouldn't see a prompt.

The external name is used for Outlook Anywhere configuration.

Do an Autodiscover test through a client that is currently working:

http://semb.ee/adt

See what Exchange is sending back.

Simon.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 5

Author Comment

by:Metaltree
ID: 39669987
My test looks good...
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39670105
I'm thinking about it and our internal domain is the same as our external domain. Do I need to create an external A record with the name of the exchange server? in other words, we already have mail.domain.com should i create actualservername.domain.com A record?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39674386
If your internal and external domain names are the same, then you just need to add in the external host names to the internal DNS and point them at the Exchange server.
You don't need the server's real name in your external DNS at all.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39674723
Ok, I already have my internal DNS setup correctly so then I still don't understand why it is prompting for the internal DNS name after autodiscover appears to work, I get the 2 green check boxes and then it wants to know the server name before it completes. Why is it not just pulling down that information on its own?

My thought process was that if I created an external DNS record with the internal name and pointed it at the same IP, this pop up would go away. Sounds more like a band aid than an actual solution.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39675091
What you have done is the correct way to do things, not a Band-Aid of any description, due to the way that SSL certificates are now handled.

Most issues with Autodiscover are either SSL or DNS related.
Does https://example.com/ work (ie you have an SSL site on one of your domain controllers).

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39675101
Just so we're on the same page...

External server name for mail = mail.domain.com
Internal server name for mail = intmail.domain.com

I have an autodiscover record created: autodiscover.domain.com
I have an external DNS A record for: mail.domain.com

I do NOT have an external DNS A record for: intmail.domain.com

I was going to then create an external DNS A record for : intmail.domain.com to avoid getting the prompt, and this is correct?
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39740156
Hoping Sembee responds to previous post here to confirm.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39743693
The best option is to change to use the external host name everywhere, rather than add your internal host name to the existing SSL certificate. Then the end users just need to know one address.

http://semb.ee/hostnames

Simon.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now