Solved

Exchange 2007 external Autodiscover, wrong server when prompted

Posted on 2013-11-21
15
369 Views
Last Modified: 2013-12-30
I have an Exchange 2007 server.  

When users go to create a new mail profile and they put in their email address and password, everything works fine.

However, it then prompts the user for the mail server address and username. A box pops up with the internal server name and the username field has SMTP=user@domain.com in it.

Where are these settings received from?  I need to make it so the users do not get prompted for server/username information.
0
Comment
Question by:Metaltree
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
  • 2
15 Comments
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39667187
Did you create and internal & External DNS record for autodiscover.domain.com pointing to your exchange server?

http://smarthost.blogspot.com/2008/12/configuring-autodiscover-for-exchange.html
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39667203
Yes
0
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39667282
I think what you have to do then is look at IIS.  Check the Active Sync Virtual directory authentication.  Set the default domain under Basic Authentication Settings.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 5

Author Comment

by:Metaltree
ID: 39667606
It is the server autodiscover is trying to contact the internal server name but the external server name autodiscover should contact is different. I need to know where it is pulling the name from , which is wrong, and how to change it
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39668459
Internally the clients will use the host name that you can see here:

get-clientaccessserver | select identity, autodiscoverinternalURI

The host name should resolve to Exchange, be on the SSL certificate and the certificate should be trusted.

Externally, clients go through a number of methods until one works. The main one that is used is Autodiscover.example.com.

Now the problem that we are seeing more often is that some web hosts are supporting Autodiscover in their default configuration and are getting in the way. This is because the first URL that Outlook tries is https://example.com/Autodiscover/Autodiscover.xml which usually resolves to the public web site and that is where the web host has their Autodiscover service. If that is the case then you need to get the web host to disable it - although most of them don't seem to know it even exists.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39669008
Sembee, you actually helped me with the original issue that the web host was allowing another websites cert to be inherited.

That is fixed, we have our cert working now. Autodiscover works, The problem I get is that after i get the 2 green check boxes and its about to load the profile, it prompts me for a server name. this server name happens to be the internal name on our domain, but I know at one time was an external DNS record as well.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39669609
Clients always will get the internal server name in their profile, but you shouldn't see a prompt.

The external name is used for Outlook Anywhere configuration.

Do an Autodiscover test through a client that is currently working:

http://semb.ee/adt

See what Exchange is sending back.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39669987
My test looks good...
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39670105
I'm thinking about it and our internal domain is the same as our external domain. Do I need to create an external A record with the name of the exchange server? in other words, we already have mail.domain.com should i create actualservername.domain.com A record?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39674386
If your internal and external domain names are the same, then you just need to add in the external host names to the internal DNS and point them at the Exchange server.
You don't need the server's real name in your external DNS at all.

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39674723
Ok, I already have my internal DNS setup correctly so then I still don't understand why it is prompting for the internal DNS name after autodiscover appears to work, I get the 2 green check boxes and then it wants to know the server name before it completes. Why is it not just pulling down that information on its own?

My thought process was that if I created an external DNS record with the internal name and pointed it at the same IP, this pop up would go away. Sounds more like a band aid than an actual solution.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39675091
What you have done is the correct way to do things, not a Band-Aid of any description, due to the way that SSL certificates are now handled.

Most issues with Autodiscover are either SSL or DNS related.
Does https://example.com/ work (ie you have an SSL site on one of your domain controllers).

Simon.
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39675101
Just so we're on the same page...

External server name for mail = mail.domain.com
Internal server name for mail = intmail.domain.com

I have an autodiscover record created: autodiscover.domain.com
I have an external DNS A record for: mail.domain.com

I do NOT have an external DNS A record for: intmail.domain.com

I was going to then create an external DNS A record for : intmail.domain.com to avoid getting the prompt, and this is correct?
0
 
LVL 5

Author Comment

by:Metaltree
ID: 39740156
Hoping Sembee responds to previous post here to confirm.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39743693
The best option is to change to use the external host name everywhere, rather than add your internal host name to the existing SSL certificate. Then the end users just need to know one address.

http://semb.ee/hostnames

Simon.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question