Link to home
Start Free TrialLog in
Avatar of Metaltree
MetaltreeFlag for United States of America

asked on

Exchange 2007 external Autodiscover, wrong server when prompted

I have an Exchange 2007 server.  

When users go to create a new mail profile and they put in their email address and password, everything works fine.

However, it then prompts the user for the mail server address and username. A box pops up with the internal server name and the username field has SMTP=user@domain.com in it.

Where are these settings received from?  I need to make it so the users do not get prompted for server/username information.
Avatar of Nick Rhode
Nick Rhode
Flag of United States of America image

Did you create and internal & External DNS record for autodiscover.domain.com pointing to your exchange server?

http://smarthost.blogspot.com/2008/12/configuring-autodiscover-for-exchange.html
Avatar of Metaltree

ASKER

Yes
I think what you have to do then is look at IIS.  Check the Active Sync Virtual directory authentication.  Set the default domain under Basic Authentication Settings.
It is the server autodiscover is trying to contact the internal server name but the external server name autodiscover should contact is different. I need to know where it is pulling the name from , which is wrong, and how to change it
Avatar of Simon Butler (Sembee)
Internally the clients will use the host name that you can see here:

get-clientaccessserver | select identity, autodiscoverinternalURI

The host name should resolve to Exchange, be on the SSL certificate and the certificate should be trusted.

Externally, clients go through a number of methods until one works. The main one that is used is Autodiscover.example.com.

Now the problem that we are seeing more often is that some web hosts are supporting Autodiscover in their default configuration and are getting in the way. This is because the first URL that Outlook tries is https://example.com/Autodiscover/Autodiscover.xml which usually resolves to the public web site and that is where the web host has their Autodiscover service. If that is the case then you need to get the web host to disable it - although most of them don't seem to know it even exists.

Simon.
Sembee, you actually helped me with the original issue that the web host was allowing another websites cert to be inherited.

That is fixed, we have our cert working now. Autodiscover works, The problem I get is that after i get the 2 green check boxes and its about to load the profile, it prompts me for a server name. this server name happens to be the internal name on our domain, but I know at one time was an external DNS record as well.
Clients always will get the internal server name in their profile, but you shouldn't see a prompt.

The external name is used for Outlook Anywhere configuration.

Do an Autodiscover test through a client that is currently working:

http://semb.ee/adt

See what Exchange is sending back.

Simon.
My test looks good...
I'm thinking about it and our internal domain is the same as our external domain. Do I need to create an external A record with the name of the exchange server? in other words, we already have mail.domain.com should i create actualservername.domain.com A record?
If your internal and external domain names are the same, then you just need to add in the external host names to the internal DNS and point them at the Exchange server.
You don't need the server's real name in your external DNS at all.

Simon.
Ok, I already have my internal DNS setup correctly so then I still don't understand why it is prompting for the internal DNS name after autodiscover appears to work, I get the 2 green check boxes and then it wants to know the server name before it completes. Why is it not just pulling down that information on its own?

My thought process was that if I created an external DNS record with the internal name and pointed it at the same IP, this pop up would go away. Sounds more like a band aid than an actual solution.
What you have done is the correct way to do things, not a Band-Aid of any description, due to the way that SSL certificates are now handled.

Most issues with Autodiscover are either SSL or DNS related.
Does https://example.com/ work (ie you have an SSL site on one of your domain controllers).

Simon.
Just so we're on the same page...

External server name for mail = mail.domain.com
Internal server name for mail = intmail.domain.com

I have an autodiscover record created: autodiscover.domain.com
I have an external DNS A record for: mail.domain.com

I do NOT have an external DNS A record for: intmail.domain.com

I was going to then create an external DNS A record for : intmail.domain.com to avoid getting the prompt, and this is correct?
Hoping Sembee responds to previous post here to confirm.
ASKER CERTIFIED SOLUTION
Avatar of Simon Butler (Sembee)
Simon Butler (Sembee)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial