Solved

On-site users cannot authenticate to Exchange server after power-shell changes; OWA works fine?

Posted on 2014-02-26
2
1,135 Views
Last Modified: 2014-05-07
We have been having a ton of certificate errors, due to our internal domain being "domain.local", and only having a single Exchange server with a wildcard cert "*.domain.local". To ensure that all Outlook users would connect directly to the external address (which had the proper certificate), I changed all of the internal/external settings in these instructions (http://exchangeserverpro.com/avoiding-exchange-2013-server-names-ssl-certificates/) to https://external.domain.com/_____.

Tested it on a few machines, no problems. The next day (today), getting 50% of users internally reporting that they cannot connect - keeps popping up user/pass window... Try to authenticate (domain\user and applicable password), but only get this error: "The connection to Microsoft Exchange is unavailable.  Outlook must be online or connected to complete this action." So far, no issue configuring externally, and the "Remote Connectivity Analyzer" shows no issues in any category.

OWA works fine, and as I mentioned, about 50% of users work normally after reboot. Stumped - can anyone help?
0
Comment
Question by:ITAdvisors
2 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39889317
Does the external name resolve internally?
If you run an Autodiscover test, do the correct host names come back?

Simon.
0
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 39889556
More than likely the autodiscover settings are cached with the old name of autodiscover.domain.local, so computers are getting screwed up. Try running a repair on the Outlook profile for a user who has the issue to see if that fixes the problem. If it doesn't, remove any autodiscover.domain.local entries in DNS, Then create a SRV record in the domain.local DNS zone for the _autodiscover service that points clients to the autodiscover.domain.com address. http://acbrownit.wordpress.com/2012/12/20/internal-dns-and-exchange-autodiscover/ has info near the bottom on configuring a SRV record.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
exchange, script, email address 7 41
Exchange 2010, Implementing On-Prem Archiving 3 25
Exchange 2013 Update 4 25
Need help to understand PowerShell code 4 22
Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This is my first article on Expert Exchange on the Manual Method of Exporting Office 365 Mailboxes to PST format by using the eDiscovery mechanism of Office. Hope you will enjoy the article.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now