Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Autodiscover

Posted on 2014-03-03
10
Medium Priority
?
290 Views
Last Modified: 2014-03-17
Hi All

I have recently installed a new RapidSSL certificate onto a client's Windows Server (2008)

Now, everytime they open outlook they get the attached error message about autodiscover.

Is this something I have done wrong.

thanks
Ryan
auto.jpg
0
Comment
Question by:ryank85
  • 6
  • 4
10 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39900781
What names did you include in the SSL certificate?

Did you include autodiscover.domain.com in the SSL certificate?
0
 

Author Comment

by:ryank85
ID: 39900868
Hi Alan

I don't usually enter autodiscover.domain.com, just remote.domain.com, the SSL Certificates I purchase normally are these - https://www.servertastic.com/rapidssl/


Do I need this SSL - https://www.servertastic.com/quickssl-premium-multi-domain/
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39900918
You can make Exchange happy with just a single name, but you need to point the Exchange URL's to the right name.

Personally I usually buy a multi-name SSL certificate, but if you want to get things working as they are, have a read of this article by Simon:

http://exchange.sembee.info/2007/install/singlenamessl.asp

If that's too complicated, then a multi-name SSL certificate will be less hassle.

What is your internal domain name?  Is it a .local domain or the same as your external domain name?

Alan
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:ryank85
ID: 39902671
thanks Alan

The internal domain is different - https://server.domain.local

External it's https://remote.domain.com

Do I need to create a local DNS Entry on the local Exchange Server, i.e new forward lookup zone and point autodiscover.domain.com to the local server IP Address?

And then on the hosting provider create an A Record and point that to the static ip address of the exchange server (internet static address)?

Ryan
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 39902689
No - but you will need to point the internal URL's to your external URL to match the certificate name by running the following Exchange Management Shell commands (just in case):

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/EWS/Exchange.asmx”
Set-oabvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://mail.yourdomain.com/Microsoft-Server-ActiveSync"
0
 

Author Comment

by:ryank85
ID: 39902708
thanks Alan

I have done this and all the URLs now show as https://remote.domain.com/......

However when I try and enter the out of office on a remote user I get the following error:--

Your out of office settings cannot be displayed - because the server is currently unavailable

Any ideas Alan?

thanks again for your help
Ryan
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39903255
Have you setup an Autodiscover record in your Public DNS records?  If not, then you need to.  Setup a CNAME record and point it to your remote.domain.com record.

Then try OOF again.
0
 

Author Comment

by:ryank85
ID: 39905759
Hi Alan

Ok the out of office now works :-)

I created the CNAME on the hosting company and a DNS entry on the local DNS server and it worked ok.

So the only issue now is the Autodiscover popup on outlook, it still shows that, I guess the only way around this now is to purchase an SSL Cert that supports sub domains or use the SRV?

Ryan
0
 

Author Comment

by:ryank85
ID: 39910391
Ok managed to sort this. I purchased a wildcard SSL from my host that supports autodiscover and remote.domain.com and everything works.

However now two of the remote windows XP machines popup with the password box and it doesn't connect as I have been told XP doesn't support wildcard SSLs. I have told the client they need to update their OS anyway due to MS not supporting after April.

You can get outlook to work though. Instead of using mmtd:remote.domain.com you can use mmtd:*.domain.com

However when you close outlook again it reverts the settings back to mmtd:remote.domain.com

Does anyone have a solution to this apart from OS upgrade.

Ryan
0
 

Author Comment

by:ryank85
ID: 39911859
Anyone had any experience using this command for a fix

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domainname.com.com

When I run "Get-OutlookProvider -Identity EXPR" the SERVER and CertPrincipalName are blank? I ran this command on a few of my server and they are all the same?

http://technet.microsoft.com/en-us/library/cc535023(EXCHG.80).aspx

Ryan
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I came across an unsolved Outlook issue and here is my solution.
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses
Course of the Month12 days, 13 hours left to enroll

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question