Solved

Autodiscover

Posted on 2014-03-03
10
277 Views
Last Modified: 2014-03-17
Hi All

I have recently installed a new RapidSSL certificate onto a client's Windows Server (2008)

Now, everytime they open outlook they get the attached error message about autodiscover.

Is this something I have done wrong.

thanks
Ryan
auto.jpg
0
Comment
Question by:ryank85
  • 6
  • 4
10 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39900781
What names did you include in the SSL certificate?

Did you include autodiscover.domain.com in the SSL certificate?
0
 

Author Comment

by:ryank85
ID: 39900868
Hi Alan

I don't usually enter autodiscover.domain.com, just remote.domain.com, the SSL Certificates I purchase normally are these - https://www.servertastic.com/rapidssl/


Do I need this SSL - https://www.servertastic.com/quickssl-premium-multi-domain/
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39900918
You can make Exchange happy with just a single name, but you need to point the Exchange URL's to the right name.

Personally I usually buy a multi-name SSL certificate, but if you want to get things working as they are, have a read of this article by Simon:

http://exchange.sembee.info/2007/install/singlenamessl.asp

If that's too complicated, then a multi-name SSL certificate will be less hassle.

What is your internal domain name?  Is it a .local domain or the same as your external domain name?

Alan
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:ryank85
ID: 39902671
thanks Alan

The internal domain is different - https://server.domain.local

External it's https://remote.domain.com

Do I need to create a local DNS Entry on the local Exchange Server, i.e new forward lookup zone and point autodiscover.domain.com to the local server IP Address?

And then on the hosting provider create an A Record and point that to the static ip address of the exchange server (internet static address)?

Ryan
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39902689
No - but you will need to point the internal URL's to your external URL to match the certificate name by running the following Exchange Management Shell commands (just in case):

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/EWS/Exchange.asmx”
Set-oabvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://mail.yourdomain.com/Microsoft-Server-ActiveSync"
0
 

Author Comment

by:ryank85
ID: 39902708
thanks Alan

I have done this and all the URLs now show as https://remote.domain.com/......

However when I try and enter the out of office on a remote user I get the following error:--

Your out of office settings cannot be displayed - because the server is currently unavailable

Any ideas Alan?

thanks again for your help
Ryan
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39903255
Have you setup an Autodiscover record in your Public DNS records?  If not, then you need to.  Setup a CNAME record and point it to your remote.domain.com record.

Then try OOF again.
0
 

Author Comment

by:ryank85
ID: 39905759
Hi Alan

Ok the out of office now works :-)

I created the CNAME on the hosting company and a DNS entry on the local DNS server and it worked ok.

So the only issue now is the Autodiscover popup on outlook, it still shows that, I guess the only way around this now is to purchase an SSL Cert that supports sub domains or use the SRV?

Ryan
0
 

Author Comment

by:ryank85
ID: 39910391
Ok managed to sort this. I purchased a wildcard SSL from my host that supports autodiscover and remote.domain.com and everything works.

However now two of the remote windows XP machines popup with the password box and it doesn't connect as I have been told XP doesn't support wildcard SSLs. I have told the client they need to update their OS anyway due to MS not supporting after April.

You can get outlook to work though. Instead of using mmtd:remote.domain.com you can use mmtd:*.domain.com

However when you close outlook again it reverts the settings back to mmtd:remote.domain.com

Does anyone have a solution to this apart from OS upgrade.

Ryan
0
 

Author Comment

by:ryank85
ID: 39911859
Anyone had any experience using this command for a fix

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domainname.com.com

When I run "Get-OutlookProvider -Identity EXPR" the SERVER and CertPrincipalName are blank? I ran this command on a few of my server and they are all the same?

http://technet.microsoft.com/en-us/library/cc535023(EXCHG.80).aspx

Ryan
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
outlook error send and receive 15 97
Check SMTP log file on Exchange 2010 7 37
Mail not being received 19 25
Error on OWA 2016 14 21
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
how to add IIS SMTP to handle application/Scanner relays into office 365.
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question