Solved

Autodiscover

Posted on 2014-03-03
10
270 Views
Last Modified: 2014-03-17
Hi All

I have recently installed a new RapidSSL certificate onto a client's Windows Server (2008)

Now, everytime they open outlook they get the attached error message about autodiscover.

Is this something I have done wrong.

thanks
Ryan
auto.jpg
0
Comment
Question by:ryank85
  • 6
  • 4
10 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39900781
What names did you include in the SSL certificate?

Did you include autodiscover.domain.com in the SSL certificate?
0
 

Author Comment

by:ryank85
ID: 39900868
Hi Alan

I don't usually enter autodiscover.domain.com, just remote.domain.com, the SSL Certificates I purchase normally are these - https://www.servertastic.com/rapidssl/


Do I need this SSL - https://www.servertastic.com/quickssl-premium-multi-domain/
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39900918
You can make Exchange happy with just a single name, but you need to point the Exchange URL's to the right name.

Personally I usually buy a multi-name SSL certificate, but if you want to get things working as they are, have a read of this article by Simon:

http://exchange.sembee.info/2007/install/singlenamessl.asp

If that's too complicated, then a multi-name SSL certificate will be less hassle.

What is your internal domain name?  Is it a .local domain or the same as your external domain name?

Alan
0
 

Author Comment

by:ryank85
ID: 39902671
thanks Alan

The internal domain is different - https://server.domain.local

External it's https://remote.domain.com

Do I need to create a local DNS Entry on the local Exchange Server, i.e new forward lookup zone and point autodiscover.domain.com to the local server IP Address?

And then on the hosting provider create an A Record and point that to the static ip address of the exchange server (internet static address)?

Ryan
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39902689
No - but you will need to point the internal URL's to your external URL to match the certificate name by running the following Exchange Management Shell commands (just in case):

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/EWS/Exchange.asmx
Set-oabvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://mail.yourdomain.com/Microsoft-Server-ActiveSync"
0
The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

 

Author Comment

by:ryank85
ID: 39902708
thanks Alan

I have done this and all the URLs now show as https://remote.domain.com/......

However when I try and enter the out of office on a remote user I get the following error:--

Your out of office settings cannot be displayed - because the server is currently unavailable

Any ideas Alan?

thanks again for your help
Ryan
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39903255
Have you setup an Autodiscover record in your Public DNS records?  If not, then you need to.  Setup a CNAME record and point it to your remote.domain.com record.

Then try OOF again.
0
 

Author Comment

by:ryank85
ID: 39905759
Hi Alan

Ok the out of office now works :-)

I created the CNAME on the hosting company and a DNS entry on the local DNS server and it worked ok.

So the only issue now is the Autodiscover popup on outlook, it still shows that, I guess the only way around this now is to purchase an SSL Cert that supports sub domains or use the SRV?

Ryan
0
 

Author Comment

by:ryank85
ID: 39910391
Ok managed to sort this. I purchased a wildcard SSL from my host that supports autodiscover and remote.domain.com and everything works.

However now two of the remote windows XP machines popup with the password box and it doesn't connect as I have been told XP doesn't support wildcard SSLs. I have told the client they need to update their OS anyway due to MS not supporting after April.

You can get outlook to work though. Instead of using mmtd:remote.domain.com you can use mmtd:*.domain.com

However when you close outlook again it reverts the settings back to mmtd:remote.domain.com

Does anyone have a solution to this apart from OS upgrade.

Ryan
0
 

Author Comment

by:ryank85
ID: 39911859
Anyone had any experience using this command for a fix

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domainname.com.com

When I run "Get-OutlookProvider -Identity EXPR" the SERVER and CertPrincipalName are blank? I ran this command on a few of my server and they are all the same?

http://technet.microsoft.com/en-us/library/cc535023(EXCHG.80).aspx

Ryan
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Outlook Free & Paid Tools
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now