Autodiscover

Hi All

I have recently installed a new RapidSSL certificate onto a client's Windows Server (2008)

Now, everytime they open outlook they get the attached error message about autodiscover.

Is this something I have done wrong.

thanks
Ryan
auto.jpg
ryank85Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
What names did you include in the SSL certificate?

Did you include autodiscover.domain.com in the SSL certificate?
0
ryank85Author Commented:
Hi Alan

I don't usually enter autodiscover.domain.com, just remote.domain.com, the SSL Certificates I purchase normally are these - https://www.servertastic.com/rapidssl/


Do I need this SSL - https://www.servertastic.com/quickssl-premium-multi-domain/
0
Alan HardistyCo-OwnerCommented:
You can make Exchange happy with just a single name, but you need to point the Exchange URL's to the right name.

Personally I usually buy a multi-name SSL certificate, but if you want to get things working as they are, have a read of this article by Simon:

http://exchange.sembee.info/2007/install/singlenamessl.asp

If that's too complicated, then a multi-name SSL certificate will be less hassle.

What is your internal domain name?  Is it a .local domain or the same as your external domain name?

Alan
0
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

ryank85Author Commented:
thanks Alan

The internal domain is different - https://server.domain.local

External it's https://remote.domain.com

Do I need to create a local DNS Entry on the local Exchange Server, i.e new forward lookup zone and point autodiscover.domain.com to the local server IP Address?

And then on the hosting provider create an A Record and point that to the static ip address of the exchange server (internet static address)?

Ryan
0
Alan HardistyCo-OwnerCommented:
No - but you will need to point the internal URL's to your external URL to match the certificate name by running the following Exchange Management Shell commands (just in case):

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://mail.yourdomain.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/EWS/Exchange.asmx”
Set-oabvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://mail.yourdomain.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://mail.yourdomain.com/Microsoft-Server-ActiveSync"
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ryank85Author Commented:
thanks Alan

I have done this and all the URLs now show as https://remote.domain.com/......

However when I try and enter the out of office on a remote user I get the following error:--

Your out of office settings cannot be displayed - because the server is currently unavailable

Any ideas Alan?

thanks again for your help
Ryan
0
Alan HardistyCo-OwnerCommented:
Have you setup an Autodiscover record in your Public DNS records?  If not, then you need to.  Setup a CNAME record and point it to your remote.domain.com record.

Then try OOF again.
0
ryank85Author Commented:
Hi Alan

Ok the out of office now works :-)

I created the CNAME on the hosting company and a DNS entry on the local DNS server and it worked ok.

So the only issue now is the Autodiscover popup on outlook, it still shows that, I guess the only way around this now is to purchase an SSL Cert that supports sub domains or use the SRV?

Ryan
0
ryank85Author Commented:
Ok managed to sort this. I purchased a wildcard SSL from my host that supports autodiscover and remote.domain.com and everything works.

However now two of the remote windows XP machines popup with the password box and it doesn't connect as I have been told XP doesn't support wildcard SSLs. I have told the client they need to update their OS anyway due to MS not supporting after April.

You can get outlook to work though. Instead of using mmtd:remote.domain.com you can use mmtd:*.domain.com

However when you close outlook again it reverts the settings back to mmtd:remote.domain.com

Does anyone have a solution to this apart from OS upgrade.

Ryan
0
ryank85Author Commented:
Anyone had any experience using this command for a fix

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.domainname.com.com

When I run "Get-OutlookProvider -Identity EXPR" the SERVER and CertPrincipalName are blank? I ran this command on a few of my server and they are all the same?

http://technet.microsoft.com/en-us/library/cc535023(EXCHG.80).aspx

Ryan
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Outlook

From novice to tech pro — start learning today.