Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Autodiscover not working internal or external Exchange 2010

Posted on 2014-12-11
27
Medium Priority
?
194 Views
Last Modified: 2014-12-15
Need a hand.  Had to remove and reinstall AutoDiscover VDir on Exchange 2010.  I went back and setup all the EWS and autodiscover links via the applet.  

Now I cannot get to the autodiscover.xml file via a web browser.  I get 404, "file not found".  I also do not get a credential login prompt.  SSL and permissions seem to be correct.  External and Internal DNS are setup.  3rd party cert installed.

Fails the Outlook test and the MS Connectivity Test for autodiscover.

Thanks.......
0
Comment
Question by:yellaboyla
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 14
  • 13
27 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494110
If you fire up the Exchange Management Console and go to Server Config> Client Access then in the right-hand pane (Actons) select the Reset Virtual Directory Wizard.

Browse and choose the Autodiscover virtual directory and let the Wizard finish.

Is it working now?

Alan
0
 

Author Comment

by:yellaboyla
ID: 40494130
I have done that twice.  No difference.  I also deleted the Virtual via powershell, and same issue.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494181
Using IIS Manager, is the autodiscover Virtual Directory present under the Default website and does Autodiscover.xml appear using the Content View (not the Features View in the middle pane at the bottom)?

Alan
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 

Author Comment

by:yellaboyla
ID: 40494203
Yes...thx  So after digging, there was a redirect setup.  I removed that, and not I am getting the proper login prompt and 600 error page.

So I just ran Email test via Outlook for autodiscover.  It is prompting me for my internal credentials.  My external credentials are not authenticating the autodiscover settings.  The company is "xxx.loca"l inside, and "yyy.com" outside.  If i recall, I need to change this ADUC??
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494223
What names are included on your SSL certificate?

If you have autodiscover.publicdomain.com then run the following EMS command:

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://mail.publicdomain.com/autodiscover/autodiscover.xml”

Alan
0
 

Author Comment

by:yellaboyla
ID: 40494261
Connectivity test still fails on autodiscover......

 
 Attempting the Autodiscover and Exchange ActiveSync test (if requested).
  Testing of Autodiscover for Exchange ActiveSync failed.
 
 Additional Details
 
Elapsed Time: 3196 ms.  

 
 
 Test Steps
 
 Attempting each method of contacting the Autodiscover service.
  The Autodiscover service couldn't be contacted successfully by any method.
 
 Additional Details
 
Elapsed Time: 3196 ms.  

 
 
 Test Steps
 
 Attempting to test potential Autodiscover URL https://company.com:443/Autodiscover/Autodiscover.xml 
  Testing of this potential Autodiscover URL failed.
 
 Additional Details
 
Elapsed Time: 1605 ms.  

 
 
 Test Steps
 
 Attempting to resolve the host name company.com in DNS.
  The host name resolved successfully.
 
 Additional Details
 
IP addresses returned: 00.000.000.00

Elapsed Time: 169 ms.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494283
Well OWA is working and autodiscover.domain.com resolves to the same IP Address as your OWA URL and the SSL certificate includes autodiscover.domain.com so it's an IIS issue me thinks.

Have you run iisreset from and Administrative command prompt on the Exchange Server?

Alan
0
 

Author Comment

by:yellaboyla
ID: 40494299
yea..........

The problem is the external and internal dns names.  The test is trying to use the external credentials, but only the internal ones will allow access.  Where do I change that?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494351
Check the Authentication settings configured in IIS Manager for the Autodiscover virtual directory.  Should be Anonymous / Basic and Windows Auth.
0
 

Author Comment

by:yellaboyla
ID: 40494402
All good
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494440
Have you re-run the https://testexchangeconnectivity.com Autodiscover test since removing the redirection using your domain credentials?

Alan
0
 

Author Comment

by:yellaboyla
ID: 40494465
The active fails active but passes autodiscovery.

The 2nd test fails as posted earlier.  it ha to be tied to this domain login mismatch.  I did find a typo in external dns srv and fixed that
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494468
Not sure I understood your last comment.

Can you post the results of the Outlook Anywhere test please.

What Firewall / Router do you have too?

Alan
0
 

Author Comment

by:yellaboyla
ID: 40494631
Ok.  So the weird thing is;

Autodiscover fails on the activesync connectivity test but passes on the Outlook tests.  

OUTLOOK TEST

The Microsoft Connectivity Analyzer is attempting to test Autodiscover for tuser@domain.com.
  Autodiscover was tested successfully.
 
 Additional Details
 
Elapsed Time: 1657 ms.  

 
 
 Test Steps
 
 Attempting each method of contacting the Autodiscover service.
  The Autodiscover service was tested successfully.
 
 Additional Details
 
Elapsed Time: 1657 ms.  

 
 
 Test Steps
 
 Attempting to test potential Autodiscover URL https://domain.com:443/Autodiscover/Autodiscover.xml 
  Testing of the Autodiscover URL was successful.
 
 Additional Details
 
Elapsed Time: 1657 ms.  

ACTIVESYNC TEST

 Attempting the Autodiscover and Exchange ActiveSync test (if requested).
  Testing of Autodiscover for Exchange ActiveSync failed.
 
 Additional Details
 
Elapsed Time: 2996 ms.  

 
 
 Test Steps
 
 Attempting each method of contacting the Autodiscover service.
  The Autodiscover service couldn't be contacted successfully by any method.
 
 Additional Details
 
Elapsed Time: 2996 ms.  

 
 
 Test Steps
 
 Attempting to test potential Autodiscover URL https://thermotemp.com:443/Autodiscover/Autodiscover.xml 
  Testing of this potential Autodiscover URL failed.
 
 Additional Details
 
Elapsed Time: 1302 ms.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494646
Are you testing using the same FQDN's / credentials?

If not - why not?

Alan
0
 

Author Comment

by:yellaboyla
ID: 40494673
yes......exactly

email: user@external.com
authorized acct: user@internal.local
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494770
Please use domain\userid not user@internal.local and test again.
0
 

Author Comment

by:yellaboyla
ID: 40494817
ok...that worked.  Passed, thx...Here is the issue.  My Android is failing trying to connect.  Even using the same naming convention.  I get, "Server error occurred.  Check your username and password, and try again."

Here is the only erro I get in Connectivity tester;

 
 The Microsoft Connectivity Analyzer is testing Exchange ActiveSync.  
  The Exchange ActiveSync test failed.
 
 Additional Details
 
Elapsed Time: 2836 ms.  

 
 
 Test Steps
 
 Attempting the Autodiscover and Exchange ActiveSync test (if requested).
  Autodiscover was successfully tested for Exchange ActiveSync.
 
 Additional Details
 
Elapsed Time: 1434 ms.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40494847
Okay - so Autodiacover is fine.

If you are having problems with Activesync - are you using an account that is also an admin account?

Alan
0
 

Author Comment

by:yellaboyla
ID: 40494895
I just used my admin account to test activesync, and no love..................
same error as before
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40495012
Admin accounts won't work properly with Activesync!

Please have a read of my article for more info:

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2861-Activesync-Working-But-Only-For-Some-Users-On-Exchange-2007-2010.html

Alan
0
 

Author Comment

by:yellaboyla
ID: 40495038
at first, I just used a regular account.  Thought you needed me to check with a admin account.  Both accounts, same issue.  I am deleting and recreating the activesync virtual folder right now.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40495062
Probably not necessary but if you do - use the wizard.

Alan
0
 

Author Comment

by:yellaboyla
ID: 40495092
ok...So I deleted it via powershell.  It's gone from Exchange, but is still listed in IIS.  What do you recommend?
0
 

Author Comment

by:yellaboyla
ID: 40495595
Had to do the following to get the virtual back in place.

To remove it from AD and IIS: (Run from Exchange of course)

$Site = [ADSI]"IIS://localhost/W3SVC/1/Root"
 $site.Delete("IIsWebVirtualDir","Microsoft-Server-ActiveSync")
 $site.SetInfo()

To recreate it

=> I then ran iisreset
 => I checked IIS Manager, and the Microsdt-Server-ActiveSync is now gone, and the application is still there.
 => I ran the EMS command:  New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site"
 Results:  Successfully recreated.
 => ran iisreset
 = Checked IIS Manager 7.5, and the ActiveSync is recreated
 = Checked the EMC, and the Exchange ActiveSync (under Server COnfig, Client Access) is recreated.  I added the External URL.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 40495683
Okay - so is the Activesync test working from the test site using a non-admin account and using domain\userid as the credentials?
0
 

Author Comment

by:yellaboyla
ID: 40496111
All working now.  I inherited this from another consultant.  It was a migration from SBS 2003 to Exchange 2010 \ Win 2008.  Well, I should have known to go through the setup.  The old SBS went offline last night, and the virtuals went crazy.  Exchange crashed.So I went and checked IP configs on the DNS boxes and it was all messed up.  The SBS box was acting as the PDC and other DC's pointed to it.  Anyways, once that was fixed, I think it allowed autodiscover to pass from the firewall to the EX without hopping around.

One question.   would like activesync to be seamless.  Their internal and external FQDN are different.  The internal FQDN is not listed in the SAN as the new rules say.  Can I just adjust ADUC so when the phones login, it won't stop and prompt them for a second login?
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question