UBIFCU
asked on
Outlook 2010 clients sporadically fail to connect to Exchange 2013
I've spent about 20+ hours on the phone with MS Exchange support trying to get this working. We are a small organization, 30 clients. I just migrated from Exchange 2007 to Exchange 2013. All services start up and move mail properly to/from the internet. UM works properly. Everything tested fine before moving everyone live to the new server. However, Outlook will not connect normally on the client machines. Sometimes some clients can connect, other times they cannot reconnect.... whether they can connect or not is very transient. Almost like it's a port conflict issue. I have a third party Digicert certificate installed that I'm using. MS assures me that my entire exchange setup is correct so they've passed the ticket on to Active Directory support. They will be calling me later. However, I thought I'd throw this out there to the experts community for input.
About the certificate, I have 4 hosts on it, mail.ubifcu.com, autodiscover.ubifcu.com,le
Sometimes I can get a half-hearted Outlook connection on some stations, but the Outlook connection status window shows negotiated connection for Authn method, the actual server name instead of the SID@ubifcu.com, and a bunch of other connection oddities.
I've pulled a few test clients (and the server too) out of their normal OU to an OU with no GPO's being applied (in some GPO's we do modify the NTLM response to accept NTLMv2 only). This didn't fix the issue.
I've stopped all extraneous services on the Exchange box, and restarted the Exchange and IIS services (thinking it was a port contention issue). This did not resolve the issue.
To me this feels like a port contention issue, but I cannot find one at all. Right now, I'm open to all suggestions. I would be very surprised if I haven't tried it all ready, but there is obviously an answer I haven't considered yet because it's sill not working 100%.
About the certificate, I have 4 hosts on it, mail.ubifcu.com, autodiscover.ubifcu.com,le
Sometimes I can get a half-hearted Outlook connection on some stations, but the Outlook connection status window shows negotiated connection for Authn method, the actual server name instead of the SID@ubifcu.com, and a bunch of other connection oddities.
I've pulled a few test clients (and the server too) out of their normal OU to an OU with no GPO's being applied (in some GPO's we do modify the NTLM response to accept NTLMv2 only). This didn't fix the issue.
I've stopped all extraneous services on the Exchange box, and restarted the Exchange and IIS services (thinking it was a port contention issue). This did not resolve the issue.
To me this feels like a port contention issue, but I cannot find one at all. Right now, I'm open to all suggestions. I would be very surprised if I haven't tried it all ready, but there is obviously an answer I haven't considered yet because it's sill not working 100%.
ASKER
How can I capture the results? It doesn't allow me to copy/past them from the test window.
ASKER
n/m here's the XML
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<User>
<DisplayName>firstname username</DisplayName>
<LegacyDN>/o=UBIFCU/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=firstnameZ</LegacyDN>
<AutoDiscoverSMTPAddress>j.username@ubifcu.com</AutoDiscoverSMTPAddress>
<DeploymentId>49d59aaf-ee40-4923-81d2-01df23dfee8f</DeploymentId>
</User>
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<MicrosoftOnline>False</MicrosoftOnline>
<Protocol>
<Type>EXCH</Type>
<Server>0566d51d-0f6e-48b4-8c32-2c4f061053aa@ubifcu.com</Server>
<ServerDN>/o=UBIFCU/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=0566d51d-0f6e-48b4-8c32-2c4f061053aa@ubifcu.com</ServerDN>
<ServerVersion>73C08434</ServerVersion>
<MdbDN>/o=UBIFCU/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=0566d51d-0f6e-48b4-8c32-2c4f061053aa@ubifcu.com/cn=Microsoft Private MDB</MdbDN>
<PublicFolderServer>mail.ubifcu.com</PublicFolderServer>
<AD>PLV-DC1.UBIFCU.local</AD>
<ASUrl>https://mail.ubifcu.com/ews/exchange.asmx</ASUrl>
<EwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://mail.ubifcu.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=UBIFCU.local</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=UBIFCU.local</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-ret>
<EcpUrl-publish>customize/calendarpublishing.slab?rfr=olk&exsvurl=1&FldID=<FldID>&realm=UBIFCU.local</EcpUrl-publish>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=UBIFCU.local</EcpUrl-photo>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=UBIFCU.local</EcpUrl-extinstall>
<OOFUrl>https://mail.ubifcu.com/ews/exchange.asmx</OOFUrl>
<UMUrl>https://mail.ubifcu.com/ews/UM2007Legacy.asmx</UMUrl>
<OABUrl>https://mail.ubifcu.com/OAB/99b32b15-677b-4392-83d5-c2a89fb07e5a/</OABUrl>
<ServerExclusiveConnect>off</ServerExclusiveConnect>
</Protocol>
<Protocol>
<Type>EXPR</Type>
<Server>mail.ubifcu.com</Server>
<SSL>On</SSL>
<AuthPackage>Ntlm</AuthPackage>
<ASUrl>https://mail.ubifcu.com/ews/exchange.asmx</ASUrl>
<EwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://mail.ubifcu.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=UBIFCU.local</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=UBIFCU.local</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-ret>
<EcpUrl-publish>customize/calendarpublishing.slab?rfr=olk&exsvurl=1&FldID=<FldID>&realm=UBIFCU.local</EcpUrl-publish>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=UBIFCU.local</EcpUrl-photo>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=UBIFCU.local</EcpUrl-extinstall>
<OOFUrl>https://mail.ubifcu.com/ews/exchange.asmx</OOFUrl>
<UMUrl>https://mail.ubifcu.com/ews/UM2007Legacy.asmx</UMUrl>
<OABUrl>https://mail.ubifcu.com/OAB/99b32b15-677b-4392-83d5-c2a89fb07e5a/</OABUrl>
<ServerExclusiveConnect>on</ServerExclusiveConnect>
<EwsPartnerUrl>https://mail.ubifcu.com/ews/exchange.asmx</EwsPartnerUrl>
<GroupingInformation>UBIFCU</GroupingInformation>
</Protocol>
<Protocol>
<Type>WEB</Type>
<Internal>
<OWAUrl AuthenticationMethod="Basic, Fba">https://mail.ubifcu.com/owa/</OWAUrl>
<Protocol>
<Type>EXCH</Type>
<ASUrl>https://mail.ubifcu.com/ews/exchange.asmx</ASUrl>
</Protocol>
</Internal>
<External>
<OWAUrl AuthenticationMethod="Fba">https://mail.ubifcu.com/owa/</OWAUrl>
<Protocol>
<Type>EXPR</Type>
<ASUrl>https://mail.ubifcu.com/ews/exchange.asmx</ASUrl>
</Protocol>
</External>
</Protocol>
<Protocol>
<Type>EXHTTP</Type>
<Server>mail.ubifcu.com</Server>
<SSL>On</SSL>
<AuthPackage>Ntlm</AuthPackage>
<ASUrl>https://mail.ubifcu.com/ews/exchange.asmx</ASUrl>
<EwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://mail.ubifcu.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=UBIFCU.local</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=UBIFCU.local</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-ret>
<EcpUrl-publish>customize/calendarpublishing.slab?rfr=olk&exsvurl=1&FldID=<FldID>&realm=UBIFCU.local</EcpUrl-publish>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=UBIFCU.local</EcpUrl-photo>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=UBIFCU.local</EcpUrl-extinstall>
<OOFUrl>https://mail.ubifcu.com/ews/exchange.asmx</OOFUrl>
<UMUrl>https://mail.ubifcu.com/ews/UM2007Legacy.asmx</UMUrl>
<OABUrl>https://mail.ubifcu.com/OAB/99b32b15-677b-4392-83d5-c2a89fb07e5a/</OABUrl>
<ServerExclusiveConnect>On</ServerExclusiveConnect>
</Protocol>
<Protocol>
<Type>EXHTTP</Type>
<Server>mail.ubifcu.com</Server>
<SSL>On</SSL>
<AuthPackage>Ntlm</AuthPackage>
<ASUrl>https://mail.ubifcu.com/ews/exchange.asmx</ASUrl>
<EwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EwsUrl>
<EmwsUrl>https://mail.ubifcu.com/ews/exchange.asmx</EmwsUrl>
<EcpUrl>https://mail.ubifcu.com/ecp/</EcpUrl>
<EcpUrl-um>?rfr=olk&p=customize/voicemail.aspx&exsvurl=1&realm=UBIFCU.local</EcpUrl-um>
<EcpUrl-aggr>?rfr=olk&p=personalsettings/EmailSubscriptions.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-aggr>
<EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?rfr=olk&exsvurl=1&IsOWA=<IsOWA>&MsgID=<MsgID>&Mbx=<Mbx>&realm=UBIFCU.local</EcpUrl-mt>
<EcpUrl-ret>?rfr=olk&p=organize/retentionpolicytags.slab&exsvurl=1&realm=UBIFCU.local</EcpUrl-ret>
<EcpUrl-publish>customize/calendarpublishing.slab?rfr=olk&exsvurl=1&FldID=<FldID>&realm=UBIFCU.local</EcpUrl-publish>
<EcpUrl-photo>PersonalSettings/EditAccount.aspx?rfr=olk&chgPhoto=1&exsvurl=1&realm=UBIFCU.local</EcpUrl-photo>
<EcpUrl-extinstall>Extension/InstalledExtensions.slab?rfr=olk&exsvurl=1&realm=UBIFCU.local</EcpUrl-extinstall>
<OOFUrl>https://mail.ubifcu.com/ews/exchange.asmx</OOFUrl>
<UMUrl>https://mail.ubifcu.com/ews/UM2007Legacy.asmx</UMUrl>
<OABUrl>https://mail.ubifcu.com/OAB/99b32b15-677b-4392-83d5-c2a89fb07e5a/</OABUrl>
<ServerExclusiveConnect>On</ServerExclusiveConnect>
</Protocol>
<PublicFolderInformation>
<SmtpAddress>UBIFCU2@ubifcu.com</SmtpAddress>
</PublicFolderInformation>
</Account>
</Response>
</Autodiscover>
Hi,
Please try to run Microsoft Remote Connectivity(https://testconnectivity.microsoft.com/) to test Exchange server connection.
Besides, run below command to double check the configuration of virtual directory:
Get-OabVirtualDirectory | FL Identity,*url*
Get-OutlookAnywhere | FL Identity,*Host*,*Auth*
Get-OwaVirtualDirectory | FL Identity,*url*
Get-EcpVirtualDirectory | FL Identity,*url*
Get-WebServicesVirtualDire
Get-ClientAccessServer | FL Identity,*URI*
More details about Migrate Exchange 2007 to Exchange 2013, for your reference:
http://blogs.technet.com/b/meamcs/archive/2013/07/25/part-2-step-by-step-exchange-2007-to-2013-migration.aspx
Please try to run Microsoft Remote Connectivity(https://testconnectivity.microsoft.com/) to test Exchange server connection.
Besides, run below command to double check the configuration of virtual directory:
Get-OabVirtualDirectory | FL Identity,*url*
Get-OutlookAnywhere | FL Identity,*Host*,*Auth*
Get-OwaVirtualDirectory | FL Identity,*url*
Get-EcpVirtualDirectory | FL Identity,*url*
Get-WebServicesVirtualDire
Get-ClientAccessServer | FL Identity,*URI*
More details about Migrate Exchange 2007 to Exchange 2013, for your reference:
http://blogs.technet.com/b/meamcs/archive/2013/07/25/part-2-step-by-step-exchange-2007-to-2013-migration.aspx
ASKER
Here's the output from those commands:
Here's RCA AutoDiscover Connectivity Test:
Here's Outlook Connectivity RCA test:
[PS] C:\>Get-OabVirtualDirectory | fl Identity,*url*
Identity : PLV-SERVICES\OAB (Default Web Site)
InternalUrl : https://mail.ubifcu.com/OAB
ExternalUrl : https://mail.ubifcu.com/OAB
[PS] C:\>Get-OutlookAnywhere | fl Identity,*url*
Identity : PLV-SERVICES\Rpc (Default Web Site)
XropUrl :
[PS] C:\>Get-OwaVirtualDirectory | fl Identity,*url*
Identity : PLV-SERVICES\owa (Default Web Site)
Url : {}
SetPhotoURL :
Exchange2003Url :
FailbackUrl :
InternalUrl : https://mail.ubifcu.com/owa
ExternalUrl : https://mail.ubifcu.com/owa
[PS] C:\>Get-EcpVirtualDirectory | fl Identity,*url*
Identity : PLV-SERVICES\ecp (Default Web Site)
InternalUrl : https://mail.ubifcu.com/ecp
ExternalUrl : https://mail.ubifcu.com/ecp
[PS] C:\>Get-WebServicesVirtualDirectory | fl Identity,*url*
Identity : PLV-SERVICES\EWS (Default Web Site)
InternalNLBBypassUrl :
InternalUrl : https://mail.ubifcu.com/ews/exchange.asmx
ExternalUrl : https://mail.ubifcu.com/ews/exchange.asmx
[PS] C:\>Get-ClientAccessServer | fl Identity,*url*
Identity : PLV-SERVICES
[PS] C:\>Here's RCA AutoDiscover Connectivity Test:
<?xml version="1.0" encoding="utf-8"?>
<testresult status="FatalError" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to test Autodiscover for s.phillips@ubifcu.com." resultdescription="Testing Autodiscover failed." additionaldetails="" elapsedMilliseconds="2933">
<children>
<testresult status="FatalError" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting each method of contacting the Autodiscover service." resultdescription="The Autodiscover service couldn't be contacted successfully by any method." additionaldetails="" elapsedMilliseconds="2933">
<children>
<testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to test potential Autodiscover URL https://ubifcu.com:443/Autodiscover/Autodiscover.xml" resultdescription="Testing of this potential Autodiscover URL failed." additionaldetails="" elapsedMilliseconds="776">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Attempting to resolve the host name ubifcu.com in DNS." resultdescription="The host name resolved successfully." additionaldetails="IP addresses returned: 192.0.48.32" elapsedMilliseconds="267">
<children />
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing TCP port 443 on host ubifcu.com to ensure it's listening and open." resultdescription="The port was opened successfully." additionaldetails="" elapsedMilliseconds="245">
<children />
</testresult>
<testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing the SSL certificate to make sure it's valid." resultdescription="The SSL certificate failed one or more certificate validation checks." additionaldetails="" elapsedMilliseconds="263">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server ubifcu.com on port 443." resultdescription="The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate." additionaldetails="Remote Certificate Subject: CN=www.ubifcu.com, OU=Terms of use at www.verisign.com/rpa (c)05, OU=Technology, O=United Business & Industry Federal Credit Union, L=Plainville, S=Connecticut, C=US, Issuer: CN=VeriSign Class 3 Secure Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US." elapsedMilliseconds="190">
<children />
</testresult>
<testresult status="Error" errorid="8b21fbb8-b54d-4483-92d0-f0f03112a019" contentUrl="http://go.microsoft.com/?linkid=9843845" testdescription="Validating the certificate name." resultdescription="Certificate name validation failed." additionaldetails="Host name ubifcu.com doesn't match any name found on the server certificate CN=www.ubifcu.com, OU=Terms of use at www.verisign.com/rpa (c)05, OU=Technology, O=United Business & Industry Federal Credit Union, L=Plainville, S=Connecticut, C=US." elapsedMilliseconds="1">
<children />
</testresult>
</children>
</testresult>
</children>
</testresult>
<testresult status="FatalError" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to test potential Autodiscover URL https://autodiscover.ubifcu.com:443/Autodiscover/Autodiscover.xml" resultdescription="Testing of this potential Autodiscover URL failed." additionaldetails="" elapsedMilliseconds="2051">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Attempting to resolve the host name autodiscover.ubifcu.com in DNS." resultdescription="The host name resolved successfully." additionaldetails="IP addresses returned: 70.89.4.44" elapsedMilliseconds="252">
<children />
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing TCP port 443 on host autodiscover.ubifcu.com to ensure it's listening and open." resultdescription="The port was opened successfully." additionaldetails="" elapsedMilliseconds="264">
<children />
</testresult>
<testresult status="SuccessWithWarnings" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing the SSL certificate to make sure it's valid." resultdescription="The certificate passed all validation requirements." additionaldetails="" elapsedMilliseconds="406">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.ubifcu.com on port 443." resultdescription="The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate." additionaldetails="Remote Certificate Subject: CN=mail.ubifcu.com, OU=Information Technology, O=United Business & Industry Federal Credit Union, L=Plainville, S=Connecticut, C=US, Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US." elapsedMilliseconds="339">
<children />
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Validating the certificate name." resultdescription="The certificate name was validated successfully." additionaldetails="Host name autodiscover.ubifcu.com was found in the Certificate Subject Alternative Name entry." elapsedMilliseconds="1">
<children />
</testresult>
<testresult status="SuccessWithWarnings" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Certificate trust is being validated." resultdescription="The certificate is trusted and all certificates are present in the chain." additionaldetails="">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.ubifcu.com, OU=Information Technology, O=United Business & Industry Federal Credit Union, L=Plainville, S=Connecticut, C=US." resultdescription="One or more certificate chains were constructed successfully." additionaldetails="A total of 1 chains were built. The highest quality chain ends in root certificate CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US." elapsedMilliseconds="28">
<children />
</testresult>
<testresult status="Warning" errorid="1339c33a-8f21-427b-a323-4cee1a13f517" contentUrl="" testdescription="Analyzing the certificate chains for compatibility problems with versions of Windows." resultdescription="Potential compatibility problems were identified with some versions of Windows." additionaldetails="The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled." elapsedMilliseconds="4">
<children />
</testresult>
</children>
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing the certificate date to confirm the certificate is valid." resultdescription="Date validation passed. The certificate hasn't expired." additionaldetails="The certificate is valid. NotBefore = 3/25/2015 12:00:00 AM, NotAfter = 5/31/2018 12:00:00 PM" elapsedMilliseconds="0">
<children />
</testresult>
</children>
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Checking the IIS configuration for client certificate authentication." resultdescription="Client certificate authentication wasn't detected." additionaldetails="Accept/Require Client Certificates isn't configured." elapsedMilliseconds="442">
<children />
</testresult>
<testresult status="FatalError" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to send an Autodiscover POST request to potential Autodiscover URLs." resultdescription="Autodiscover settings weren't obtained when the Autodiscover POST request was sent." additionaldetails="" elapsedMilliseconds="686">
<children>
<testresult status="FatalError" errorid="6c458392-3a8c-4bc2-942e-7ab533744106" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.ubifcu.com:443/Autodiscover/Autodiscover.xml for user s.phillips@ubifcu.com." resultdescription="The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response." additionaldetails="An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name (UPN).
HTTP Response Headers:
request-id: 7e60ad4c-91d1-408c-9612-3d2460d24cf1
Set-Cookie: ClientId=JHBGUEWUFXHTKIFBOLQ; expires=Tue, 29-Mar-2016 14:39:50 GMT; path=/; HttpOnly
Server: Microsoft-IIS/8.0
WWW-Authenticate: Negotiate,NTLM,Basic realm="autodiscover.ubifcu.com"
X-Powered-By: ASP.NET
X-FEServer: PLV-SERVICES
Date: Mon, 30 Mar 2015 14:39:49 GMT
Content-Length: 0
" elapsedMilliseconds="685">
<children />
</testresult>
</children>
</testresult>
</children>
</testresult>
<testresult status="Warning" errorid="c0f75b77-072c-48d5-ab17-eebc99a4b3d9" contentUrl="http://go.microsoft.com/?linkid=9843786" testdescription="Checking if there is an autodiscover CNAME record in DNS for your domain 'ubifcu.com' for Office 365." resultdescription="Failed to validate autodiscover CNAME record in DNS. If your mailbox isn't in Office 365, you can ignore this warning." additionaldetails="There is no Autodiscover CNAME record for your domain 'ubifcu.com'." elapsedMilliseconds="106">
<children />
</testresult>
</children>
</testresult>
</children>
</testresult>Here's Outlook Connectivity RCA test:
<?xml version="1.0" encoding="utf-8"?>
<testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing Outlook connectivity." resultdescription="The Outlook connectivity test failed." additionaldetails="" elapsedMilliseconds="2524">
<children>
<testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing RPC over HTTP connectivity to server mail.ubifcu.com" resultdescription="RPC over HTTP connectivity failed." additionaldetails="HTTP Response Headers:
request-id: 79eb6ee5-a66f-4aea-a355-4af3caaa5fda
Set-Cookie: ClientId=VZCMFXEEEECIBK9VHQ; expires=Tue, 29-Mar-2016 14:43:08 GMT; path=/; HttpOnly
Server: Microsoft-IIS/8.0
WWW-Authenticate: Negotiate,NTLM,Basic realm="mail.ubifcu.com"
X-Powered-By: ASP.NET
X-FEServer: PLV-SERVICES
Date: Mon, 30 Mar 2015 14:43:07 GMT
Content-Length: 0
" elapsedMilliseconds="2524">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Attempting to resolve the host name mail.ubifcu.com in DNS." resultdescription="The host name resolved successfully." additionaldetails="IP addresses returned: 70.89.4.44" elapsedMilliseconds="354">
<children />
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing TCP port 443 on host mail.ubifcu.com to ensure it's listening and open." resultdescription="The port was opened successfully." additionaldetails="" elapsedMilliseconds="236">
<children />
</testresult>
<testresult status="SuccessWithWarnings" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing the SSL certificate to make sure it's valid." resultdescription="The certificate passed all validation requirements." additionaldetails="" elapsedMilliseconds="417">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.ubifcu.com on port 443." resultdescription="The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate." additionaldetails="Remote Certificate Subject: CN=mail.ubifcu.com, OU=Information Technology, O=United Business & Industry Federal Credit Union, L=Plainville, S=Connecticut, C=US, Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US." elapsedMilliseconds="344">
<children />
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Validating the certificate name." resultdescription="The certificate name was validated successfully." additionaldetails="Host name mail.ubifcu.com was found in the Certificate Subject Common name." elapsedMilliseconds="0">
<children />
</testresult>
<testresult status="SuccessWithWarnings" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Certificate trust is being validated." resultdescription="The certificate is trusted and all certificates are present in the chain." additionaldetails="">
<children>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.ubifcu.com, OU=Information Technology, O=United Business & Industry Federal Credit Union, L=Plainville, S=Connecticut, C=US." resultdescription="One or more certificate chains were constructed successfully." additionaldetails="A total of 1 chains were built. The highest quality chain ends in root certificate CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US." elapsedMilliseconds="29">
<children />
</testresult>
<testresult status="Warning" errorid="1339c33a-8f21-427b-a323-4cee1a13f517" contentUrl="" testdescription="Analyzing the certificate chains for compatibility problems with versions of Windows." resultdescription="Potential compatibility problems were identified with some versions of Windows." additionaldetails="The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled." elapsedMilliseconds="5">
<children />
</testresult>
</children>
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing the certificate date to confirm the certificate is valid." resultdescription="Date validation passed. The certificate hasn't expired." additionaldetails="The certificate is valid. NotBefore = 3/25/2015 12:00:00 AM, NotAfter = 5/31/2018 12:00:00 PM" elapsedMilliseconds="0">
<children />
</testresult>
</children>
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Checking the IIS configuration for client certificate authentication." resultdescription="Client certificate authentication wasn't detected." additionaldetails="Accept/Require Client Certificates isn't configured." elapsedMilliseconds="448">
<children />
</testresult>
<testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing HTTP Authentication Methods for URL https://mail.ubifcu.com/rpc/rpcproxy.dll?mail.ubifcu.com:6002." resultdescription="The HTTP authentication methods are correct." additionaldetails="The Microsoft Connectivity Analyzer found all expected authentication methods and no disallowed methods. Methods found: Basic, Negotiate, NTLM
HTTP Response Headers:
request-id: 79eb6ee5-a66f-4aea-a355-4af3caaa5fda
Set-Cookie: ClientId=VZCMFXEEEECIBK9VHQ; expires=Tue, 29-Mar-2016 14:43:08 GMT; path=/; HttpOnly
Server: Microsoft-IIS/8.0
WWW-Authenticate: Negotiate,NTLM,Basic realm="mail.ubifcu.com"
X-Powered-By: ASP.NET
X-FEServer: PLV-SERVICES
Date: Mon, 30 Mar 2015 14:43:07 GMT
Content-Length: 0
" elapsedMilliseconds="574">
<children />
</testresult>
<testresult status="Error" errorid="cfcd56a0-9f4a-4ccf-9754-0a2683cc1f1b" contentUrl="" testdescription="Attempting to ping RPC proxy mail.ubifcu.com." resultdescription="RPC Proxy can't be pinged." additionaldetails="An unexpected network-level exception was encountered. Exception details:
Message: The remote server returned an error: (401) Unauthorized.
Type: Microsoft.Exchange.Tools.ExRca.Extensions.MapiTransportException
Stack trace:
 at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
 at Microsoft.Exchange.Tools.ExRca.Tests.MapiPingProxyTest.PerformTestReally()
Exception details:
Message: The remote server returned an error: (401) Unauthorized.
Type: System.Net.WebException
Stack trace:
 at System.Net.HttpWebRequest.GetResponse()
 at RpcPingLib.RpcPing.PingProxy(String internalServerFqdn, String endpoint)
 at Microsoft.Exchange.Tools.ExRca.Extensions.MapiRpcTestClient.PingProtocolProxy(String endpointIdentifier)
" elapsedMilliseconds="492">
<children />
</testresult>
</children>
</testresult>
</children>
</testresult>ASKER
I"m not sure of the validity of the testconnectivity.microsoft
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi UBIFCU.. glad you got this sorted.
Regards
Guy
Regards
Guy
ASKER
I figured this out on my own!
That's nice - give yourself a pat on the back...
Could you provide the result of an Outlook autoconfig test please?