Autodiscover issues
Dear Experts,
We have created a multitenant exchange environment.
And with the new Office 2016 version it is important that the autodiscover funtion works property.
So what i did so far is the following
- I have bought a wildcard Certificate *.
- Created another external IP and forwarded port 80 to my exchange server.
- add a additional internal IP adres tot the exchange server
- I have created a a record on my exchange domains autodiscoverredirect.domai
- I have created a CNAME in the customers domain autodiscover.customer.nl to autodiscoverredirect.domai
- have created a page in IIS on the exchange server named Autodiscoverredirect. with in it a HTTP redirect to the orginal OWA. https://exchange.domain.nl/Autodiscover/autodiscover.xml
- Also set the binding to the newly created internal additional adres port 80.
- For testing purposes i have edited my own registry and removed all resolving methods except the HTTP redirection option.
I can not fix this. the autodiscover in outlook 2016 is not working.
I am missing something.
See my exchange connectivity test below
We have created a multitenant exchange environment.
And with the new Office 2016 version it is important that the autodiscover funtion works property.
So what i did so far is the following
- I have bought a wildcard Certificate *.
- Created another external IP and forwarded port 80 to my exchange server.
- add a additional internal IP adres tot the exchange server
- I have created a a record on my exchange domains autodiscoverredirect.domai
- I have created a CNAME in the customers domain autodiscover.customer.nl to autodiscoverredirect.domai
- have created a page in IIS on the exchange server named Autodiscoverredirect. with in it a HTTP redirect to the orginal OWA. https://exchange.domain.nl/Autodiscover/autodiscover.xml
- Also set the binding to the newly created internal additional adres port 80.
- For testing purposes i have edited my own registry and removed all resolving methods except the HTTP redirection option.
the Microsoft Connectivity Analyzer checks the host on autodiscover.domain.com for a HTTP-redirecion on autodiscover-service.
The Microsoft Connectivity Analyzer could not retreive a HTTP-redirection awnser for http autodiscover
details
The awnser HTTP 403 forbidden was recieved. The awnser is comes from Unknown. index of awnser:
HTTP-awnserheaders:
X-FEServer: XXX-XXX-001https://secure.experts-exchange.com/askQuestion.jsp?taid=5480#
Content-Length: 0
Date: Wed, 28 Oct 2015 10:39:59 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NETI can not fix this. the autodiscover in outlook 2016 is not working.
I am missing something.
See my exchange connectivity test below
You probably also need to redirect https on port 443 as well as http on port 80
There may be other issues.
There may be other issues.
Hello,
If you open a browser and go to http://autodiscover.customer.nl/autodiscover/autodiscover.xml, do you get redirected to https://autodiscover.exchangedomain.nl/autodiscover/autodiscover.xml?
-JJ
If you open a browser and go to http://autodiscover.customer.nl/autodiscover/autodiscover.xml, do you get redirected to https://autodiscover.exchangedomain.nl/autodiscover/autodiscover.xml?
-JJ
ASKER
@ jamie. not anymore. it worked at first. but i cannot find out why it worked..
So, what happens? Do you get an error?
ASKER
XML-parseerror: no element found
location: http://autodiscover.customer.com/autodiscover/autodiscover.xml
rulenumber1, column1:
location: http://autodiscover.customer.com/autodiscover/autodiscover.xml
rulenumber1, column1:
What about if you go directly to http://autodiscoverredirect.domain.nl/autodiscover/autodiscover.xml
-JJ
-JJ
Hello
if you go to https://exchange.domain.nl/Autodiscover/autodiscover.xml from client site what is happening?
Normally you should have:
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
- <Response>
- <Error Time="16:41:03.5734636" Id="2499570211">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
Dan
if you go to https://exchange.domain.nl/Autodiscover/autodiscover.xml from client site what is happening?
Normally you should have:
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
- <Response>
- <Error Time="16:41:03.5734636" Id="2499570211">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
Dan
ASKER
Dear, Dan,
That is true i get
<Autodiscover><Response><E
That is true i get
<Autodiscover><Response><E
ASKER
Dear Jamie,
I get
XML-parsefout: geen element gevonden
Locatie: http://autodiscoverredirect.Domain.nl/autodiscover/autodiscover.xml
Regelnummer 1, kolom 1:
I get
XML-parsefout: geen element gevonden
Locatie: http://autodiscoverredirect.Domain.nl/autodiscover/autodiscover.xml
Regelnummer 1, kolom 1:
ASKER
mmm everything works now. in the http redirect settings i have entered the complete url. https://autodiscover.domain.nl/autodiscover/autodiscover.xml. with the connectivity analyser i Checked it automatically configures /autodiscover/autodiscover
So i reconfigured the url to onloy https://autodiscover.domain.nl and it worked! the only thing is that outlook still comes up with an ssl security alert, because autodiscover.customerdomai
Is there a way to bypass this setting?
So i reconfigured the url to onloy https://autodiscover.domain.nl and it worked! the only thing is that outlook still comes up with an ssl security alert, because autodiscover.customerdomai
Is there a way to bypass this setting?
ASKER
It also takes up to 5 minutes when the account resolves. is there any way we can improve this?
Get a certificate with the right name :(
Autodiscover tries several methods in a fixed order, so if you method is the last on the list then it will be slow. It will also be slow depending on the configuration of the Exchange and network service the information.
This link for developer will help you understand how it works
https://msdn.microsoft.com/en-us/library/office/jj900169(v=exchg.150).aspx
Here's another article about when the certificate does not match:
https://dirteam.com/dave/2014/08/13/optimizing-the-autodiscover-process-by-skipping-the-root-domain-query/
Autodiscover tries several methods in a fixed order, so if you method is the last on the list then it will be slow. It will also be slow depending on the configuration of the Exchange and network service the information.
This link for developer will help you understand how it works
https://msdn.microsoft.com/en-us/library/office/jj900169(v=exchg.150).aspx
Here's another article about when the certificate does not match:
https://dirteam.com/dave/2014/08/13/optimizing-the-autodiscover-process-by-skipping-the-root-domain-query/
ASKER
Its a multitenant environment. so the ssl never matches with the original. :).
Any suggestions beside that
Any suggestions beside that
You shouldn't be getting a cert error on autodiscover.customerdomai
-JJ
-JJ
ASKER
@ jamie, these are my redirect settings
These are my redirect binding settings
these are my bindings on the default website
These are my local ip settings on the exchange server
These are my firewall rules for the secondary ip adres fo autodiscover. i have forwarded 443 and 80.
On the DNS siste of the customer i have created a cname from autodiscover.customer.com to autodiscoverredirect.domai
on our own DNS i have created 2 a records. 1 for autodiscoverredirect and 1 for the normal autodiscover
These are my redirect binding settings
these are my bindings on the default website
These are my local ip settings on the exchange server
These are my firewall rules for the secondary ip adres fo autodiscover. i have forwarded 443 and 80.
On the DNS siste of the customer i have created a cname from autodiscover.customer.com to autodiscoverredirect.domai
on our own DNS i have created 2 a records. 1 for autodiscoverredirect and 1 for the normal autodiscover
ASKER
Any ideas? experts?
On your default site, remove the binding for 443 that maps to * for IP Address.
-JJ
-JJ
ASKER
Done,
the microsoft connectivity analyser tries to obtain a SSL certificate from the external server autodiscover.domain.nl on port 443.
the microsoft connectivity analyser cannot gain a SSL certificate.
The certificate cannot be validated because the SSL negotiation was not succesvol. Perhaps because of a network error or the certificate installation.
??? no idea
the microsoft connectivity analyser tries to obtain a SSL certificate from the external server autodiscover.domain.nl on port 443.
the microsoft connectivity analyser cannot gain a SSL certificate.
The certificate cannot be validated because the SSL negotiation was not succesvol. Perhaps because of a network error or the certificate installation.
??? no idea
ASKER
Oke found it out. i forgot to add the original exchange.domain.nl internal ip binding.
ASKER
Well after i created another binding autodiscover.domain.nl to internal 443. it seems to work.
Still the resolving on the outlook clients take up to 5 minutes to configure itself.
It first goes throught all the steps 443 local etc etc. any ideas besides the known registry edits. to increase the performance?
Still the resolving on the outlook clients take up to 5 minutes to configure itself.
It first goes throught all the steps 443 local etc etc. any ideas besides the known registry edits. to increase the performance?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
it is working bot very slow!
Hi there, was just having an issue with autodiscover from the internet taking a long time to process and I did the following to optimize it. On client machine (Office 2016) used regedit to go to HKEY_CURRENT_USER\Software
In fact you just redirect the name and http traffic, but you must be sure that your autodiscover.xml file is visible from customer.nl location.
Presuming that your autodiscover.xml is visible from customer location, a much abordable maner is to set autodiscover.customer.nl to autodiscover.domain.nl.
Dan