Solved

Outlook Autodiscover Failing for Single User

Posted on 2016-07-22
4
175 Views
Last Modified: 2016-08-16
Outlook Autodisover is failing for a single user in our domain, Outlook won't resolve the server to connect.

If I run the following powershell command here is what I get:

Test-OutlookWebServices -Identity User@domain.com -MailboxCredential (get-credential)

Source                              ServiceEndpoint                    Scenario                                             Result  Latency
                                                                                                                                                                        (MS)
------                                    ---------------                              --------                                                  ------         -------
SRVEX13.domain.com    autodiscover.domain.com       Autodiscover: Outlook Provider    Failure     159
SRVEX13.domain.com                                                          Exchange Web Services                  Skipped       0
SRVEX13.domain.com                                                          Availability Service                           Skipped       0
SRVEX13.domain.com                                                          Offline Address Book                      Skipped       0

If I run it against other users, I get success across the board.

Full Error is here:
RunspaceId          : 2661e5f6-6ad2-4204-bd5a-4dd5ce92a4c5
Source              : SRVEX13.domain.com
ServiceEndpoint     : autodiscover.domain.com
Scenario            : AutoDiscoverOutlookProvider
ScenarioDescription : Autodiscover: Outlook Provider
Result              : Failure
Latency             : 114
Error               : Microsoft.Exchange.Management.Tasks.ServiceValidatorException: The Autodiscover response did not return a URL for Exchange Web Services. Response details:
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=ORG/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
Verbose             : [2016-07-22 16:14:57Z] Autodiscover connecting to 'https://autodiscover.domain.com/Autodiscover/Autodiscover.xml'.
                      [2016-07-22 16:14:57Z] Test account: User@domain.com Password: ******
                      [2016-07-22 16:14:57Z] Autodiscover request:
                      User-Agent: SRVEX13/Test-OutlookWebServices/User@domain.com
                      Content-Type: text/xml; charset=utf-8
                      Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJQAAAA+AT4BrAAAAAAAAABYAAAAKgAqAFgAAAASABIAggAAABAAEADqAQAAFYKI4gYDgCUAAAAPHCzAzgFNsPUMWilan2gG2mEAZABtAF8AZABkAGUAbABvAHI
                      AZQB5AEAAbgB0AHAAYwAuAGMAbwBtAEgAUgBTAFIAVgBFAFgAMQAzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwAcJiiv4JhVUPJrnLNcKkBAQAAAAAAAPTsVjA05NEBlZt9i/roCPkAAAAAAgAIAE4AVABQAEMAAQASAFk
                      ASwBTAFIAVgBFAFgAMQAzAAQAEABuAHQAcABjAC4AYwBvAG0AAwAkAFkASwBTAFIAVgBFAFgAMQAzAC4AbgB0AHAAYwAuAGMAbwBtAAUAEABuAHQAcABjAC4AYwBvAG0ABwAIAPTsVjA05NEBBgAEAAIAAAAIADAAMAAAAAA
                      AAAAAAAAAAEAAADCjn39tC5WkvkL6GYaipL/gLodxt8yUENMy6UDEJU3DCgAQAAAAAAAAAAAAAAAAAAAAAAAJADQASABUAFQAUAAvAGEAdQB0AG8AZABpAHMAYwBvAHYAZQByAC4AbgB0AHAAYwAuAGMAbwBtAAAAAAAAAAA
                      AAAAAAEvYKBfS/OoFxZk76p75lRk=
                      Host: autodiscover.domain.com
                      Cookie: ClientId=E43B873C7C624E1F958835195A00BC5B
                      Content-Length: 453
                      Expect: 100-continue
                      [2016-07-22 16:14:57Z] Autodiscover request:
                      <?xml version="1.0"?>
                      <Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                      xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006">
                        <Request>
                          <EMailAddress>User@domain.com</EMailAddress>
                          <AcceptableResponseSchema>http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a</AcceptableResponseSchema>
                        </Request>
                      </Autodiscover>
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      request-id: 3a68e909-f467-495a-a72d-7729b6465b40
                      X-CalculatedBETarget: srvex13.domain.com
                      X-DiagInfo: SRVEX13
                      X-BEServer: SRVEX13
                      Persistent-Auth: true
                      X-FEServer: SRVEX13
                      Content-Length: 1060
                      Cache-Control: private
                      Content-Type: text/xml; charset=utf-8
                      Date: Fri, 22 Jul 2016 16:14:57 GMT
                      Set-Cookie: X-BackEndCookie=S-1-5-21-2660971776-2703906875-1903747800-6170=u56Lnp2ejJqBmZ7NxpqdzMjSnJnMy9LLnsvG0sbNz5vSzcfOy5vIy8adypzKgYHNz87J0s/H0s3Oq87Jxc7LxcrI;
                      expires=Sun, 21-Aug-2016 16:14:57 GMT; path=/Autodiscover; secure; HttpOnly
                      Server: Microsoft-IIS/8.5
                      X-AspNet-Version: 4.0.30319
                      X-Powered-By: ASP.NET
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      <?xml version="1.0" encoding="utf-8"?>
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=Org/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      Microsoft.Exchange.Management.Tasks.ServiceValidatorException: The Autodiscover response did not return a URL for Exchange Web Services. Response details:
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=Org/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
MonitoringEventId   : 6001

Things I've tried so far:
Disabling the Mailbox and reconnecting to user account to recreate all exchange user properties
Clearing the msExchDelegateListBL attribute.  It was clear I added a delegate mailbox and then removed it to test as well.
Ensure the LegacyExchangeDN was pointing to right place.

I'm out of options, any suggestions?
0
Comment
Question by:D'arcy Delorey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 40

Expert Comment

by:Adam Brown
ID: 41725081
Make sure the user object is configured to Inherit permissions. This is done by enabled advanced view in ADUC, then going to the security tab on the object. Advanced security window will let you determine if inheritance is enabled. If it isn't, then the Exchange servers will have difficulty reading the exchange properties needed to determine the right mailbox server to use for his account. I would look at that first, since it is a very common issue. Let us know the result.
0
 

Author Comment

by:D'arcy Delorey
ID: 41725085
Inheritance is indeed enabled and I can see the various Exchange permissions applied to user object.

A couple of other thoughts I should have included.

- User can access mailbox through OWA no problem, just not Outlook
- This is a returning user who was reenabled.  Exchange migration from 2007 to 2013 took place while user was away - though the LegacyExchangeDN and msExchHomeServerName are correctly listed.
0
 

Accepted Solution

by:
D'arcy Delorey earned 0 total points
ID: 41752513
I've figured out the issue, it was due to entries in the users 'protocolSettings' attribute in their Active Directory Properties.  The user had entries for MAPI, HTTPS, OWA, POP3, IMAP, etc.  I cleared the entries out and made them similar to other standard users and connectivity was restored.

I assume this was done when we were still on 2007 and user was terminated.

https://blogs.technet.microsoft.com/exchange/2005/07/27/enabling-and-disabling-mapi-andor-non-cached-access-per-user-in-exchange-2003-sp2/

http://www.msexchange.org/articles-tutorials/exchange-server-2003/management-administration/New-MAPI-Access-feature-Exchange-Server-2003-Service-Pack2.html
0
 

Author Closing Comment

by:D'arcy Delorey
ID: 41757586
I discovered the solution on my own through troubleshooting.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question