Solved

Outlook Autodiscover Failing for Single User

Posted on 2016-07-22
4
123 Views
Last Modified: 2016-08-16
Outlook Autodisover is failing for a single user in our domain, Outlook won't resolve the server to connect.

If I run the following powershell command here is what I get:

Test-OutlookWebServices -Identity User@domain.com -MailboxCredential (get-credential)

Source                              ServiceEndpoint                    Scenario                                             Result  Latency
                                                                                                                                                                        (MS)
------                                    ---------------                              --------                                                  ------         -------
SRVEX13.domain.com    autodiscover.domain.com       Autodiscover: Outlook Provider    Failure     159
SRVEX13.domain.com                                                          Exchange Web Services                  Skipped       0
SRVEX13.domain.com                                                          Availability Service                           Skipped       0
SRVEX13.domain.com                                                          Offline Address Book                      Skipped       0

If I run it against other users, I get success across the board.

Full Error is here:
RunspaceId          : 2661e5f6-6ad2-4204-bd5a-4dd5ce92a4c5
Source              : SRVEX13.domain.com
ServiceEndpoint     : autodiscover.domain.com
Scenario            : AutoDiscoverOutlookProvider
ScenarioDescription : Autodiscover: Outlook Provider
Result              : Failure
Latency             : 114
Error               : Microsoft.Exchange.Management.Tasks.ServiceValidatorException: The Autodiscover response did not return a URL for Exchange Web Services. Response details:
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=ORG/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
Verbose             : [2016-07-22 16:14:57Z] Autodiscover connecting to 'https://autodiscover.domain.com/Autodiscover/Autodiscover.xml'.
                      [2016-07-22 16:14:57Z] Test account: User@domain.com Password: ******
                      [2016-07-22 16:14:57Z] Autodiscover request:
                      User-Agent: SRVEX13/Test-OutlookWebServices/User@domain.com
                      Content-Type: text/xml; charset=utf-8
                      Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJQAAAA+AT4BrAAAAAAAAABYAAAAKgAqAFgAAAASABIAggAAABAAEADqAQAAFYKI4gYDgCUAAAAPHCzAzgFNsPUMWilan2gG2mEAZABtAF8AZABkAGUAbABvAHI
                      AZQB5AEAAbgB0AHAAYwAuAGMAbwBtAEgAUgBTAFIAVgBFAFgAMQAzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwAcJiiv4JhVUPJrnLNcKkBAQAAAAAAAPTsVjA05NEBlZt9i/roCPkAAAAAAgAIAE4AVABQAEMAAQASAFk
                      ASwBTAFIAVgBFAFgAMQAzAAQAEABuAHQAcABjAC4AYwBvAG0AAwAkAFkASwBTAFIAVgBFAFgAMQAzAC4AbgB0AHAAYwAuAGMAbwBtAAUAEABuAHQAcABjAC4AYwBvAG0ABwAIAPTsVjA05NEBBgAEAAIAAAAIADAAMAAAAAA
                      AAAAAAAAAAEAAADCjn39tC5WkvkL6GYaipL/gLodxt8yUENMy6UDEJU3DCgAQAAAAAAAAAAAAAAAAAAAAAAAJADQASABUAFQAUAAvAGEAdQB0AG8AZABpAHMAYwBvAHYAZQByAC4AbgB0AHAAYwAuAGMAbwBtAAAAAAAAAAA
                      AAAAAAEvYKBfS/OoFxZk76p75lRk=
                      Host: autodiscover.domain.com
                      Cookie: ClientId=E43B873C7C624E1F958835195A00BC5B
                      Content-Length: 453
                      Expect: 100-continue
                      [2016-07-22 16:14:57Z] Autodiscover request:
                      <?xml version="1.0"?>
                      <Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                      xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006">
                        <Request>
                          <EMailAddress>User@domain.com</EMailAddress>
                          <AcceptableResponseSchema>http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a</AcceptableResponseSchema>
                        </Request>
                      </Autodiscover>
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      request-id: 3a68e909-f467-495a-a72d-7729b6465b40
                      X-CalculatedBETarget: srvex13.domain.com
                      X-DiagInfo: SRVEX13
                      X-BEServer: SRVEX13
                      Persistent-Auth: true
                      X-FEServer: SRVEX13
                      Content-Length: 1060
                      Cache-Control: private
                      Content-Type: text/xml; charset=utf-8
                      Date: Fri, 22 Jul 2016 16:14:57 GMT
                      Set-Cookie: X-BackEndCookie=S-1-5-21-2660971776-2703906875-1903747800-6170=u56Lnp2ejJqBmZ7NxpqdzMjSnJnMy9LLnsvG0sbNz5vSzcfOy5vIy8adypzKgYHNz87J0s/H0s3Oq87Jxc7LxcrI;
                      expires=Sun, 21-Aug-2016 16:14:57 GMT; path=/Autodiscover; secure; HttpOnly
                      Server: Microsoft-IIS/8.5
                      X-AspNet-Version: 4.0.30319
                      X-Powered-By: ASP.NET
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      <?xml version="1.0" encoding="utf-8"?>
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=Org/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      Microsoft.Exchange.Management.Tasks.ServiceValidatorException: The Autodiscover response did not return a URL for Exchange Web Services. Response details:
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=Org/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
MonitoringEventId   : 6001

Things I've tried so far:
Disabling the Mailbox and reconnecting to user account to recreate all exchange user properties
Clearing the msExchDelegateListBL attribute.  It was clear I added a delegate mailbox and then removed it to test as well.
Ensure the LegacyExchangeDN was pointing to right place.

I'm out of options, any suggestions?
0
Comment
Question by:itnt
  • 3
4 Comments
 
LVL 39

Expert Comment

by:Adam Brown
ID: 41725081
Make sure the user object is configured to Inherit permissions. This is done by enabled advanced view in ADUC, then going to the security tab on the object. Advanced security window will let you determine if inheritance is enabled. If it isn't, then the Exchange servers will have difficulty reading the exchange properties needed to determine the right mailbox server to use for his account. I would look at that first, since it is a very common issue. Let us know the result.
0
 

Author Comment

by:itnt
ID: 41725085
Inheritance is indeed enabled and I can see the various Exchange permissions applied to user object.

A couple of other thoughts I should have included.

- User can access mailbox through OWA no problem, just not Outlook
- This is a returning user who was reenabled.  Exchange migration from 2007 to 2013 took place while user was away - though the LegacyExchangeDN and msExchHomeServerName are correctly listed.
0
 

Accepted Solution

by:
itnt earned 0 total points
ID: 41752513
I've figured out the issue, it was due to entries in the users 'protocolSettings' attribute in their Active Directory Properties.  The user had entries for MAPI, HTTPS, OWA, POP3, IMAP, etc.  I cleared the entries out and made them similar to other standard users and connectivity was restored.

I assume this was done when we were still on 2007 and user was terminated.

https://blogs.technet.microsoft.com/exchange/2005/07/27/enabling-and-disabling-mapi-andor-non-cached-access-per-user-in-exchange-2003-sp2/

http://www.msexchange.org/articles-tutorials/exchange-server-2003/management-administration/New-MAPI-Access-feature-Exchange-Server-2003-Service-Pack2.html
0
 

Author Closing Comment

by:itnt
ID: 41757586
I discovered the solution on my own through troubleshooting.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question