Solved

Outlook Autodiscover Failing for Single User

Posted on 2016-07-22
4
70 Views
Last Modified: 2016-08-16
Outlook Autodisover is failing for a single user in our domain, Outlook won't resolve the server to connect.

If I run the following powershell command here is what I get:

Test-OutlookWebServices -Identity User@domain.com -MailboxCredential (get-credential)

Source                              ServiceEndpoint                    Scenario                                             Result  Latency
                                                                                                                                                                        (MS)
------                                    ---------------                              --------                                                  ------         -------
SRVEX13.domain.com    autodiscover.domain.com       Autodiscover: Outlook Provider    Failure     159
SRVEX13.domain.com                                                          Exchange Web Services                  Skipped       0
SRVEX13.domain.com                                                          Availability Service                           Skipped       0
SRVEX13.domain.com                                                          Offline Address Book                      Skipped       0

If I run it against other users, I get success across the board.

Full Error is here:
RunspaceId          : 2661e5f6-6ad2-4204-bd5a-4dd5ce92a4c5
Source              : SRVEX13.domain.com
ServiceEndpoint     : autodiscover.domain.com
Scenario            : AutoDiscoverOutlookProvider
ScenarioDescription : Autodiscover: Outlook Provider
Result              : Failure
Latency             : 114
Error               : Microsoft.Exchange.Management.Tasks.ServiceValidatorException: The Autodiscover response did not return a URL for Exchange Web Services. Response details:
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=ORG/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
Verbose             : [2016-07-22 16:14:57Z] Autodiscover connecting to 'https://autodiscover.domain.com/Autodiscover/Autodiscover.xml'.
                      [2016-07-22 16:14:57Z] Test account: User@domain.com Password: ******
                      [2016-07-22 16:14:57Z] Autodiscover request:
                      User-Agent: SRVEX13/Test-OutlookWebServices/User@domain.com
                      Content-Type: text/xml; charset=utf-8
                      Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJQAAAA+AT4BrAAAAAAAAABYAAAAKgAqAFgAAAASABIAggAAABAAEADqAQAAFYKI4gYDgCUAAAAPHCzAzgFNsPUMWilan2gG2mEAZABtAF8AZABkAGUAbABvAHI
                      AZQB5AEAAbgB0AHAAYwAuAGMAbwBtAEgAUgBTAFIAVgBFAFgAMQAzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwAcJiiv4JhVUPJrnLNcKkBAQAAAAAAAPTsVjA05NEBlZt9i/roCPkAAAAAAgAIAE4AVABQAEMAAQASAFk
                      ASwBTAFIAVgBFAFgAMQAzAAQAEABuAHQAcABjAC4AYwBvAG0AAwAkAFkASwBTAFIAVgBFAFgAMQAzAC4AbgB0AHAAYwAuAGMAbwBtAAUAEABuAHQAcABjAC4AYwBvAG0ABwAIAPTsVjA05NEBBgAEAAIAAAAIADAAMAAAAAA
                      AAAAAAAAAAEAAADCjn39tC5WkvkL6GYaipL/gLodxt8yUENMy6UDEJU3DCgAQAAAAAAAAAAAAAAAAAAAAAAAJADQASABUAFQAUAAvAGEAdQB0AG8AZABpAHMAYwBvAHYAZQByAC4AbgB0AHAAYwAuAGMAbwBtAAAAAAAAAAA
                      AAAAAAEvYKBfS/OoFxZk76p75lRk=
                      Host: autodiscover.domain.com
                      Cookie: ClientId=E43B873C7C624E1F958835195A00BC5B
                      Content-Length: 453
                      Expect: 100-continue
                      [2016-07-22 16:14:57Z] Autodiscover request:
                      <?xml version="1.0"?>
                      <Autodiscover xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                      xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006">
                        <Request>
                          <EMailAddress>User@domain.com</EMailAddress>
                          <AcceptableResponseSchema>http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a</AcceptableResponseSchema>
                        </Request>
                      </Autodiscover>
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      request-id: 3a68e909-f467-495a-a72d-7729b6465b40
                      X-CalculatedBETarget: srvex13.domain.com
                      X-DiagInfo: SRVEX13
                      X-BEServer: SRVEX13
                      Persistent-Auth: true
                      X-FEServer: SRVEX13
                      Content-Length: 1060
                      Cache-Control: private
                      Content-Type: text/xml; charset=utf-8
                      Date: Fri, 22 Jul 2016 16:14:57 GMT
                      Set-Cookie: X-BackEndCookie=S-1-5-21-2660971776-2703906875-1903747800-6170=u56Lnp2ejJqBmZ7NxpqdzMjSnJnMy9LLnsvG0sbNz5vSzcfOy5vIy8adypzKgYHNz87J0s/H0s3Oq87Jxc7LxcrI;
                      expires=Sun, 21-Aug-2016 16:14:57 GMT; path=/Autodiscover; secure; HttpOnly
                      Server: Microsoft-IIS/8.5
                      X-AspNet-Version: 4.0.30319
                      X-Powered-By: ASP.NET
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      <?xml version="1.0" encoding="utf-8"?>
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=Org/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
                      [2016-07-22 16:14:57Z] Autodiscover response:
                      Microsoft.Exchange.Management.Tasks.ServiceValidatorException: The Autodiscover response did not return a URL for Exchange Web Services. Response details:
                      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
                        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
                          <User>
                            <DisplayName>User</DisplayName>
                            <LegacyDN>/o=Org/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=User</LegacyDN>
                            <AutoDiscoverSMTPAddress>User@domain.com</AutoDiscoverSMTPAddress>
                            <DeploymentId>e3c75af6-a0b6-422c-aa21-c807481eb678</DeploymentId>
                          </User>
                          <Account>
                            <AccountType>email</AccountType>
                            <Action>settings</Action>
                            <MicrosoftOnline>False</MicrosoftOnline>
                            <Protocol>
                              <Type>WEB</Type>
                              <Internal>
                                <OWAUrl AuthenticationMethod="Basic, Fba">https://mail.domain.com/owa/</OWAUrl>
                              </Internal>
                              <External>
                                <OWAUrl AuthenticationMethod="Fba">https://mail.domain.com/owa/</OWAUrl>
                              </External>
                            </Protocol>
                          </Account>
                        </Response>
                      </Autodiscover>
MonitoringEventId   : 6001

Things I've tried so far:
Disabling the Mailbox and reconnecting to user account to recreate all exchange user properties
Clearing the msExchDelegateListBL attribute.  It was clear I added a delegate mailbox and then removed it to test as well.
Ensure the LegacyExchangeDN was pointing to right place.

I'm out of options, any suggestions?
0
Comment
Question by:itnt
  • 3
4 Comments
 
LVL 38

Expert Comment

by:Adam Brown
ID: 41725081
Make sure the user object is configured to Inherit permissions. This is done by enabled advanced view in ADUC, then going to the security tab on the object. Advanced security window will let you determine if inheritance is enabled. If it isn't, then the Exchange servers will have difficulty reading the exchange properties needed to determine the right mailbox server to use for his account. I would look at that first, since it is a very common issue. Let us know the result.
0
 

Author Comment

by:itnt
ID: 41725085
Inheritance is indeed enabled and I can see the various Exchange permissions applied to user object.

A couple of other thoughts I should have included.

- User can access mailbox through OWA no problem, just not Outlook
- This is a returning user who was reenabled.  Exchange migration from 2007 to 2013 took place while user was away - though the LegacyExchangeDN and msExchHomeServerName are correctly listed.
0
 

Accepted Solution

by:
itnt earned 0 total points
ID: 41752513
I've figured out the issue, it was due to entries in the users 'protocolSettings' attribute in their Active Directory Properties.  The user had entries for MAPI, HTTPS, OWA, POP3, IMAP, etc.  I cleared the entries out and made them similar to other standard users and connectivity was restored.

I assume this was done when we were still on 2007 and user was terminated.

https://blogs.technet.microsoft.com/exchange/2005/07/27/enabling-and-disabling-mapi-andor-non-cached-access-per-user-in-exchange-2003-sp2/

http://www.msexchange.org/articles-tutorials/exchange-server-2003/management-administration/New-MAPI-Access-feature-Exchange-Server-2003-Service-Pack2.html
0
 

Author Closing Comment

by:itnt
ID: 41757586
I discovered the solution on my own through troubleshooting.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Are you unable to connect or configure Hotmail email account in Microsoft Outlook 2010, 2007? Or Outlook.com emails are not downloading to Outlook? Lets’ see the problem and resolve Outlook Connector error syncing folder hierarchy (0x8004102A).
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video discusses moving either the default database or any database to a new volume.

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now