Solved

Autodiscover in Exchange 2010

Posted on 2016-07-27
12
58 Views
Last Modified: 2016-08-03
Try to setup autodiscover but it fails. When I test under a handheld, it always prompt for "Username, password or client certificate incorrect". I need to manually input the information.

I have already setup a CNAME record on the DNS and apply a wildcard certficate *.mydomain.com under GoDaddy. Are there anything that I have also overlooked ?

Thx
0
Comment
Question by:AXISHK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +2
12 Comments
 
LVL 19

Assisted Solution

by:suriyaehnop
suriyaehnop earned 83 total points
ID: 41732235
Does issue happened on Outlook client? You may try the autodiscover using below link and verify it is working or not


https://testconnectivity.microsoft.com

If not mistaken, i read somewhere a wild card certificate is not recommended in exchange 2010
0
 
LVL 16

Assisted Solution

by:Todd Nelson
Todd Nelson earned 83 total points
ID: 41732237
Have the Exchange URLs been configured properly?  Currently, your autodiscover service connection point may contain an FQDN that isn't included in your certificate.

Check the URLs using this reference ... https://oddytee.wordpress.com/2016/06/24/check-exchange-urls-via-management-shell/

The autodiscover URI should look something similar to this ... https://autodiscover.mydomain.com/autodiscover/autodiscover.xml.  If not, you may have connection issues--assuming the DNS records are configured properly.

Use this reference to configure the URI properly ... https://technet.microsoft.com/en-us/library/bb125157(v=exchg.141).aspx
0
 

Author Comment

by:AXISHK
ID: 41732263
Autodiscover pass with a warning.
AutoDiscover.png
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 46

Expert Comment

by:Jackie Man
ID: 41732277
When I test under a handheld, it always prompt for "Username, password or client certificate incorrect". I need to manually input the information. .

Handled is running what OS and version?
0
 
LVL 19

Expert Comment

by:suriyaehnop
ID: 41732301
Have try to export the cert and install on that phone?
0
 
LVL 46

Expert Comment

by:Jackie Man
ID: 41732315
Settings -> Security

Under Credential storage, select Install from device storage

install cert from device storage
The above procedure is for Samsung Galaxy S5. Other android phones should have similar prodedure.
0
 
LVL 11

Assisted Solution

by:Tej Pratap Shukla ~Dexter
Tej Pratap Shukla ~Dexter earned 83 total points
ID: 41732330
Hi
You should check this link you may find the solution to fix Client Certificate Error.
http://exchange-server-guide.blogspot.in/2014/07/resolve-exchange-autodiscover-error-600.html
0
 

Author Comment

by:AXISHK
ID: 41736992
Godaddy root and intermediate certificates have been installed on the Andriod. Also test the connection "Autodiscover.<your domain>/autodiscover/autodiscover.xml" and it works fine.

Is it because of the wildcard certificates (*.mydomain.com)  installed on Exchange ?

Thx
0
 
LVL 46

Expert Comment

by:Jackie Man
ID: 41737003
Is it because of the wildcard certificates (*.mydomain.com)  installed on Exchange ?

YES

"The Most Android based smart phone applications use Wildcard SSL security to secure their user’s data while they exchange information through the device with web servers. Wildcard SSL certificates secure website URLs and unlimited numbers of their subdomains."

Source: https://www.rapidsslonline.com/blog/understanding-wildcard-ssl-validation-for-the-android-platform/
0
 

Author Comment

by:AXISHK
ID: 41740140
Do u mean I need to replace the wizard certificate and  explicitly state the host names used in the certficate ?

Thx
0
 
LVL 46

Accepted Solution

by:
Jackie Man earned 251 total points
ID: 41740145
Do u mean I need to replace the wizard certificate and  explicitly state the host names used in the certificate ?

Yes

Wildcard certificate match

The certificate's Subject field contains the common name as the wildcard character (*) plus a single domain or subdomain. For example, *.contoso.com or *.eu.contoso.com. The *.contoso.com wildcard certificate can be used for:
www.contoso.com
ftp.contoso.com
mail.contoso.com

Source: https://technet.microsoft.com/en-us/library/dd351044%28v=exchg.160%29.aspx?f=255&MSPPError=-2147217396
0
 

Author Closing Comment

by:AXISHK
ID: 41740232
Thx
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question