Improve company productivity with a Business Account.Sign Up

x
?
Solved

External Autodiscover error Exchange 2010

Posted on 2016-10-04
5
Medium Priority
?
101 Views
Last Modified: 2016-10-13
I have been working with Microsoft to set up a Federation Trust between my company's 4 domains. 2 are Exchange 2010 hosted on-premise, and 2 are seperate tennants in Exchange 365. First they directed me to set up a Hybrid configuration, which did nothing but waste time. After escalating my request, a tech tested everything internally (which I had set up properly from the start), and on the 365 side, only to tell me there was an issue that they couldn't pinpoint and that I should contact the Exchange 2010 support team. I'd rather try with you all first, so here goes:

When I run the Outlook Connectivity test on testconnectivity.microsoft.com I am getting the following errors:

*Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
   >Validating the certificate name.
       Certificate name validation failed.
      >Host name mydomain.com doesn't match any name found on the server certificate CN=css.mydomain.com

*Attempting to test potential Autodiscover URL https://autodiscover.mydomain.com:443/Autodiscover/Autodiscover.xml
       Testing of this potential Autodiscover URL failed.
   > Host autodiscover.mydomain.com couldn't be resolved in DNS InfoDomainNonexistent

*Attempting to contact the Autodiscover service using the DNS SRV redirect method.
   >Attempting to resolve the host name server.mydomain.com in DNS.
      >The host name couldn't be resolved.

In my public DNS, I've just added autodiscover.mydomain.com as an A record, and it is pointing to the same server as my OWA (which works) record (1.2.3.4 for this example).

For myself, this is a needle in a haystack kind of problem. I've added the following records in my public DNS:

- autodiscover.mydomain.com IN A 1.2.3.4
- autodiscover IN CNAME 1.2.3.4
-_autodiscover._tcp IN SVR 0 443 server.mydomain.com

Using mxtoolbox.com, the CNAME returns autodiscover.mydomain.com  as connected and the IP as 1.2.3.4.

Does anyone see something tragically wrong with what I've done (obviously I've made a mess of this, but please humour me....)?
0
Comment
Question by:Philip Thomas
  • 3
  • 2
5 Comments
 
LVL 19

Accepted Solution

by:
Todd Nelson earned 2000 total points
ID: 41829188
Connectivity Test...
If you are concerned about the first error in the ExRCA.com test where it errors on the root domain name (mydomain.com) I wouldn't worry about it and it can be disregarded as a red herring.

Autodiscover DNS Records...
IMO, you either use an CNAME record (recommended) or an A record for autodiscover.

The CNAME should be using you OWA FQDN as the target, not an IP address.

Also, I haven't used or needed an SRV record for autodiscover in a long time.  I look at it as a helper if the CNAME isn't working.

Those are my thoughts.
1
 

Author Comment

by:Philip Thomas
ID: 41829714
Thank you Todd for the help, I've modified my CNAME as you've suggested, hopefully I'll get the results I'm after very soon!
0
 

Author Comment

by:Philip Thomas
ID: 41830933
Well...that did it! Thank you for your help, Todd, it is greatly appreciated!
0
 
LVL 19

Expert Comment

by:Todd Nelson
ID: 41830962
You are most welcome.
0
 

Author Comment

by:Philip Thomas
ID: 41842679
Hi Todd, I've got another question about this topic. 3 of my 4 companies connect to the Federation Trust. My 4th company has an odd setup I've never seen before and I'm hoping you can help me understand what they've done;

There are 2 domain names of interest: domain.com and domainName.com

The email address is @domainName.com
OWA is accessed using mail.domain.com

Each domains' DNS is hosted by GoDaddy, and all the information pointing to our firewall is on the domain.com side.
On the domainName.com side, all the email records are pointing to GoDaddy's servers, which we do not use at all. There are 2 MX records which point the emails to domainName.cominbound10.mxlogic.net (spam filter).

I'm sure this is another DNS issue, but if you would have any insight as to what I should be looking for it would be greatly appreciated.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Are you working to mount the dismounted Exchange 2013 database? Then the best course of action is to analyze the causes of Database issue, their probable solutions and decide for the appropriate course of action.
This following write-up describes a different way to copy Lotus Notes Calendar to Outlook. Along with this, we will also learn the reason behind this NSF to PST migration. Users can prefer different procedures as per their convenience.
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…
To export Lotus Notes to Outlook PST or Exchange and Domino Server files to Exchange Server or PST files with ease, go for Kernel for Lotus Notes to Outlook conversion tool. Through the video, you can watch the conversion process. A common user with…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question