Exchange 2010 & Outlook 2016 Autodiscover issue
Hi
I am currently in the process of setting up some new client PCs with Outlook 2016 and I am seemingly having an autodiscover issue.
Our current setup is :
Exchange 2010 running on Server 2008 R2
Outlook 2007
which all connects fine.
When i try and get an Outlook 2016 to connect it continually asks for the user password.
If we try Outlook 2016 externally it works fine.
I have run a Test-OutlookWebServices and have got the following errors which i dont fully understand.
Would appreciate some pointers and help.
thanks
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1019
Type : Information
Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://mail.domain.co.uk/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1013
Type : Error
Message : When contacting https://mail.domain.co.uk/Autodiscover/Autodiscover.xml received the error The remote server returned an error: (401) Unauthorized.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1013
Type : Error
Message : When contacting https://mail.domain.co.uk/Autodiscover/Autodiscover.xml received the error The target principal name is incorrect
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1023
Type : Error
Message : The Autodiscover service couldn't be contacted.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1104
Type : Error
Message : The certificate for the URL https://server.domain.local/Autodiscover/Autodiscover.xml is incorrect. For SSL to work, the certificate needs to have a subject of server.domain.local, but the subject that was found is mail.domain.co.uk. Consider correcting service discovery, or installing a correct SSL certificate.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1106
Type : Information
Message : Contacted the Autodiscover service at https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1116
Type : Information
Message : [EXCH] The AS service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1115
Type : Information
Message : [EXCH] The OAB service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1114
Type : Information
Message : [EXCH] The UM service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1116
Type : Information
Message : [EXPR] The AS service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1115
Type : Information
Message : [EXPR] The OAB service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1114
Type : Information
Message : [EXPR] The UM service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1122
Type : Success
Message : Autodiscover was tested successfully.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1013
Type : Error
Message : When contacting https://mail.domain.co.uk/ews/exchange.asmx received the error The request failed with HTTP status 401: Unauthorized.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1025
Type : Error
Message : [EXCH] Error contacting the AS service at https://mail.domain.co.uk/ews/exchange.asmx. Elapsed time was 26 milliseconds.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1026
Type : Success
Message : [EXCH] Successfully contacted the UM service at https://mail.domain.co.uk/ews/exchange.asmx. The elapsed time was 35 milliseconds.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1124
Type : Success
Message : [Server] Successfully contacted the AS service at https://server.domain.local/ews/exchange.asmx. The elapsed time was 210 milliseconds.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1126
Type : Success
Message : [Server] Successfully contacted the UM service at https://server.domain.local/ews/exchange.asmx. The elapsed time was 52 milliseconds.
I am currently in the process of setting up some new client PCs with Outlook 2016 and I am seemingly having an autodiscover issue.
Our current setup is :
Exchange 2010 running on Server 2008 R2
Outlook 2007
which all connects fine.
When i try and get an Outlook 2016 to connect it continually asks for the user password.
If we try Outlook 2016 externally it works fine.
I have run a Test-OutlookWebServices and have got the following errors which i dont fully understand.
Would appreciate some pointers and help.
thanks
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1019
Type : Information
Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://mail.domain.co.uk/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1013
Type : Error
Message : When contacting https://mail.domain.co.uk/Autodiscover/Autodiscover.xml received the error The remote server returned an error: (401) Unauthorized.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1013
Type : Error
Message : When contacting https://mail.domain.co.uk/Autodiscover/Autodiscover.xml received the error The target principal name is incorrect
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1023
Type : Error
Message : The Autodiscover service couldn't be contacted.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1104
Type : Error
Message : The certificate for the URL https://server.domain.local/Autodiscover/Autodiscover.xml is incorrect. For SSL to work, the certificate needs to have a subject of server.domain.local, but the subject that was found is mail.domain.co.uk. Consider correcting service discovery, or installing a correct SSL certificate.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1106
Type : Information
Message : Contacted the Autodiscover service at https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1116
Type : Information
Message : [EXCH] The AS service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1115
Type : Information
Message : [EXCH] The OAB service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1114
Type : Information
Message : [EXCH] The UM service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1116
Type : Information
Message : [EXPR] The AS service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1115
Type : Information
Message : [EXPR] The OAB service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1114
Type : Information
Message : [EXPR] The UM service is configured for this user in the Autodiscover response received from https://server.domain.local:443/Autodiscover/Autodiscover.xml.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1122
Type : Success
Message : Autodiscover was tested successfully.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1013
Type : Error
Message : When contacting https://mail.domain.co.uk/ews/exchange.asmx received the error The request failed with HTTP status 401: Unauthorized.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1025
Type : Error
Message : [EXCH] Error contacting the AS service at https://mail.domain.co.uk/ews/exchange.asmx. Elapsed time was 26 milliseconds.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1026
Type : Success
Message : [EXCH] Successfully contacted the UM service at https://mail.domain.co.uk/ews/exchange.asmx. The elapsed time was 35 milliseconds.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1124
Type : Success
Message : [Server] Successfully contacted the AS service at https://server.domain.local/ews/exchange.asmx. The elapsed time was 210 milliseconds.
RunspaceId : 6d126fa7-6d99-470b-90b4-b4
Id : 1126
Type : Success
Message : [Server] Successfully contacted the UM service at https://server.domain.local/ews/exchange.asmx. The elapsed time was 52 milliseconds.
Please check this article for fixing autodiscover, DNS and other URLs
https://www.experts-exchange.com/articles/29657/Exchange-2010-Fix-for-an-Invalid-certificate-and-related-issues.html
https://www.experts-exchange.com/articles/29657/Exchange-2010-Fix-for-an-Invalid-certificate-and-related-issues.html
ASKER
I have actually already got that as we put it in previously to stop a certificate error internally. but it still doesnt seem to work.
Did you used this command ?
Configure Autodiscover
Get-ClientAccessServer | Set-ClientAccessServer –AutoDiscoverServiceIntern
Make sure there is A record for your autodiscover.domain.com in local and external DNS
Make sure that autodiscover.domain.com is bind to port 443 and certificate in IIS
Configure Autodiscover
Get-ClientAccessServer | Set-ClientAccessServer –AutoDiscoverServiceIntern
Make sure there is A record for your autodiscover.domain.com in local and external DNS
Make sure that autodiscover.domain.com is bind to port 443 and certificate in IIS
Please try adding this in a PC with Outlook2016 and monitor.
Navigate to HKEY_CURRENT_USER\Software
(x.0 corresponds to the Outlook version: 16.0 = Outlook 2016)
For Outlook 2016 version 16.0.6741.2017 and later versions, please add the following
DWORD: ExcludeExplicitO365Endpoin
value 1
Screenshot below
Navigate to HKEY_CURRENT_USER\Software
(x.0 corresponds to the Outlook version: 16.0 = Outlook 2016)
For Outlook 2016 version 16.0.6741.2017 and later versions, please add the following
DWORD: ExcludeExplicitO365Endpoin
value 1
Screenshot below
ASKER
Reg entry doesnt help. Still asks for the password constantly when trying to setup the email account
To verify, you have both mail.domain.co.uk and autodiscover.domain.co.uk in your INTERNAL DNS pointing to the INTERNAL IP addresses? And the SSL cert has both names on it?
These two results suggest otherwise:
These two results suggest otherwise:
RunspaceId : 6d126fa7-6d99-470b-90b4-b45a5d2f2904
Id : 1013
Type : Error
Message : When contacting https://mail.domain.co.uk/Autodiscover/Autodiscover.xml received the error The target principal name is incorrect
RunspaceId : 6d126fa7-6d99-470b-90b4-b45a5d2f2904
Id : 1023
Type : Error
Message : The Autodiscover service couldn't be contacted.
ASKER
No i hadnt created autodiscover.domain.co.uk only mail.domain.co.uk as we were using an SRV record.
I have create the autodiscover a record and although i am getting an ssl error due to my cert not including that outlook is now connecting which is great.
So is it just a case now to get the cert reissued with the additional name?
I have create the autodiscover a record and although i am getting an ssl error due to my cert not including that outlook is now connecting which is great.
So is it just a case now to get the cert reissued with the additional name?
Yes.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
But it must be self signed certificate since you can't have internal domain name in public certificate
I have exchange.domain.local
and
autodiscover.domain.local
in my local DNS and all is working perfectly
I have exchange.domain.local
and
autodiscover.domain.local
in my local DNS and all is working perfectly
@tom, sure that's certainly possible. But it all depends on how you have the various vDirs configured.
Since your certificate is generate for outside connection for https://excahnge.domain.com address inside your network certificate is incorrect since doesn't point to internal domain https://exchange.domain.local
I had same problem so I decide to create forward lookup zone in my local DNS for exchange.domain.com and I did created A record pointing to Exchange server external name but using internal IP
So If your server name is Exchange.domain.com from outside, just create Forward Lookup Zone for that name inside your local DNS
Use your name servers inside and create A record pointed to your local Exchange IP
Refresh DNS on station with Outlook 2016 and now all should be OK