Autodiscover & email configuration issues for 1 new PC

BeGentleWithMe-INeedHelp
BeGentleWithMe-INeedHelp used Ask the Experts™
on
Can someone tell me what I'm doing wrong?

SBS 2011 standard running exchange - 10 users have been set up for years - laptops at home, on the LAN and at a remote location connected by VPN
Their website is at a web hosting company.

Added a win 10 PC with Office 2016 at the remote location.

when opening outlook for that user's account, he'd get prompted for his password, and warnings about the certificate is  doesn't have the correct name, etc.

Running the microsoft remote connectivity analyzer for autodiscover it says:  Connectivity Test Successful with Warnings

under that it says: The Microsoft Connectivity Analyzer is attempting to test Autodiscover for markg@domain.com.
       Autodiscover was tested successfully.

Looking at things, it keeps trying to get to https://domain.com which resolves to the web server, not SBS box.  Can I just drop the autodiscover.xml from the SBS box onto the web server in a new autodiscover directory that doesn't currently exist?

Where should autodiscover.xml be located?  on the SBS box? on the web page?

There doesn't seem to be an autodiscover entry in the DNS zone.

I added an A record and pointed it to the sbs server.

pinging autodiscover.domain.com resolves to the SBS box.

But the Microsoft analyzer seems to have the web server IP cached?

This has been working for existing users.  Does Office 2016 and Exchange 2010 on SBS 2011 not play nice?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018
Commented:
Too many moving parts.

No you cannot just drop the xml on your web server.

INTERNAL clients use AD to find the Exchange server.  So internal clients will work regardless of your DNS setup.

The "remote connectivity analyzer" is exactly that.  It tests *REMOTE* connections.  That means *PUBLIC* DNS, and you must have an autodiscover entry that is reachable, a public IP, and can reach the exchange server (via port forwarding or direct or routed or other.)  

If an autodiscover record is not found then yes, domain.com is a fallback mechanism which will be tried, and since that often points to a public web server, will often fail with warnings.  This is expected behavior.

Outlook 2016 and Exchange 2010 play fine together.  Most new features don't work, but that is to be expected.
Michael B. SmithManaging Consultant

Commented:
You should post the full set of results.

But if Outlook tells you that you don't have the correct names in your SSL cert - you probably don't have the correct names in your SSL cert (based on how Exchange is configured). Just because autodiscover is in DNS doesn't mean it's in the SSL cert.
Saif ShaikhServer engineer

Commented:
Outlook 2016 uses autodiscover to connect to exchange. If certificate does not have a autodiscover entry and a host A record it will fail to connect giving cert error.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial