Free Microsoft Outlook Resources & Whitepapers

Autodiscover not working

Hi,

I can't seem to get autodiscover to work. This is my setup:
2 F5 Big IP load balancers
2 CAS
2 machines in a CCR

I have a SAN cert (exchange.domain.com and autodiscover.domain.com)
installed on the F5's. The F5's have a public IP
(exchange.domain.com) and an A record for autodiscover.domain.com
which points to the IP for exchange. The SSL connection terminates at
the F5. From the F5 to the CAS servers, there is no SSL. I have
removed one of the CAS servers from the F5's, so i am only dealing
with 1 CAS. Email addresses are in the form user@domain.com.
However, the Windows domain is pc.domain.com.

If it go to https://autodiscover.domain.com/autodiscover/autodiscover.xm l,
https://exchange.domain.com/autodiscover/autodiscover.xml,
https://autodiscover.domain.com/owa/autodiscover/autodiscove r.xml or
https://exchange.domain.com/owa/autodiscover/autodiscover.xm l after
authentication I get:

-


Post your answer or comment

comments powered by Disqus
Good Day,
I have a strange situation and hoping someone can direct me on this. I have Exchange 2003 currently and we are migrating to Exchange 2010. We have the system built and all works well including Autodiscover on the network. we have everything going through our F5 which is fine.
The issue we are having is all works well on VPN for Outlook 2003 clients. It somehow does not work for Outlook 2007 & 2010 clients. Unable to download address books. when i did the test Outlook config I see:

Attempting URL https://xxx.int.kn/Autodioscover/Autodiscover.xml found through SCP
Autodiscover to https://xxx.int.kn/Autodiscover/Autodiscover.xml starting
GetLastError=0;httpStatus=403
Autodiscover request completed with http status code 403
Autodiscover to https://xxx.int.kn/Autodiscover/Autodiscover.xml FAILED (0x80004005)

Any help would be appreciated. Again, this is only affecting Outlook 2007 users. Outlook 2003, and 2010 work fine.

Ok, I've been scratching my head over this for some time now. Our client was on Exchange 2003 with Outlook 2003. They migrated to SBS 2008 with Exchange 2007. For a long time they continued to use Outlook 2003 but around Christmas time last year they upgraded to Outlook 2007 and have been having issues since.

I've looked through the forums for days and have tried a lot of what has been posted; however, updating the OAB does not work, Out of Office Assistant does not work and at least one person is not showing up in the GAL.

They have a valid, 3rd party certificate which includes autodiscover.domain.com and mail.domain.com. From a client computer I cleared their DNS cache and tested the connection using the CTRL-Right Click method. autodiscover.domain.com shows up in the dns cache and it points to mail.domain.com so I know the DNS is resolving it properly. On the server, I put a SVR record in dns pointing to mail.domain.com.

When running Test-OutlookWebServices | fl I get:

Id††††† : 1003
Type††† : Information
Message : About to test AutoDiscover with the e-mail address Administrator@domain.com.

Id††††† : 1007
Type††† : Information
Message : Testing server server.internal.com with the published name https://mail.domain.com/EWS/Exchange.asmx
††††††† & https://mail.domain.com/EWS/Exchange.asmx.

Id††††† : 1019
Type††† : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover URL on this object is https://mail.domain.com/autodiscover/autodiscover.xml.

Id††††† : 1006
Type††† : Information
Message : The Autodiscover service was contacted at https://mail.domain.com/autodiscover/autodiscover.xml.

Id††††† : 1016
Type††† : Success
Message : [EXCH]-Successfully contacted the AS service at https://mail.domain.com/EWS/Exchange.asmx. The elaps
††††††† ed time was 21 milliseconds.

Id††††† : 1015
Type††† : Success
Message : [EXCH]-Successfully contacted the OAB service at https://mail.domain.com/EWS/Exchange.asmx. The elap
††††††† sed time was 0 milliseconds.

Id††††† : 1014
Type††† : Success
Message : [EXCH]-Successfully contacted the UM service at https://mail.domain.com/UnifiedMessaging/Service.asm
††††††† x. The elapsed time was 5 milliseconds.

Id††††† : 1016
Type††† : Success
Message : [EXPR]-Successfully contacted the AS service at https://mail.domain.com/EWS/Exchange.asmx. The elaps
††††††† ed time was 20 milliseconds.

Id††††† : 1015
Type††† : Success
Message : [EXPR]-Successfully contacted the OAB service at https://mail.domain.com/EWS/Exchange.asmx. The elap
††††††† sed time was 0 milliseconds.

Id††††† : 1014
Type††† : Success
Message : [EXPR]-Successfully contacted the UM service at https://mail.domain.com/UnifiedMessaging/Service.asm
††††††† x. The elapsed time was 4 milliseconds.

Id††††† : 1013
Type††† : Error
Message : When contacting https://mail.domain.com/Rpc received the error The server committed a protocol viola
††††††† tion. Section=ResponseStatusLine

Id††††† : 1017
Type††† : Error
Message : [EXPR]-Error when contacting the RPC/HTTP service at https://mail.domain.com/Rpc. The elapsed time w
††††††† as 10 milliseconds.

Id††††† : 1006
Type††† : Success
Message : The Autodiscover service was tested successfully.

Id††††† : 1021
Type††† : Information
Message : The following web services generated errors.
††††††††††† Contacting server in EXPR
††††††† Please use the prior output to diagnose and correct the errors.††† †

I ran this:
Set-ClientAccessServer -id † -AutoDiscoverServiceInternalUri https://mail.domain.com/autodiscover/autodiscover.xml
with success. However, updating the OAB from Outlook results in: "Task 'Microsoft Exchange Server' reported error (0x8004010F) : 'The operation failed. An object cannot be found.'"

Running the autodiscovery check in Outlook results in:
"Attempting URL https://mail.domain.com/autodiscover/autodiscover.xml found through SCP
Autodiscover to https://mail.domain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://mail.domain.com/autodiscover/autodiscover.xml FAILED (0x80072F0C)"
...
All of them fail with their respective codes.

I am really at a loss here as to what to try next. Any help would greatly be appreciated!

Regards,
Aaron

I am having problems with Exchange 2007 Autodiscovery.
Internally when I test AutoConfiguration it fails.
This has only come to light as it means OOF does not work and users of Windows 7 (but not Vista) keep getting a popup saying "Allow this website to configure server settings.." which I don't want.

Test-OutlookWebServices comes back with no errors.

We are using a DigiCert Exchange 2007 SAN certificate with {mailserver}.domain.com, autodiscover.domain.com, & {mailserver}.

It seems to be only an internal problem; my Win7 machines from home works fine with Autodiscover and OOF. I tuned off proxies, but that didn't make a difference.

Any ideas? (thanks in advance)!

Hi,

I can't seem to get autodiscover to work. This is my setup:
2 F5 Big IP load balancers
2 CAS
2 machines in a CCR

I have a SAN cert (exchange.domain.com and autodiscover.domain.com)
installed on the F5's. The F5's have a public IP
(exchange.domain.com) and an A record for autodiscover.domain.com
which points to the IP for exchange. The SSL connection terminates at
the F5. From the F5 to the CAS servers, there is no SSL. I have
removed one of the CAS servers from the F5's, so i am only dealing
with 1 CAS. Email addresses are in the form user@domain.com.
However, the Windows domain is pc.domain.com.

If it go to https://autodiscover.domain.com/auto...todiscover.xml,
https://exchange.domain.com/autodisc...todiscover.xml,
https://autodiscover.domain.com/owa/...todiscover.xml or
https://exchange.domain.com/owa/auto...todiscover.xml after
authentication I get:

-

I have autodiscover working well with domain PCs but non domain PCs are getting "The name on the security certificate is invalid or does not match the name of the site."

Our email addresses are @email-domain.com and our Active Directory domain is ads.internaldomain.com. Two completely different domain names is the point. ;)

I tried setting up a CNAME for autodiscover.email-domain.com and then A records for the same. They resolve fine and point to the Exchange 2007 server and in the Outlook logging it is looking for the autodiscover.email-domain.com but not "finding" it.

This is for machines that are either connected via VPN or on the local network.

Any help is greatly appreciated. Thanks!

Please I need your assistance with Exchange 2007 auto-discover and out office with outlook 2007. We just migrrated from exchange 2003 to 2007.

We have just deployed exchange 2007 in-house but users of outlook 2007 cannot set their out of office settings when on exchange 2007 but only through OWA.

When they try to access OOF they get this pop up indicating:

Your out of office settings can not be displayed because the server is currently unavailable, try again later.

Links from the internet refers to the auto-discover service, I have created a Dns A host record that maps to the IP Address of the CAS but still the same.†I uninstalled and reinstalled the CAS role, created a web distribution offline address book hosted by the exchnage server and it was made the default.†The result of test-outlookwebservices is given:test-outlookwebservices user | fl

Id : 1003
Type : Information
Message : About to test AutoDiscover with the e-mail address user@domain
.com.

Id : 1006
Type : Information
Message : Contacted AutoDiscover at https://lagmail01.domain.com/Autodiscov
er/Autodiscover.xml.

Id : 1016
Type : Success
Message : [EXCH]-Successfully contacted the AS service at https://lagmail01. domain.com/EWS/Exchange.asmx.

Id : 1015
Type : Success
Message : [EXCH]-Successfully contacted the OAB service at https://lagmail01.
domain.com/EWS/Exchange.asmx.

Id : 1014
Type : Success
Message : [EXCH]-Successfully contacted the UM service at https://lagmail01.
domain.com/UnifiedMessaging/Service.asmx.

Id : 1016
Type : Information
Message : [EXPR]-The AS is not configured for this user.

Id : 1015
Type : Success
Message : [EXPR]-Successfully contacted the OAB service at .

Id : 1014
Type : Information
Message : [EXPR]-The UM is not configured for this user.

Id : 1017
Type : Success
Message : [EXPR]-Successfully contacted the RPC/HTTP service at https://lagmail
01/Rpc.

Id : 1006
Type : Success
Message : Successfully tested AutoDiscover.

The OOF is still not working.

Any idea?

Hi Guys,

Someone complained that their Out-Of-Office was not working in Outlook Web Access.† So I did some snooping around and they do have the feature enabled with a response†to†internal users and another response to†external users.† I sent the user an email and†DID NOT†receive any†OOF response.† So I ran Test-OutlookWebServices to test out the AutoDiscover settings.† I received the following output:

Id††††† : 1003
Type††† : Information
Message : About to test AutoDiscover with the e-mail address jsmith@contoso.com.

Id††††† : 1013
Type††† : Error
Message : When contacting https://webmail.contoso.com/autodiscover/autodiscover.xml received the error Unable to connect to the remote server

Id††††† : 1013
Type††† : Error
Message : When contacting https://webmail.contoso.com/autodiscover/autodiscover.xml received the error A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 123.45.678.9:443

Id††††† : 1006
Type††† : Error
Message : The Autodiscover service could not be contacted.

We are also receiving errors when trying to use the Out-Of-Office through Outlook 2007.† The error is:

Your Out of Office settings cannot be displayed, because the server is currently unavailable.† Try again later.

Outlook 2003 clients are fine.† I guess since Outlook 2003 clients dont use the Autodiscover service, that would make sense.† At this point, the security for the Autodiscover Virtual Directory is set to Integrated Windows authentication with Anonymous Access disabled.† The reason for the Virtual Directory security change was that if I dont have Windows Integrated security, I get a lot of the following errors:

Event Type:†Error
Event Source:†MSExchange Autodiscover
Event Category:†Web
Event ID:†2
Date:††9/16/2008
Time:††1:25:00 PM
User:††N/A
Computer:†EXCHSRV-01
Description:
Anonymous Request received from HostAddress:"213.45.678.9", HostName:"213.45.678.9". Invalid Autodiscover site configuration. To fix the problem remove Anonymous access.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Thanks.

Hey everyone,

I'm having trouble getting AutoDiscover to work with our WM6.1 devices in our Exchange 2007 environment. If I try to automatically detect settings the handheld device just sits there forever trying to get settings until the cancel button us pressed. Manual setup works fine from that point.

I was referred to a handy website while on a support call with Microsoft one time called http://www.testexchangeconnectivity.com that will simulate various kinds of connections to an Exchange environment. I did the Microsoft Exchange ActiveSync Autodiscover Test from that site and got the following error:

"Active Directory currently not available"

The full text of the test is here:
===================================
Connectivity Test Failed
Test Details
Copy to Clipboard†† †Expand/Collapse†† †
† †Attempting Autodiscover and Exchange Activesync Test (if requested)
††† Failed to test Autodiscover for Exchange Activesync
† †Test Steps
†††
† †Attempting each method of contacting the Autodiscover Service
††† Failed to contact the Autodiscover service successfully by any method
† †Test Steps
†††
† †Attempting to test potential Autodiscover URL https://mydomain.com/Autodiscover/Autodiscover.xml
††† Failed testing this potential Autodiscover URL
† †Test Steps
†††
† †Attempting to Resolve the host name mydomain.com in DNS.
††† Host successfully Resolved
† †Additional Details
††† IP(s) returned: xx.xx.xx.xx
† †Testing TCP Port 443 on host mydomain.com to ensure it is listening/open.
††† The port was opened successfully.
† †Testing SSLCertificate for validity.
††† The SSLCertificate failed one or more certificate validation checks. If the certificate is not trusted by our server, please select the box to skip this check.
† †Additional Details
††† The SSL Certificate failed validation Exception Details:
Message: The remote certificate is invalid according to the validation procedure.
Type: System.Security.Authentication.AuthenticationException
Stack Trace:
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRCA.Tests.SSLCertificateTest.PerformTestReally()

:
† †Attempting to test potential Autodiscover URL https://autodiscover.mydomain.com/Autodiscover/Autodiscover.xml
††† Failed testing this potential Autodiscover URL
† †Test Steps
†††
† †Attempting to Resolve the host name autodiscover.mydomain.com in DNS.
††† Host successfully Resolved
† †Additional Details
††† IP(s) returned: xx.xx.xx.xx
† †Testing TCP Port 443 on host autodiscover.mydomain.com to ensure it is listening/open.
††† The port was opened successfully.
† †Testing SSLCertificate for validity.
††† The SSLCertificate failed one or more certificate validation checks. If the certificate is not trusted by our server, please select the box to skip this check.
† †Additional Details
††† Could not connect to remote host: Exception Details:
Message: Authentication failed because the remote party has closed the transport stream.
Type: System.IO.IOException
Stack Trace:
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
at Microsoft.Exchange.Tools.ExRCA.Tests.SSLCertificateTest.PerformTestReally()

† †Attempting to contact the Autodiscover service using the HTTP redirect method.
††† Failed to contact Autodiscover using the HTTP Redirect method
† †Test Steps
†††
† †Checking Host autodiscover.mydomain.com for an HTTP redirect to Autodiscover
††† Received Redirect (HTTP 301/302) Response successfully.
† †Additional Details
††† Redirect URL: https://portal.sslcertdomain.com/autodiscover/autodiscover.xml
† †Attempting to test potential Autodiscover URL https://portal.sslcertdomain.com/autodiscover/autodiscover.xml
††† Failed testing this potential Autodiscover URL
† †Test Steps
†††
† †Attempting to Resolve the host name portal.sslcertdomain.com in DNS.
††† Host successfully Resolved
† †Additional Details
††† IP(s) returned: xx.xx.xx.xx
† †Testing TCP Port 443 on host portal.sslcertdomain.com to ensure it is listening/open.
††† The port was opened successfully.
† †Testing SSLCertificate for validity.
††† The certificate passed all validation requirements.
† †Additional Details
††† Subject: CN=portal.sslcertdomain.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)08, OU=GT60785400, O=portal.sslcertdomain.com, C=US, Issuer CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
† †Attempting to Retrieve XML Autodiscover Response from url https://portal.sslcertdomain.com/autodiscover/autodiscover.xml for user JoeUser@mydomain.com
††† Failed to obtain Autodiscover XML response.
† †Additional Details
††† An error was returned from the Autodiscover query:

en:en

Jose User
JoeUser@mydomain.com

1
Active Directory currently not available
UserMailbox

† †Attempting to contact the Autodiscover service using the DNS SRV redirect method.
††† Failed to contact Autodiscover using the DNS SRV redirect method.
† †Test Steps
†††
† †Attempting to locate SRV record _autodiscover._tcp.mydomain.com in DNS.
††† Failed to find Autodiscover SRV record in DNS.
===================================

What is wierd about this is it picks up the user's display name correctly so I know it is at least on some level communicating with Active Directory successfully.

Any thoughts?

Hi all,

Hoping someone might be able to shed some light on my issue. I have been running and Exchange 2007 environment with Outlook 2003 clients happily for quite some time. I am in the process of rolling out new machines which includes Outlook 2007. I am sending/receiving emails etc. fine however cannot see free/busy information or use OOF. I have a self signed SSL certificate with multiple domain names (not best practice I know, working on convincing the boss to purchase a proper one) including autodiscover.mydomain.com.
I have added DNS entries for autodiscover.mydomain.com and attempting to browse to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml prompts for credentials and then shows the placeholder xml file.
A test email autoconfiguration produces the following:
Attempting URL https://autodiscover.mydomain.com/autodiscover/autodiscover.xml found through SCP
Autodiscover to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
Autodiscover to https://mydomain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://mydomain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
Autodiscover to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml starting
Autodiscover to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml FAILED (0x800C8203)
Local autodiscover for mydomain.com starting
Local autodiscover for mydomain.com FAILED (0x8004010F)
Redirect check to http://autodiscover.mydomain.com/autodiscover/autodiscover.xml starting
Redirect check to http://autodiscover.mydomain.com/autodiscover/autodiscover.xml FAILED (0x80004005)

I know those erros point to DNS but like I said, DNS appears to be configured correctly. Any help/suggestions would be appreciated.


Hello,

This last weekend I did an Exchange 2007 to Exchange 2010 migration. Prior to the migration, autodiscover worked properly. Now, external clients trying to connect VIA Outlook anywhere get an autodiscover error message. The error message says the name on the certificate is not valid. The certificate clients are receiving, is the certificate bound to the web server which is https://domain.com. This is not the certificate I have bound to Exchange. I spent 10 hours talking to three technicians at Microsoft yesterday who went over all the Autodiscover settings with us, at the end of the conversation, I was told this behavior is by design. I don't believe that entirely accurate as we have had this scenario working and in place for months VIA our exchange 2007 server. I'm looking for advice on how to reoslve this.



Thanks,

Ryan


we have exchange 2010 on windows server 2008r2 isa 2006 sp1

the email work fine internal and on owa but

not workin on any oulook external after i run the exchange remote conectivity analyzer i found this errore

please help



ExRCA is testing Exchange ActiveSync.
†The Exchange ActiveSync test failed.
†Test Steps
†ExRCA is attempting the Autodiscover and Exchange ActiveSync test (if requested).
†Testing of Autodiscover for Exchange ActiveSync failed.
†Test Steps
†ExRCA is attempting each method of contacting the Autodiscover service.
†The Autodiscover service couldn't be contacted successfully by any method.
†Test Steps
†Attempting to test potential AutoDiscover URL https://mydomain.com/AutoDiscover/AutoDiscover.xml
†Testing of this potential Autodiscover URL failed.
†Test Steps
†Attempting to resolve the host name mydomain.com in DNS.
†Host successfully resolved
†Additional Details
†IP(s) returned: 196.205.161.138

Testing TCP Port 443 on host mydomain.com to ensure it is listening and open.
†The port was opened successfully.
ExRCA is testing the SSL certificate to make sure it's valid.
†The SSL certificate failed one or more certificate validation checks.
†Test Steps
†The certificate name is being validated.
†Successfully validated the certificate name
†Additional Details
†Found hostname mydomain.com in Certificate Subject Alternative Name entry

Certificate trust is being validated.
†Certificate trust validation failed.
†Additional Details
†The certificate chain couldn't be built. You may be missing required intermediate certificates.





Attempting to test potential AutoDiscover URL https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml
†Testing of this potential Autodiscover URL failed.
†Test Steps
†Attempting to resolve the host name autodiscover.mydomain.com in DNS.
†The Host could not be resolved.
† Tell me more about this issue and how to resolve it
†Additional Details
†Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTe st.PerformTestReally()



ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method.
†The attempt to contact Autodiscover using the HTTP Redirect method failed.
†Test Steps
†Attempting to resolve the host name autodiscover.mydomain.com in DNS.
†The Host could not be resolved.
† Tell me more about this issue and how to resolve it
†Additional Details
†Host autodiscover.mydomain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTe st.PerformTestReally()



ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method.
†Failed to contact AutoDiscover using the DNS SRV redirect method.
†Test Steps
†Attempting to locate SRV record _autodiscover._tcp.mohamedalsagheer.com in DNS.
†The Autodiscover SRV record wasn't found in DNS.
† Tell me more about this issue and how to resolve it


I have been looking at ways to get autodiscovery working within Outlook 2010 when a mailbox is stored on Exchange 2003. We have both Exchange 2003 and Exchange 2010. The mailboxes on Exchange 2010 work fine with autodiscover when using Outlook 2007 or Outlook 2010. However, if the mailbox is on Exchange 2003, Outlook 2010 does not work while Outlook 2007 does. Any reason as to why or any advice?

Hey Guys,
First let me say Happy New Year and is this Post belongs some where else please move i just thought this was the best place for it.

Ok let me start from the begining. I had a CCR and 1 Hub/CAS. the CCR was running on Windows 2003 Server, 1st problem. i needed to move one of the CCR Nodes to a Colo on a different subnet and i was not going to extend the subnet over so my solution was to install the MailBox role on the Hub/CAS to move the mailboxes over and then just remove the CCR and redo the servers with Windows 2008 which support cluster in different subnets.

Great first problem done. Well what happened was, once i put in the Mailbox role on my Hub/CAS, OWA stopped working and it looked like it was a Cretificate problem. It wasn't it looks like (according to MS) that i needed to reinstall IIS, CA Role, and then recreate the VirtualDirectories. Apparently during the install of the Mailbox role it breaks the pointers and you have to recreate them. Great so i followed http://support.microsoft.com/kb/320202†and did what was asked restarted server Great OWA is now Working. I put in the correct SAN Cert, and active sync works now too.

So OWA and ActiveSync working i figured enabling OutlookAnywhere and i'm done. Well i did that and it's a no go. I said well maybe it's the Autodiscover that is not working well here is the Autodiscover test from Outlook 2007:
Log:
Autodiscover to https://externaldomain.aero/autodiscover/autodiscover.xml starting
Autodiscover to https://externaldomain.aero/autodiscover/autodiscover.xml FAILED (0x800C8203)
Autodiscover to https://autodiscover.externaldomain.aero/autodiscover/autodiscover.xml†starting
https://autodiscover.externaldomain.aero/autodiscover/autodiscover.xml†succeeded (0x00000000)

XML:

††
†††† Frank M. Merino
†††† /o=TRAX/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=frank.merino
†††† 3be22e6f-78b8-458a-add3-7ab7c6651330
††
††
†††† email
†††† settings
††††
†††††† EXCH
†††††† internalservername.internaldomain.com
†††††† /o=TRAX/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=internalservername
†††††† 720180F0
†††††† /o=TRAX/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=internalservername/cn=Microsoft Private MDB
†††††† CCR.internaldomain.com
†††††† dc01.internaldomain.com
†††††† https://internalservername.internaldomain.com/EWS/Exchange.asmx
†††††† https://internalservername.internaldomain.com/EWS/Exchange.asmx
†††††† https://internalservername.internaldomain.com/EWS/Exchange.asmx
†††††† https://internalservername.internaldomain.com/UnifiedMessaging/Service.asmx
†††††† https://internalservername.internaldomain.com/owa/OAB/be964601-1d89-43b2-a6f1-f21ae5e30394/
††††
††††
†††††† EXPR
†††††† autodiscover.externaldomain.aero
†††††† On
†††††† Ntlm
†††††† https://webmail.externaldomain.aero/OAB/be964601-1d89-43b2-a6f1-f21ae5e30394/
†††††† msstd:autodiscover.externaldomain.aero
††††
††††
†††††† WEB
††††††
†††††††† https://webmail.externaldomain.aero/owa
††††††
††††††
†††††††† https://internalservername.internaldomain.com/owa
††††††††
†††††††††† EXCH
†††††††††† https://internalservername.internaldomain.com/EWS/Exchange.asmx
††††††††
††††††
††††
††

(A note about my Autodiscover address and Certificate. My internal domain name is not the same as my external domain name, as shown in the xml. the Certificate only understands webmail.externaldomain.aero and autodiscover.externaldomain.aero not the internalservername.internaldomain.com. it was working for me before i put the mailbox role on the Hub/CAS only those with Outlook 2007 got a certificate error when using outlook internal we can deal with that for now i'll deal with that issue later. [reason being internaldomain.com is owned be someone else and we can't use the SAN do get that address if you know of a work around that would be great to know])

Please let me know if you need more information. I have been at this thing now for 3 days and i'm starting to lose it.

Thank you guys!

I am running Exchange 2007 SP1 Update Rollup 4 running on Server 2008 and I am having an issue where the Availability Service is not working for some users. When running test-outlookwebservices -identity username using my username it passes successfully. But for some users it fails. Here is the results...

Id : 1003
Type : Information
Message : About to test AutoDiscover with the e-mail address username@domain.com

Id : 1006
Type : Information
Message : The Autodiscover service was contacted at https://excas.domain.com/autod
iscover/autodiscover.xml.

Id : 1011
Type : Error
Message : When querying Availability for username@domain.com received 5014:

Id : 1016
Type : Error
Message : [EXCH]-Error when contacting the AS service at https://excas.domain.com/
EWS/Exchange.asmx. The elapsed time was 125 milliseconds.

Id : 1015
Type : Success
Message : [EXCH]-Successfully contacted the OAB service at https://excas.domain.com
/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id : 1014
Type : Success
Message : [EXCH]-Successfully contacted the UM service at https://excas.domain.com
/UnifiedMessaging/Service.asmx. The elapsed time was 62 milliseconds.

Id : 1011
Type : Error
Message : When querying Availability for username@domain.com received 5014:

Id : 1016
Type : Error
Message : [EXPR]-Error when contacting the AS service at https://excas.domain.com/
EWS/Exchange.asmx. The elapsed time was 125 milliseconds.

Id : 1015
Type : Success
Message : [EXPR]-Successfully contacted the OAB service at https://excas.domain.com
/EWS/Exchange.asmx. The elapsed time was 0 milliseconds.

Id : 1014
Type : Success
Message : [EXPR]-Successfully contacted the UM service at https://mail.domain.com/
unifiedmessaging/service.asmx. The elapsed time was 15 milliseconds.

Id : 1017
Type : Success
Message : [EXPR]-Successfully contacted the RPC/HTTP service at https://mail.domain
.com/Rpc. The elapsed time was 0 milliseconds.

Id : 1006
Type : Success
Message : The Autodiscover service was tested successfully.

Id : 1021
Type : Information
Message : The following web services generated errors.
As in EXCH
As in EXPR
Please use the prior output to diagnose and correct the errors.

The EWS directory in IIS has Basic and Windows Authentication enabled.

Also, anytime I set the external url with set-webservicesvirtualdirectory to https://mail.domain.com/EWS/Exchange.asmx it does not stick. It reverts back to using the server name. The external address for my OAB is set to use mail.domain.com, but when testing outlookwebservices it uses the internal server name. Testing Autodiscover in Outlook passes for all users even if they are having trouble with the Availability service. Any help would be appreciated.

Hi all,

Please be patient with me as I know this is a subject which there is a lot of stuff on the net to read about it and i've tried to work through it, honestly i've tried....

We get the "Your Out Of Office settings cannot be displayed because the server is currently unavailable" message when attempting to configure OOF in outlook (2007 & 2010)

I've tried adding an A record to DNS for Autodiscover....

I've tried testing the email autoconfiguration via Outlook which fails as "Autoconfiguration was unable to determine my settings".

I've also checked our Security certifcates and none seem to mention any address associated with AutoDiscover

We're currently running Exchange 2007 on a W2K3 box

If anyone can talk me through it, that would be great?
Thanks
Ayjay80

AutoDiscover does work but uses the wrong URL from the client machine.†† The URLs being used by the client machine is https://AutoDiscover.Domain.com

To get the clients working I added† cname entry that points AutoDiscover.Domain.com† in the DNS server.† This gets the clients working but give a warning on the certificate because it does not match.

[PS]get-clientaccessserver | fl name,AutoDiscoverServiceInternalUri

Name†††††††††††††††††††††††††† : NAME
AutoDiscoverServiceInternalUri : https://ExchangeName.DOMAIN.com/Autodiscover/Autodiscover.xml

The above URL does work without giving †a Cert Error,†† The clients get a cert error because it is pointing to https://AutoDiscover.Domain.com.†† This does not match the Server name on the certificate.††

Thank you for any help I just don't see my mistake.

Having an issue with Mailtips not working, they only don't work via Outlook and only when connected internally, works fine via OWA and Outlook Anywhere.

Environment is 1 CAS/HUB and 3 MB servers

Displays "Mailtips cannot be retrieved"

Started happening a few days ago, was working fine prior, nothing has been changed that I'm aware of.

Mailtips are enabled, as per below

Get-OrganizationConfig | fl *mailtips*

MailTipsExternalRecipientsTipsEnabled : True
MailTipsLargeAudienceThreshold : 25
MailTipsMailboxSourcedTipsEnabled : True
MailTipsGroupMetricsEnabled : True
MailTipsAllTipsEnabled : True

I know Mailtip uses autodiscover, but the strange thing is other services that also need autodiscover such as OOF work fine.

Anyone got any suggestions?

hi folks,
we have the following scenario :
1 forest,1 domain (local.domain) with 3 sites (dc1, dc2,dc3 and exc01,exc02,exc03)
each exchange server 2007 running the 3 roles CAS,HUB and MBX.
i need to add to DNS, A records for autodiscovery services (internal) so that autodiscovery and OOF works.
i added autodiscovery.local.domain =>†† Ip of exchange exc01
does i need to add A records for each autodiscovery service installed
on exc01 site1, exc02 site2 and exc03 site3 ?
if so, how can i do this ?
my problem is that, out of office does not work.
i did a test-outlookwebservices† ah† | fl cmdlets and it said me a 404 error Autodiscover service not reacheable..
i removed anonymous from ews directory, add integrated and basic auth in IIS and iisreset but nothing,
thanks you for your help, at this time i really need help:/
cheers,
AH

Hi guys,

i've been searching for a miracle post all day and found nothing regarding my problem. Let me explain what is going on. User with Microsoft Outlook 2007 are trying to open up the OOF Agent and they get an error message saying "The server is unavailable. Try again late."

I started my journey with this and got pretty good documentation on how to setup Autodiscover in EMC and adding Records in DNS, etc. I went through all of these. But none of them helped me very much.

Interesting fact is that it's working from OWA. It is not working internally with a standard client. My personnal setup is 2010 and I can manage the OOF wizard. Looks like 2007 is the only situation.

Since a couple of weeks, i issued a certificate (SAN) with StarField and I went through the configuration to make it work for the OWA website: fine.
For some reason, the OOF stopped working even if in my certificate, i added autodiscover.external-domain.com.

In this cert I got:
DNS Name: owa.external-domain.com
DNS Name: www.owa.external-domain.com
DNS Name: autodiscover.external-domain.com
DNS Name: external-domain.com
DNS Name: EX-Server
DNS Name: EX-Server.internaldomain.local

In my DNS, the actions I've taken are:
Creating a new forward lookup zone - external-domain.com
In this zone, add: A Record for (parent folder), autodiscover (pointing to my EX-Server), owa (to EX-Server again) and www (external website's hosting manager).

In the domain.local zone, i added an A Record for autodiscover (pointing to EX-Server).

I heard about CNAME, does that make a difference? Do i need to create a CNAME instead?

This done, i went in EMC to Set-WebServicesVirtualDirectory ... to https://owa.external-domain.com/EWS/Exchange.asmx (Am I right here?)

If I go on my client PC and run the autodiscover test, it is successful (Like others having the same issue). My OOF address looks like: https://owa.external-domain.com/EWS/Exchange.asmx By the way, it's the same for Availability Service URL.

In my ISP's DNS, i told them to add a Record for owa.external-domain.com to my Firewall's address. For the outside, everything is working fine. How come internally, my users can't open the OOF feature? I'm missing something...

Also, i thought it'd be good to provide some output of Test-OutlookWebServices which is talking about the NTFS permissions and web.config file. (I did some tests on redirecting HTTP/HTTPS with Error Codes and it seems to be stuck there. Even if i removed it, in the web.config there is still a HTTPError section that i can't remove).

Thanks for helping me out!

[PS] C:Windowssystem32>Test-OutlookWebServices

...

Server Error in Application "DEFAULT WEB
SITE/EWS"
Internet Information Services 7.5

Error Summary
HTTP Error 500.19 - Internal Server Error
Absolute physical path "C:inetpubcusterren-US" is not allowed in
system.webServer/httpErrors section in web.config file. Use relative path
instead.

Detailed Error Information

ModuleCustomErrorModule
NotificationSendResponse
HandlerWebServiceHandlerFactory-ISAPI-2.0-64

Error Code0x8007000d

Requested
URLhttps://owa.external-domain.com:443/EWS/Exchange.asmx
Physical PathD:Program FilesExchange
ServerClientAccessexchwebEWSExchange.asmx
Logon MethodNot yet determined
Logon UserNot yet determined

Most likely causes:
The worker process is unable to read the applicationhost.config or
web.config file. There is malformed XML in the applicationhost.config
or web.config file. The server cannot access the
applicationhost.config or web.config file because of incorrect NTFS
permissions.

Things you can try:
Look in the event logs for information about why the configuration
files are not readable. Make sure the user identity specified for the
application pool, or the authenticated user, has the required permissions to
access the web.config file.

Links and More Information
This error occurs when there is a problem reading the configuration file for
the Web server or Web application. In some cases, the event logs may contain
more information about what caused this error.
View more information Ľ

...

--.
At line:1 char:24
+ Test-OutlookWebServices

Our Exchange 2010 deployment is pretty simple and stock standard.

Perimeter DMZ:

E14-EDGE

mail.domain.com -- (Hardware Load Balancing Proxy Device (F5 BigIP)).

Inside Corporate LAN:

E14-CAS

E14-HUB

Everything is working internally. †Externally OWA and Active-Sync are also working. †However, I'm now trying to enable OutlookAnywhere and it's not working. ††

If I go to†https://www.testexchangeconnectivity.com/†and do a Test, everything works right up to the End where it tries to RPC Ping. †AutoDiscover works, then finds the External URL. †It then tries to RPCPing that ExternalURL and it times out. † † All internal "Test-OutlookConnectivity" tests are Successful.

What am I missing? †Is there additional external ports I need to Load Balance/Proxy at the DMZ? †At the moment it's ONLY allow https/443. The F5 BigIP is Terminating the SSL, then it's re-transmitting the SSL packet back to the internal CAS: https://E14-CAS.domain.com. †As I said before, External AutoDiscover, OWA and Active-Sync are working.

Attempting to Ping RPC Proxy mail.domain.com

Cannot ping RPC Proxy

Additional Details

††Exception Details: Message: The operation has timed out

††Type: System.Net.WebException


Created UCC cert for webmail.domain.com, autodiscover.domain.com, and a few other ALTS I needed. Created SRV records on BOTH internal and external DNS servers as such:

and†

Using testexchangeconnectivity.com I get:

Attempting to test Autodiscover for user@domain.com † Testing Autodiscover failed. †

Test Steps † ExRCA is attempting each method of contacting the Autodiscover service. † The Autodiscover service couldn't be contacted successfully by any method. † Test Steps † Attempting to test potential AutoDiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml † Testing of this potential Autodiscover URL failed. † Test Steps † Attempting to resolve the host name domain.com in DNS. † Host successfully resolved † Additional Details † IP(s) returned: x.x.102.2 Testing TCP Port 443 on host domain.com to ensure it is listening and open. † The specified port is either blocked, not listening, or not producing the expected response. † †Tell me more about this issue and how to resolve it † Additional Details † A network error occurred while communicating with remote host
Exception details:
Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond x.x.102.2:443
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port)
at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.P erformTestReally()
Attempting to test potential AutoDiscover URL https://autodiscover.domain.com/Auto...toDiscover.xml † Testing of this potential Autodiscover URL failed. † Test Steps † Attempting to resolve the host name autodiscover.domain.com in DNS. † The Host could not be resolved. † †Tell me more about this issue and how to resolve it † Additional Details † Host autodiscover.domain.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTe st.PerformTestReally()
ExRCA is attempting to contact the Autodiscover service using the HTTP redirect method. † The attempt to contact Autodiscover using the HTTP Redirect method failed. † Test Steps † Attempting to resolve the host name autodiscover.domain.com in DNS. † The Host could not be resolved. † †Tell me more about this issue and how to resolve it † Additional Details † Host autodiscover.domaint.com could not be resolved in DNS Exception details:
Message: The requested name is valid, but no data of the requested type was found
Type: System.Net.Sockets.SocketException
Stack trace:
at System.Net.Dns.GetAddrInfo(String name)
at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6)
at System.Net.Dns.GetHostAddresses(String hostNameOrAddress)
at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTe st.PerformTestReally()
ExRCA is attempting to contact the Autodiscover service using the DNS SRV redirect method. † Failed to contact AutoDiscover using the DNS SRV redirect method. † Test Steps





Greatly appreciate any suggestions. Thanks!

Hi the Exchange 2007 Experts,

I have tried for long time to make our Exchange 2007 server working properly but have no luck on the 'Availability service'.

We have a single Exchange 2007 server on Windows Server 2003 Standard Edtion with all roles installed on the same server. The server has SP1 and update rollups 1 to 7 installed.

We are not able to use¬*a third party SAN certificate because we do not own¬*our internal domain name (the Active Directory and Exchaneg 2007 server has already been set up like this before me).

I have created a seperated web site for autodiacover and used the certificate with our external doamin name for the web sites (mail.external.com and autodiscover.external.com). I have updated both the Internal and external URLs for the web services to point to our external domain. I also created the DNS zone and 'A' records for our external domain in¬*AD.

The Autodiscover is working fine and it can return all the info with no error when I test it from the Outlook 2007 client. We do not have the certificate error when I open the Outlook 2007 client. The The OWA and Outlook Anywhere¬*are also working fine.

Our¬*major problem is with the Availability server (EWS) and ActiveSync.

For ActiveSync, when I first tried https://mail.external.com/Microsoft-Server-ActiveSync,¬*I got a 'web.config line 64 error' (cannot find the file for OwaModule). After I copied Microsoft.Exchange.Clients.Owa.dll from C:Program FilesMicrosoftExchange ServerClientAccessOwaBin to C:Program FilesMicrosoftExchange ServerClientAccessSyncBin, the 'web.config line 64' error went away and I can get the normal¬*'HTTP 501/HTTP505' error.

For EWS, when I try to run Test-OutlookWebServices -Identity User@external.com | fl, at the first tiem I got the 'web.config line 64' error similar to ActiveSync. I then tried to copy the same file to the C:Program FilesMicrosoftExchange ServerClientAccessexchwebewsbin folder, the 'web.config line 64' error did go away, but I get a new error:

¬*¬*¬* WARNING: An unexpected error has occurred and debug information is being generated: Client found response content type of 'text/html', but expected 'text/xml'.
¬*¬*¬* The request failed with an empty response.
¬*¬*¬* Test-OutlookWebServices : Client found response content type of 'text/html', but expected 'text/xml'.
¬*¬*¬* The request failed with an empty response.
¬*¬*¬*¬*At line:1 char:24

If I run Test-WebServicesConnectivity -ClientAccessServer MAIL -MailboxCredential (Get-Credential InternalUser), I got the following message:

¬*¬*¬*¬*¬*CasServer¬* MailboxServer¬* Scenario¬*¬*¬*¬*¬*¬*¬* Result¬* Latency(MS) Error
¬*¬*¬*¬* ---------¬*¬*¬*¬*¬* -------------¬*¬*¬*¬*¬* --------¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ------¬*¬* -----------¬*¬*¬*¬* -----
¬*¬*¬*¬*¬*mail¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* GetFolder¬*¬*¬*¬*¬*¬* Failure¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* [System.Net.WebException
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ]: The underlying connec
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* tion was closed: Could n
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ot establish trust relat
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ionship for the SSL/TLS
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* secure channel. Inner er
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ror [System.Security.Aut
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* hentication.Authenticati
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* onException]: The remote
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* certificate is invalid
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* according to the validat
¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ¬*¬*¬*¬*¬*¬*¬*¬*¬*¬* ion procedure.

If I run the same command with '-TrustAnySSLCertificate' parameter, I got nothing.

I have searched a lot on the internet but cannot find a solution. We have also tried to hire two outside consultants but still with no luck.

Any idea on where should I check and how to fix this is highly appreciated.

Thanks

Justin


Hi,

Have two hub/cas servers and two mbx servers.

cas01 and cas02.

This is what I have done:

Installed a digicert SAN on both servers:
- mail.company.com
- mail.company.local
- autodiscover.company.com
- legacy.company.com
- cas01.company.local
- cas02.company.local

Currently we dont want to use external access, we are going for TMG and external access after the summer!
Btw, outlook anywhere should work with single-sign-on internally without these -ExternalURL paths right?

These commands have I knocked both cas01 and cas02 servers with:

# Set-AutodiscoverVirtualDirectory "servernameautodiscover (default web site)" -InternalUrl https://cas01.company.com/autodiscover/autodiscover.xml -ExternalURL $null

# Set-WebServicesVirtualDirectory "servernameews (default web site)" -InternalURL http://mail.company.local/EWS/Exchange.asmx -ExternalUrl $null

# Set-OABVirtualDirectory "servernameoab (default web site)" -InternalURL http://mail.company.local/oab-ExternalUrl $null

# Set-ClientAccessServer servername -AutoDiscoverServiceInternalUri https://cas01.company.local/Autodiscover/Autodiscover.xml

The issues are highlighted here below in bold text!

-----------------------

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1019
Type†††††† : Information
Message††† : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://cas01.company.local/Autodisc...todiscover.xml.

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1012
Type†††††† : Warning
Message††† : XML>Unknown Node:AlternativeMailbox AlternativeMailbox Line:http://schemas.microsoft.com/exchange/autodisc
†††††††††††† over/outlook/responseschema/2006a

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1012
Type†††††† : Warning
Message††† : XML>Object being deserialized: Microsoft.Exchange.Management.SystemConfigurationT asks.AutoDiscoverAccount

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1012
Type†††††† : Warning
Message††† : XML>Element

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1012
Type†††††† : Warning
Message††† : XML>Unknown Element:System.Xml.XmlElement Line:25(7) ArchiveOnline Archive - awestwood/o=Company/ou=Exc
†††††††††††† hange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=Alex Westwood/guid=15affb56-b059-47d
†††††††††††† e-8b2e-5a5a90c49d5edc01.company.local

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1006
Type†††††† : Information
Message††† : Contacted the Autodiscover service at https://cas01.company.local/Autodiscover/Autodiscover.xml.

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1022
Type†††††† : Success
Message††† : Autodiscover was tested successfully.

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1024
Type†††††† : Success
Message††† : [EXCH] Successfully contacted the AS service at https://cas01.company.local/EWS/Exchange.asmx. T
†††††††††††† he elapsed time was 62 milliseconds.

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1026
Type†††††† : Success
Message††† : [EXCH] Successfully contacted the UM service at https://cas01.company.local/EWS/Exchange.asmx. T
†††††††††††† he elapsed time was 46 milliseconds.

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1124
Type†††††† : Success
Message††† : [Server] Successfully contacted the AS service at https://cas01.company.local/ews/exchange.a
†††††††††††† smx. The elapsed time was 62 milliseconds.

RunspaceId : d94fabdf-896d-4ada-b5fd-92625eb3dc8d
Id†††††††† : 1126
Type†††††† : Success
Message††† : [Server] Successfully contacted the UM service at https://cas01.company.local/ews/exchange.a
†††††††††††† smx. The elapsed time was 31 milliseconds.

†------------

I don't know what do do next, Reinstalled both CAS roles on both serves but same issue! What have I missed?


Issue:

Our Exchange Server had crashed one day, we were able to bring it back to life; however several of the services did not start up and we weren't able to send/receive email.  We called Microsoft support and a Technician remoted into our server and fixed our email to where we could send/receive email.  Currently these are the services and problems we are having issues with: Outlook Anywhere will not work at all, the 'out of office' feature in Outlook does not work, autodiscover, the address book does not update to all our users, and we get a message when running a 'test' on our autodiscover feature.

Error Messages:

Out of Office Assistant in Outlook (we can set Out of Office Assistant in OWA)

"Your out of office settings cannot be displayed because the server is currently unavailable. Try again later." and then Outlook program freezes and it closes and User has to launch it again.

Outlook Send/Receive Progress

"Task 'Microsoft Exchange' reported error (0x8004010F) : 'The operation failed. An object cannot be found.'"

From our Exchange Server--in IIS Manager --Autodiscover Home

When running a test settings for Autodiscover we get the following message:

Authentication: The application pool identity is valid.

Authorization: Cannot verify access to path (C:program filesmicrosoftexchange serverclient accessautodiscover). Then under Details it says: The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access.  Make sure that the application pool identityhas Read access to the physical path.  If this server is joined to a domain, and the application pool identity is NetworkService or Local System, verify that <domain><computer_name>$ has Read access to the physical path.  Then test these settings again.

Versions:

MS Server 2008 SP2

Exchange Server 2007 Version 08.02.0254.000

 

 

        &n bsp;  


Not finding an answer? Try a Google search.