locked
ActiveSync and SCP RRS feed

  • Question

  • I have a question about the Autodiscover process and an error we are receiving.

    Our forest is Crayon.com. We have two child domains, red.crayon.com and blue.crayon.com. Exchange is in blue.crayon.com.

    The primary smtp for red.crayon.com users is redcrayon.com. Redcrayon.com also has an external website on which the certificate recently expired.

    The other day internal redcrayon.com users launching Outlook would receive an error warning that the certificate “was expired or not yet valid”. More Information showed this to be the expired redcrayon.com certificate on the external server.

    If I am correct, the order of the autodiscover process for domain-joined internal clients is:

    Step 1:  The SCP URL

    Step 2:  https://redcrayon.com/autodiscover/autodiscover.xml

    Step 3:  https://autodiscover.redcrayon.com/autodiscover/autodiscover.xml

    Step 4:  http://autodiscover.redcrayon.com/autodiscover/autodiscover.xml

    Step 5:  SRV record

    It looks like are clients aren’t using the SCP URL and getting the cert error when they access https://redcrayon.com looking for the autodiscover.xml.

    I’ve pasted the SCP URL clients receive into a browser and it properly displays the XML so I am not sure why clients are continuing to Step 2 and receiving an authentication error.

    Thanks,

    Robert

    Thursday, March 27, 2014 11:46 PM

Answers

  • Question:
    Did you renew your certificate?

    http://blogs.technet.com/b/exchdxb/archive/2012/05/10/troublshooting-autodiscover-exchange-2007-2010.aspx

    I assume you are able to connect to Mailbox after the warning sign?


    Cheers,

    Gulab Prasad

    Technology Consultant

    Blog: http://www.exchangeranger.com    Twitter:   LinkedIn:
       Check out CodeTwo’s tools for Exchange admins

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Marked as answer by RTEAL Friday, March 28, 2014 5:45 PM
    Friday, March 28, 2014 9:19 AM

All replies

  • Hi

    The certificate error is probably coming from the EWS or OAB virtual directories, where do they point to?

    Steve

    Friday, March 28, 2014 9:08 AM
  • Question:
    Did you renew your certificate?

    http://blogs.technet.com/b/exchdxb/archive/2012/05/10/troublshooting-autodiscover-exchange-2007-2010.aspx

    I assume you are able to connect to Mailbox after the warning sign?


    Cheers,

    Gulab Prasad

    Technology Consultant

    Blog: http://www.exchangeranger.com    Twitter:   LinkedIn:
       Check out CodeTwo’s tools for Exchange admins

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Marked as answer by RTEAL Friday, March 28, 2014 5:45 PM
    Friday, March 28, 2014 9:19 AM
  • Correct, I am able to connect to the mailbox.
    Friday, March 28, 2014 3:19 PM
  • Using set-clientaccessserver I found the autodiscover URL had been mis-set.

    Thank you for your help.

    Friday, March 28, 2014 5:43 PM