Publishing Autodiscover and Outlook Anywhere from different trunks RRS feed

  • Question

  • Hi!

    Is it a supported (working ...) configuration with UAG to publish Autodiscover and Outlook Anywhere from different HTTPS trunks? (some mobile devices cannot handle SAN certificates)



    Juha-Pekka Posti




    Tuesday, June 7, 2011 9:42 AM

All replies

  • Hi!

    I got confirmation that Autodiscover and Outlook Anywhere should work - run from separate trunks.

    Anyway, I still get the error below. This "scenario" seems to be quite common. Sigh!

    Testing HTTP Authentication Methods for URL
    The HTTP authentication test failed.
    <label for="testSelectWizard_ctl12_ctl06_ctl06_tmmArrow">Tell me more about this issue and how to resolve it</label>
    Additional Details
    The Initial Anonymous HTTPS request didn't fail, but Anonymous isn't a supported authentication method for this scenario.




    Wednesday, June 8, 2011 5:58 AM
  • Hi Juha-Pekka,

    You should not be concerned about the error you're seeing when using the Exchange Remote Connectivity Analyzer tool, since what you see there is a false alarm. 

    The Exchange Remote Connectivity Analyzer tool wrongly reports an error since, when the tool sends a request to UAG to the URL, UAG replies with its logon form, while the tool expects to receive back an HTTP 401 response. 

    However, if the tool would have sent the correct full URL that an OutlookAnywhere client sends, which is, then UAG would have replied with the expected HTTP 401 status.

    We (the UAG team ) have already reported the issue to the Exchange team.



    • Proposed as answer by Ran [MSFT] Sunday, July 24, 2011 7:30 AM
    Thursday, June 9, 2011 12:41 PM
  • Thanks, Ran!


    There are still some challenges in publishing OA with UAG – and I would be very happy, if you would confirm or reply to the following

    ·        Is it generally a bad idea to have Exchange ClientArray used in publishing OA w/ KCD? (SPN http/

    ·        Is delegating UAG in AD for ClientArray (again, http/ supposed to work?

    ·        We have F5 in between the UAG and Exchange servers (IPv6 not configured, but is bound in all servers) – is that ok? (not my decision to have it there)

    ·        Is the net result exactly the same, if we

    o   Publish all Exchange services with one sweep, when creating the https trunk

    o   Publish first OWA and ActiveSync (after publishing the basic https trunk) and then later add OA as a new application to the same trunk

    o   Publish OWA and ActiveSync (after publishing the basic https trunk) – and then add OA to the “same application”, where already OWA and ActiveSync reside (should make no difference, but I am beginning to see ghosts everywhere …)




    Friday, June 10, 2011 7:32 AM