locked
Exchange 2007 Autodiscover Not Working RRS feed

  • Question

  • Hi,

    We get the "Your Out Of Office settings cannot be displayed because the server is currently unavailable" message when attempting to configure OOF in outlook (2007 & 2010)

    I've tried adding an A record to DNS for Autodiscover....

    I've tried testing the email autoconfiguration via Outlook which fails as "Autoconfiguration was unable to determine my settings".

    I've also checked our Security certifcates and none seem to mention any address associated with AutoDiscover

    We're currently running Exchange 2007 on a W2K3 box.

    Any help would be appreciated. 

    Thanks

    Ayjay80


    • Edited by xxAsHxx Wednesday, August 24, 2011 11:52 AM
    Tuesday, August 23, 2011 10:43 AM

Answers

  • Hi Ash,

     

     

    The OOF issue occurs in your internal network, I don’t think the report provided by Remote Connectivity Analyzer is worth to try.

     

    Before you change the certificate, I would suggest you try the steps below:

     

    1.    Run Test-OutlookWebServices in your CAS server to see what URLs are set, and if there is any error.

     

    You may poste the result so that I can help you analyze the report.

     

    2.    Try the Autodiscover URL returned by Test-OutlookWebServices in the client machine to see if you are able to access.

     

    The expected result is an error code 600. If this works, that means your internal DNS record as well as this Autodiscover virtual directory in the CAS server is working fine.

     

    If necessary, try the URL https://localhost/autodiscover/autodiscover.xml in your CAS server (localhost is mismatch with your certificate, you will receive certificate error when you test. it is not need to worry). it could help isolate the fault from virutal directory.

     

    3.    Verify if you have setup any IE proxy in your client computer.

     

    Keep me posted


    Fiona

    • Marked as answer by Fiona_Liao Monday, September 5, 2011 3:37 AM
    Thursday, August 25, 2011 6:33 AM

All replies

  • Hello,

    this behaviour is normal. After the "Set-" you won't see any output. You can verify the settings with Get-AutodiscoverVirtualDirectory | fl.

    Has the change of the internal URL solved the problem?

    You can also execute the Exchange Remote Connectivity Analyzer to check if there's a problem:

    https://www.testexchangeconnectivity.com/

    Greetings,

    Toni

    Tuesday, August 23, 2011 6:31 PM
  • Hi Toni,

     

    Thanks for the reply, i'll double check tomorrow, but i'm almost certain that the url isn't being amended after I've used the Set- command.

     

    Just to check, the AutoDiscover internal URL which Exchange is currently set to "https://mail.domain.com/AutoDiscover/AutoDiscover.xml". The URL i'm trying to amend it to is https://mailbox.guest.motors/AutoDiscover/AutoDiscover.xml (mailbox.guest.motors is the FQDN name for our Exchange server). If I go to the "mailbox.guest.motors" URL in internet explorer, I arrive at a page of XML code, the "mail.domain.com" URL returns a "page cannot be displayed" error message. Taking that into consideration, I assume that the correct Internal AutoDiscover URL for us is https://mailbox.guest.motors/AutoDiscover/AutoDiscover.xml?

     

    I'll try the Exchange Remote Connectivity Analyzer tomorrow also.

     

    Thanks

     

    Ash

    Tuesday, August 23, 2011 8:05 PM
  • Hello,

    the XML code page should be correct.

    Is mail.domain.com your external domain (from which Exchange is accessable from outside your network) and mailbox,guest.motors your internal domain? If yes your InternalURI should point to mailbox.guest.motors and your ExternalURI to mail.domain.com.

    Greetings,

    Toni

    Tuesday, August 23, 2011 9:03 PM
  • Morning Toni,

    FYI our external name is guests.co.uk

    We're heading in the right direction now, I've successfully amended the InternalURI to "mailbox.guest.motors" which has now enabled me to run the "Test Email AutoConfiguration" tool in outlook. However, I still have the OOF error and a security alert now pops up when opening Outlook explaining that the name on the certificate doesn't match. We currently have 5 security certificates, should we only have one containing all of our domain names?

    This is the results from Exchange Remote Connectivity Analyzer

    Exchange Web Services synchronization, notification, availability, and Automatic Replies (OOF).
     Not all of the tests of Exchange Web Services tasks completed.
     

    Test Steps
     ExRCA is attempting to test Autodiscover for xxxxx.xxxxxx@guests.co.uk.
     Testing Autodiscover failed.
     Test Steps
     Attempting each method of contacting the Autodiscover service.
     The Autodiscover service couldn't be contacted successfully by any method.
     Test Steps
     Attempting to test potential Autodiscover URL https://guests.co.uk/AutoDiscover/AutoDiscover.xml
     Testing of this potential Autodiscover URL failed.
     Test Steps
     Attempting to resolve the host name guests.co.uk in DNS.
     The host name resolved successfully.
     Additional Details
     IP addresses returned: 217.68.241.160

    Testing TCP port 443 on host guests.co.uk to ensure it's listening and open.
     The port was opened successfully.
    Testing the SSL certificate to make sure it's valid.
     The SSL certificate failed one or more certificate validation checks.
     Test Steps
     ExRCA is attempting to obtain the SSL certificate from remote server guests.co.uk on port 443.
     ExRCA successfully obtained the remote SSL certificate.
     Additional Details
     Remote Certificate Subject: CN=secure7.eliteukserve.net, OU=Secure Services, O=Elite Limited, L=Portsmouth, S=Hampshire, C=GB, Issuer: E=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, S=Western Cape, C=ZA.

    Validating the certificate name.
     Certificate name validation failed.
      Tell me more about this issue and how to resolve it
     Additional Details
     Host name guests.co.uk doesn't match any name found on the server certificate CN=secure7.eliteukserve.net, OU=Secure Services, O=Elite Limited, L=Portsmouth, S=Hampshire, C=GB.

    Attempting to test potential Autodiscover URL https://autodiscover.guests.co.uk/AutoDiscover/AutoDiscover.xml
     Testing of this potential Autodiscover URL failed.
     Test Steps
     Attempting to resolve the host name autodiscover.guests.co.uk in DNS.
     The host name couldn't be resolved.
      Tell me more about this issue and how to resolve it
     Additional Details
     Host autodiscover.guests.co.uk couldn't be resolved in DNS InfoDomainNonexistent.

    Attempting to contact the Autodiscover service using the HTTP redirect method.
     The attempt to contact Autodiscover using the HTTP Redirect method failed.
     Test Steps
     Attempting to resolve the host name autodiscover.guests.co.uk in DNS.
     The host name couldn't be resolved.
      Tell me more about this issue and how to resolve it
     Additional Details
     Host autodiscover.guests.co.uk couldn't be resolved in DNS InfoDomainNonexistent.

    Attempting to contact the Autodiscover service using the DNS SRV redirect method.
     ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
     Test Steps
     Attempting to locate SRV record _autodiscover._tcp.guests.co.uk in DNS.
     The Autodiscover SRV record wasn't found in DNS.
      Tell me more about this issue and how to resolve it

     

    In DNS, I have set Autodiscover.guests.co.uk to resolve to the IP address of our Exchange server....

     

    Thanks

     

    Ash


    • Edited by xxAsHxx Wednesday, August 24, 2011 8:21 AM Missed stuff out
    Wednesday, August 24, 2011 7:30 AM
  • Hello,

    your internal clients get a certificate with your external domain name. You have to obtain a certificate with following SAN names on it:

    - the internal DNS name of your Exchange Server

    - the external DNS name of your Exchange Server

    - the internal domain with host autodiscover (e.g. autodiscover.guest.motors)

    - the external domain with host autodiscover (e.g. autodiscover.guests.co.uk)

    Enable this certificate in Exchange at least for IIS service (you can also enable it for the other services as needed).

    Greetings,

    Toni

    Wednesday, August 24, 2011 8:25 AM
  • Thanks Toni,

    Across all of the Certifcates we've got,  they cover IIS, IMAP, SMTP, POP. If I obtain one new certificate with all of the info you've listed above and add all of the services i've listed to that new certificate, can I then delete the rest of the old certificates?? Old certificates are for domain names mailbox.guests.co.uk, www.mailbox.guests.co.uk, mailbox, mailbox.guest.motors

    Do you think that will solve the OOF error aswell?

     

    Thanks


    Ash

    Wednesday, August 24, 2011 8:51 AM
  • Hello,

    do you use one of these certificates for a webserver as well? (because of "www."?) If yes you have to add the www host as well in the SAN names. I'd prefer to add the NetBIOS ("mailbox") too. Just don't forget to add the "autodiscover" hosts.

    You said you've added a DNS entry for autodiscover. When you want autodiscover to work from outside your network you should add an autodiscover entry in your external DNS as well.

    With autodiscover working correctly your OOF should work as well.

    Greetings,

    Toni

    Wednesday, August 24, 2011 9:11 AM
  • Hi Toni,

    Yes, I've set autodiscover.guests.motors in DNS (in DNS\Mailbox\Forward Lookup Zones\guest.motors) which points to the IP address of our exchange server...

    My plan is a certificate for

    - the internal DNS name of your Exchange Server (mailbox.guest.motors, mailbox)

    - the external DNS name of your Exchange Server (mailbox.guests.co.uk, www.mailbox.guests.co.uk)

    - the internal domain with host autodiscover (autodiscover.guest.motors)

    - the external domain with host autodiscover (autodiscover.guests.co.uk)

    Enable this certificate in Exchange for IIS, POP, SMTP, IMAP

    And remove the old certificates...

    I'm going to find out about the www. domain name.

    Thanks

    Ash

     

    Wednesday, August 24, 2011 9:26 AM
  • Hi Ash,

     

     

    The OOF issue occurs in your internal network, I don’t think the report provided by Remote Connectivity Analyzer is worth to try.

     

    Before you change the certificate, I would suggest you try the steps below:

     

    1.    Run Test-OutlookWebServices in your CAS server to see what URLs are set, and if there is any error.

     

    You may poste the result so that I can help you analyze the report.

     

    2.    Try the Autodiscover URL returned by Test-OutlookWebServices in the client machine to see if you are able to access.

     

    The expected result is an error code 600. If this works, that means your internal DNS record as well as this Autodiscover virtual directory in the CAS server is working fine.

     

    If necessary, try the URL https://localhost/autodiscover/autodiscover.xml in your CAS server (localhost is mismatch with your certificate, you will receive certificate error when you test. it is not need to worry). it could help isolate the fault from virutal directory.

     

    3.    Verify if you have setup any IE proxy in your client computer.

     

    Keep me posted


    Fiona

    • Marked as answer by Fiona_Liao Monday, September 5, 2011 3:37 AM
    Thursday, August 25, 2011 6:33 AM
  • Any update?


    Fiona
    Friday, August 26, 2011 8:13 AM
  • Morning Fiona,

     

    Apologies for the long delay in replying....

     

    When I run Test-OutlookWebServices this is what I get

     

       Id                       Type Message                 
                            --                       ---- -------                 
                          1003                Information About to test AutoDisc...
                          1007                Information Testing server mailbox...
                          1019                Information Found a valid AutoDisc...
                          1005                      Error When accessing https:/...
                          1005                    Warning When accessing https:/...
                          1006                Information The Autodiscover servi...
                          1016                    Success [EXCH]-Successfully co...
                          1015                    Success [EXCH]-Successfully co...
                          1013                      Error When contacting https:...
                          1014                      Error [EXCH]-Error when cont...
                          1005                    Warning When accessing https:/...
                          1013                      Error When contacting https:...
                          1016                      Error [EXPR]-Error when cont...
                          1015                Information [EXPR]-The OAB is not ...
                          1014                Information [EXPR]-The UM is not c...
                          1005                    Warning When accessing https:/...
                          1017                    Success [EXPR]-Successfully co...
                          1006                    Success The Autodiscover servi...
                          1021                Information The following web serv...

     

    I don't seem to be able to expand the message column even after exporting to text file first...

     

    Thanks

     

    AShley

    Tuesday, January 24, 2012 9:26 AM
  • Also,

     

    I did set our autodiscover url to https://mailbox.guest.motors/AutoDiscover/AutoDiscover.xml which takes me to the following page

     

    <?xml version="1.0" encoding="UTF-8"?>
    -<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
      -<Response>
        - <Error Id="805887838" Time="09:29:15.7798801">
             <ErrorCode>600</ErrorCode>
             <Message>Invalid Request</Message>
             <DebugData/>
          </Error>
       </Response>
    </Autodiscover>

     

    We do use a proxy, but we bypass it for local addresses anyway.

     

    Thanks

     

    Ashley

    Tuesday, January 24, 2012 9:41 AM