Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Exchange Server 2007 - Autodiscover and RPC/HTTP help 2

Status
Not open for further replies.
lwalker07

lwalker07

IS-IT--Management
May 1, 2009
4
US
I've been banging my head against the wall with Exchange 2007 for the past few days.

Users can get mail without a problem and were getting autodiscover certificate errors. I got a UCC certificate and set up the SANs so that they aren't getting the error anymore but autodiscover and RPC still doesn't work.

It's Exchange 2007 SP1 on Server 2008. I've posted the get-outlookanywhere and get-clientaccessserver from the server and the results of the exchange test.

CAS

Name : CAS01
OutlookAnywhereEnabled : True
AutoDiscoverServiceCN : CAS01
AutoDiscoverServiceClassName : ms-Exchange-AutoDiscover-Service
AutoDiscoverServiceInternalUri : AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e7a48b19596
AutoDiscoverSiteScope : {Default-First-Site-Name}
IsValid : True
OriginatingServer : DC.domain.local
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=CAS01,CN=Servers,CN=Exchange Adminis
trative Group (FYDIBOHF23SPDLT),CN=Administrat
ive Groups,CN=First Organization,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=bhmi,
DC=add
Identity : CAS01
Guid : e7e7cd6f-01c2-4364-a3b9-971d170fc954
ObjectCategory : domain.local/Configuration/Schema/ms-Exch-Exchange
-Server
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 5/1/2009 10:00:34 AM
WhenCreated : 10/31/2008 11:34:24 AM

OUTLOOK ANYWHERE

ServerName : CAS01
SSLOffloading : False
ExternalHostname : mail.externaldomain.com
ClientAuthenticationMethod : Basic
IISAuthenticationMethods : {Basic}
MetabasePath : IIS://CAS01.domain.local/W3SVC/1/ROOT/Rpc
Path : C:\Windows\System32\RpcProxy
Server : CAS01
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Rpc (Default Web Site)
DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=
CAS01,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,
CN=First Organization,CN=Microsoft Exchange,CN=Ser
vices,CN=Configuration,DC=bhmi,DC=add
Identity : CAS01\Rpc (Default Web Site)
Guid : 828800a2-e45d-4b9f-997c-b54306986449
ObjectCategory : domain.local/Configuration/Schema/ms-Exch-Rpc-Http-Vir
tual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtual
Directory}
WhenChanged : 4/29/2009 5:12:09 PM
WhenCreated : 4/29/2009 5:12:09 PM
OriginatingServer : DC.domain.local
IsValid : True

Attempting each method of contacting the AutoDiscover Service
Failed to contact the AutoDiscover service successfully by any method
Test Steps
Attempting to test potential AutoDiscover URL Failed testing this potential AutoDiscover URL
Test Steps
Attempting to Resolve the host name alternateexternaldomain.com in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 216.160.*.*

Testing TCP Port 443 on host alternateexternaldomain.com to ensure it is listening/open.
The port was opened successfully.

Testing SSLCertificate for validity.
The SSLCertificate failed one or more certificate validation checks.


Additional Details
The name on the certificate does not match the name alternateexternaldomain.com



Attempting to test potential AutoDiscover URL Failed testing this potential AutoDiscover URL
Test Steps
Attempting to Resolve the host name autodiscover.alternateexternaldomain.com in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 216.160.*.*

Testing TCP Port 443 on host autodiscover.alternateexternaldomain.com to ensure it is listening/open.
The port was opened successfully.

Testing SSLCertificate for validity.
The certificate passed all validation requirements.
Additional Details
Subject: CN=autodiscover.desertvalleyhomecare.com, OU=Domain Control Validated, O=autodiscover.desertvalleyhomecare.com, Issuer SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU= O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Attempting to Retrieve XML AutoDiscover Response from url for user lee@alternateexternaldomain.com
Failed to obtain AutoDiscover XML response.
Additional Details
A Web Exception occured because an HTTP 400 - BadRequest response was received from Unknown



Attempting to contact the AutoDiscover service using the HTTP redirect method.
Failed to contact AutoDiscover using the HTTP Redirect method
Test Steps
Attempting to Resolve the host name autodiscover.alternateexternaldomain.com in DNS.
Host successfully Resolved
Additional Details
IP(s) returned: 216.160.*.*

Testing TCP Port 80 on host autodiscover.alternateexternaldomain.com to ensure it is listening/open.
The specified port is either blocked, not listening, or not producing the expected response.


Additional Details
A network error occurred while communicating with remote host: Exception Details: Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 216.160.*.*:80 Type: System.Net.Sockets.SocketException Stack Trace: at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port) at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally()



Attempting to contact the AutoDiscover service using the DNS SRV redirect method.
Failed to contact AutoDiscover using the DNS SRV redirect method.
Test Steps
Attempting to locate SRV record _autodiscover._tcp.alternateexternaldomain.com in DNS.
Failed to find AutoDiscover SRV record in DNS.
 
Sort by date Sort by votes
Update--

RPC over HTTP works according to When I attempt to use it myself though I get an unlimited password prompt. I continue to input it and it doesn't seem to have an end. I only tried it about 11 times.

I have RPC set for basic authentication just like the server...

Any ideas?
 
Upvote 0 Downvote
Make sure your proxy authentication settings (in the microsoft exchange proxy settings dialog) are set to basis authentication - I see that problem when I forget to change it from NTLM to basic.

on the autodiscover when you go to:
do you get a login and then when you login do you get I think its an error 600 - I can't find where I just did this today - but then if you look at the source on the page it should show you the autodisovery information


not sure if this will help but I hope so.

Lirria
 
Upvote 0 Downvote
If I try to go to... I get prompted and then sent to OWA, I log into OWA and it puts me at and gives me a Server Error - 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.

With the password issue I have it set to Basic, was hoping I forgot about that but sadly it's right.

Thanks,
Lee
 
Upvote 0 Downvote
Hmm Ok - let me think on it and see if I can come up with something else to look at.

Lirria
 
Upvote 0 Downvote
Couple of questions


If you have a non domain joined machine, is autodiscover working from inside. If so configure that profile and use it as the base one for connecting from outside. If it ain't its pretty easy to hunt down what isn't working here.

Is rpc working from inside?

Is there a nlb cas involved?

Also assuming you are using ISA, put autodiscover on a different listener on another ip then owa and everything else. Will make life tons easier as there are some limitation around using it on the same listener as owa

 
Upvote 0 Downvote
My work laptop is on a seperate domain and while I'm VPN'd in I can setup a profile. I have to manually do this and it won't do this with autodiscover but this could be because I'm using the VPN.

If I turn on RPC while VPN'd in it stops working and just begins the infinite loop of password prompting. This is the same behavior I get when I'm not VPN'd in and I try RPC.

NLB CAS? Network Load Balancing? I wasn't aware this was a requirement or even a possibility for a CAS, sorry, like I said I'm new to this. What would the point be? This is a small environment with 1 exchange server, 2 DC's(one in a remote site) and one application server.

Do move autodiscover to a different listener I'd have to use a seperate server, correct?

Thanks,
Lee
 
Upvote 0 Downvote
On a inside machine, put a static hosts mapping for your external url to point to the autodiscover record on the internal ip address.

If this doesn't work then post the results of the outlook 07 test.

Need to ensure its working internally on a non domain joined machine first before trying outside as there are different problems which can stop it working. The vpn shouldn't affect the outcome as long as it on the internal network

For the seperate listener its just another ip address bound to your isa server.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
1K
PatrickRoggers
PatrickRoggers
T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
1K
DrB0b
DrB0b
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
1K
ComputersUnlimited
ComputersUnlimited
Satishkumar007
  • Locked
  • Question
Help needed to recover after complete site failure
Replies
0
Views
1K
Satishkumar007
Satishkumar007
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher

Part and Inventory Search

Sponsor

Back
Top