Exchange 2007 - RPC over HTTP and Autodiscover issues
I've been banging my head against the wall with Exchange 2007 for the past few days.Users can get mail without a problem and were getting autodiscover certificate errors.I got a UCC certificate and set up the SANs so that they aren't getting the error anymore but autodiscover and RPC still doesn't work.It's Exchange 2007 SP1 on Server 2008.I've posted the get-outlookanywhere and get-clientaccessserver from the server and the results of the exchange test.CASName: CAS01OutlookAnywhereEnabled: TrueAutoDiscoverServiceCN: CAS01AutoDiscoverServiceClassName: ms-Exchange-AutoDiscover-ServiceAutoDiscoverServiceInternalUri : http://mail.externaldomain.com/AutoDiscoverServiceGuid: 77378f46-2c66-4aa9-a6a6-3e7a48b19596AutoDiscoverSiteScope: {Default-First-Site-Name}IsValid: TrueOriginatingServer: DC.domain.localExchangeVersion: 0.1 (8.0.535.0)DistinguishedName: CN=CAS01,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=MicrosoftExchange,CN=Services,CN=Configuration,DC=bhmi,DC=addIdentity: CAS01Guid: e7e7cd6f-01c2-4364-a3b9-971d170fc954ObjectCategory: domain.local/Configuration/Schema/ms-Exch-Exchange-ServerObjectClass: {top, server, msExchExchangeServer}WhenChanged: 5/1/2009 10:00:34 AMWhenCreated: 10/31/2008 11:34:24 AMOUTLOOK ANYWHEREServerName: CAS01SSLOffloading: FalseExternalHostname: mail.externaldomain.comClientAuthenticationMethod : BasicIISAuthenticationMethods: {Basic}MetabasePath: IIS://CAS01.domain.local/W3SVC/1/ROOT/RpcPath: C:\Windows\System32\RpcProxyServer: CAS01AdminDisplayName:ExchangeVersion: 0.1 (8.0.535.0)Name: Rpc (Default Web Site)DistinguishedName: CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=CAS01,CN=Servers,CN=Exchange AdministrativeGroup (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=bhmi,DC=addIdentity: CAS01\Rpc (Default Web Site)Guid: 828800a2-e45d-4b9f-997c-b54306986449ObjectCategory: domain.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-DirectoryObjectClass: {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}WhenChanged: 4/29/2009 5:12:09 PMWhenCreated: 4/29/2009 5:12:09 PMOriginatingServer: DC.domain.localIsValid: TrueAttempting each method of contacting the AutoDiscover ServiceFailed to contact the AutoDiscover service successfully by any methodTest StepsAttempting to test potential AutoDiscover URL https://alternateexternaldomain.com/AutoDiscover/AutoDiscover.xmlFailed testing this potential AutoDiscover URLTest StepsAttempting to Resolve the host name alternateexternaldomain.com in DNS.Host successfully ResolvedAdditional DetailsIP(s) returned: 216.160.*.*Testing TCP Port 443 on host alternateexternaldomain.com to ensure it is listening/open.The port was opened successfully.Testing SSLCertificate for validity.The SSLCertificate failed one or more certificate validation checks.Additional DetailsThe name on the certificate does not match the name alternateexternaldomain.comAttempting to test potential AutoDiscover URL https://autodiscover.alternateexternaldomain.com/AutoDiscover/AutoDiscover.xmlFailed testing this potential AutoDiscover URLTest StepsAttempting to Resolve the host name autodiscover.alternateexternaldomain.com in DNS.Host successfully ResolvedAdditional DetailsIP(s) returned: 216.160.*.*Testing TCP Port 443 on host autodiscover.alternateexternaldomain.com to ensure it is listening/open.The port was opened successfully.Testing SSLCertificate for validity.The certificate passed all validation requirements.Additional DetailsSubject: CN=autodiscover.externaldomain.com, OU=Domain Control Validated, O=autodiscover.externaldomain.com, Issuer SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=USAttempting to Retrieve XML AutoDiscover Response from url https://autodiscover.alternateexternaldomain.com/AutoDiscover/AutoDiscover.xml for user lee@alternateexternaldomain.comFailed to obtain AutoDiscover XML response.Additional DetailsA Web Exception occured because an HTTP 400 - BadRequest response was received from UnknownAttempting to contact the AutoDiscover service using the HTTP redirect method.Failed to contact AutoDiscover using the HTTP Redirect methodTest StepsAttempting to Resolve the host name autodiscover.alternateexternaldomain.com in DNS.Host successfully ResolvedAdditional DetailsIP(s) returned: 216.160.*.*Testing TCP Port 80 on host autodiscover.alternateexternaldomain.com to ensure it is listening/open.The specified port is either blocked, not listening, or not producing the expected response.Additional DetailsA network error occurred while communicating with remote host: Exception Details: Message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 216.160.*.*:80 Type: System.Net.Sockets.SocketException Stack Trace: at System.Net.Sockets.TcpClient.Connect(String hostname, Int32 port) at Microsoft.Exchange.Tools.ExRca.Tests.TcpPortTest.PerformTestReally() Attempting to contact the AutoDiscover service using the DNS SRV redirect method.Failed to contact AutoDiscover using the DNS SRV redirect method.Test StepsAttempting to locate SRV record _autodiscover._tcp.alternateexternaldomain.com in DNS.Failed to find AutoDiscover SRV record in DNS.RPC over HTTP works according to https://www.testexchangeconnectivity.com/.When I attempt to use it myself though I get an unlimited password prompt.I continue to input it and it doesn't seem to have an end. I only tried it about 11 times.I have RPC set for basic authentication instead of NTLM so that is correct.Any ideas?Thanks,Lee
May 2nd, 2009 1:48am

Hi,After viewing the configuration of the Outlook Anywhere, I found the ClientAuthenticationMethod is Basic, please change it to NTLM. And also ensure the NTLM is used on the client side.After that, please check this issue. If the issue persists, please refer to the below link to check this issue:http://technet.microsoft.com/en-us/library/cc411324.aspxMoreover, you have to look at your certificate for the issued to name and put it at the CertPrincipalName.Set-OutlookProvider EXPR -CertPrincipalName msstd:test.domain.comThanksAllen
Free Windows Admin Tool Kit Click here and download it now
May 6th, 2009 9:35am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics