Hello All,I am having a problem with internet based Outlook 2007 clients being provided with the local exchange server address.I understand that this issue is all over the web, and has been resolved many times, but I appear to have a different problem.We have a single Exchange 2007 machine running all possible roles (CAS, Transport etc). We migrated to this server from Exchange 2003.We have an SSL cert for exchange.contonso.com.We have public DNS entries for exchange.contoso.com and autodiscover.contoso.com.We have local DNS entries which point exchange.contonoso.com and autodiscover.contoso.com to the internal Exchange 2007 server address.I performed the following steps:Instaled RPC over HTTPEnabled Outlook Anywhere using NTLM and the external address.I ran the following commands to set all internal URLs to the public DNS name (subsituting the correct server names where the variables are shown), as well as the external URLs:Get-ClientAccessServer | Set-ClientAccessServer -AutodiscoverServiceInternalUri https://$URLNAME/autodiscover/autodiscover.xmlGet-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl https://$URLNAME/ews/exchange.asmxSet-OWAVirtualDirectory -identity "$computername\owa (Default Web Site)" -InternalURL https://$URLNAME/owa -ExternalURL https://$URLNAME/owaGet-OABVirtualDirectory | Set-OABVirtualDirectory -InternalURL https://$URLNAME/OAB -ExternalURL https://$URLNAME/owaGet-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -InternalURL https://$URLNAME/Microsoft-Server-ActiveSync -ExternalURL https://$URLNAME/Microsoft-Server-ActiveSyncSet-OutlookAnywhere -identity "$computername\RPC (Default Web Site)" -ExternalHostname $URLNAMEAutodiscover works fine for internal machines, running Test Email Autoconfiguration results in an XML file where every server name (refercing exchange) points to the correct external address with the exception of <Type>EXCH</Type>, as well as various AD entries which point to local DNS names.Autodiscover from internet machines fails when the local server name is supplied as the exchange server address.Thank you.

Hi,What I see above it is missing (or you may just not mentioned) SAN field from your SSL certificate. I'd like to have some more information:What type of firewall are you using?All of the required virtual directories are published correctly?You can test your system from outside with this tool:http://msexchangeteam.com/archive/2009/03/25/450908.aspxRegards,Zoltnhttp://www.clamagent.org - Free Antivirus for Exchange http://www.it-pro.hu http://emaildetektiv.hu

When I generated the cert request in EMS I used:exchangeexchange.contoso.localexchange.contoso.comautodiscover.contoso.comBut the cert received from GoDaddy appears to only have thecommon name exchange.contoso.com, which makes OWA work great, but when connecting to the autodiscover server I get an error about the SSL name not matching, but I have no problem with having to click Yes to continue. As a result the test that you posted fails because it wont continue past an SSL error. The Godaddy cert apperently does not support SAN without paying extra.The firewall is an Adtran 1335.The autodiscover, rpcwithcert directories are published.When testing with outlook I get an SSL name mismatch (but I can live with that), I am then prompted for logon credentials for autodiscover.contoso.com, the connection eventually fails and I am given a prompt showing the Microsoft Exchange Server address as exchange.local.

Hi,As I know you should publish rpc virtual directory and not rpcwithcert even if you are using SSL.And check whathttp verbs allowed by your firewall.Regards,Zoltn http://www.clamagent.org - Free Antivirus for Exchangehttp://www.it-pro.huhttp://emaildetektiv.hu

OWA and Autodiscover both work, but Autodiscover reports the wrong server name, it uses the local server name.I have split DNS configured, and I am mpre than happy to make autodiscover force internal and external clients to use the external address when using autodiscover.Would http verbs still be an issue here?

I ran these commands: Set-OutlookProvider -Identity EXCH -Server CASSERVER -CertPrincipalName mail.abc.com Set-OutlookProvider -Identity EXPR -Server CASSERVER -CertPrincipalName mail.abc.com Set-OutlookProvider -Identity WEB -Server CASSERVER -CertPrincipalName mail.abc.comMy initial test, using an internal client and autodiscover, yieleded no change. Autodiscover still reported the local exchange server address.I am currently restarting the exchange server to see if that is required. I will then check the Outlook 2007 "test Email" function and post the results.

Autodiscover as seen from a local machine:<?xml version="1.0" encoding="utf-8"?><Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> <User> <DisplayName>My Name</DisplayName> <LegacyDN>/o=Contoso Organization/ou=First Administrative Group/cn=Recipients/cn=myname</LegacyDN> <DeploymentId>af3fb63d-5151-4417-9929-19cc8455db86</DeploymentId> </User> <Account> <AccountType>email</AccountType> <Action>settings</Action> <Protocol> <Type>EXCH</Type> <Server>exchange.contoso.local</Server> <ServerDN>/o=Contoso Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCHANGE</ServerDN> <ServerVersion>720180F0</ServerVersion> <MdbDN>/o=Contoso Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCHANGE/cn=Microsoft Private MDB</MdbDN> <PublicFolderServer>exchange.contoso.local</PublicFolderServer> <AD>PDC.contoso.local</AD> <ASUrl>https://exchange.contoso.contosocom/ews/exchange.asmx</EwsUrl> <OOFUrl>https://exchange.contoso.com/ews/exchange.asmx</OOFUrl> <UMUrl>https://exchange.contoso.com/unifiedmessaging/service.asmx</UMUrl> <OABUrl>Public Folder</OABUrl> <CertPrincipalName>exchange.contoso.com</CertPrincipalName> </Protocol> <Protocol> <Type>EXPR</Type> <Server>exchange</Server> <ASUrl>https://exchange.contoso.com/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://exchange.contoso.com/EWS/Exchange.asmx</EwsUrl> <OOFUrl>https://exchange.contoso.com/EWS/Exchange.asmx</OOFUrl> <OABUrl>Public Folder</OABUrl> <CertPrincipalName>exchange.contosocom</CertPrincipalName> </Protocol> <Protocol> <Type>WEB</Type> <External> <OWAUrl AuthenticationMethod="Fba">https://exchange.contoso.com/owa</OWAUrl> <Protocol> <Type>EXPR</Type> <ASUrl>https://exchange.contosocom/EWS/Exchange.asmx</ASUrl> </Protocol> </External> <Internal> <OWAUrl AuthenticationMethod="Basic, Fba">https://exchange.contosocom/owa</OWAUrl> <Protocol> <Type>EXCH</Type> <ASUrl>https://exchange.contoso.com/ews/exchange.asmx</ASUrl> </Protocol> </Internal> </Protocol> </Account> </Response></Autodiscover>

Also set the following:Set-OutlookProvider -identity EXPR -CertPrincipalname msstd:mail.ourdomain.eduOutlook anywhere / autodiscover (internal and external) still provides:http://i540.photobucket.com/albums/gg354/q2418130103p/contoso.jpg

Hi,If you check the server name in the Outlook under the Account Settings it will always show the internal url. The external url could be found under the More Settings / Connection tab / Exchange Proxy Settings.What I see in your confiuration file that the external server name is incorrect here: <Protocol> <Type>EXPR</Type> <Server>exchange</Server> <ASUrl>https://exchange.contoso.com/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://exchange.contoso.com/EWS/Exchange.asmx</EwsUrl> <OOFUrl>https://exchange.contoso.com/EWS/Exchange.asmx</OOFUrl> <OABUrl>Public Folder</OABUrl> <CertPrincipalName>exchange.contosocom</CertPrincipalName> </Protocol>There should be your external url. This is generated from the OutlookAnywhere settings. Could you please copy here the result of this command:Get-OutookAnywhereRegards,Zoltnhttp://www.clamagent.org - Free Antivirus for Exchange http://www.it-pro.hu http://emaildetektiv.hu

I see, so that server name will always be listed as internal, but for external clients autodiscover will fill in the appropriate proxy information to make the name relevant, correct?[PS] C:\Windows\System32>Get-OutlookAnywhere ServerName : EXCHANGESSLOffloading : FalseExternalHostname : exchange.contoso.comClientAuthenticationMethod : NtlmIISAuthenticationMethods : {Ntlm}MetabasePath : IIS://EXCHANGE.Contoso.local/W3SVC/1/ROOT/RpcPath : C:\Windows\System32\RpcProxyServer : EXCHANGEAdminDisplayName :ExchangeVersion : 0.1 (8.0.535.0)Name : Rpc (Default Web Site)DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN= EXCHANGE,CN=Servers,CN=Exchange Administrative Group ( FYDIBOHF23SPDLT),CN=Administrative Groups,CN=ATG O rganization,CN=Microsoft Exchange,CN=Services,CN=C onfiguration,DC=CONTOSO,DC=localIdentity : EXCHANGE\Rpc (Default Web Site)Guid : b971db63-560d-4215-80a7-86f93064c90aObjectCategory : Contoso.local/Configuration/Schema/ms-Exch-Rpc-Http-Vi rtual-DirectoryObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtual Directory}WhenChanged : 5/29/2009 10:54:15 PMWhenCreated : 5/29/2009 10:54:00 PMOriginatingServer : PDC.Contoso.localIsValid : True

Hi,What you wrote is correct.What I see as a problem above that the ExternalHostname of the Outlook Anywhere is correct but it doesn't reflect in the autodiscover settings.If you disable the OutlookAnywhere and reenable it, it may helps.Regards,Zoltnhttp://www.clamagent.org - Free Antivirus for Exchange http://www.it-pro.hu http://emaildetektiv.hu

I disabled and re-enabled Outlook Anywhere and I am waiting for the changes to propogate.Should I undo my Set-OutlookProvider settings that I mentioned earlier?: Set-OutlookProvider -Identity EXCH -Server CASSERVER -CertPrincipalName mail.abc.com Set-OutlookProvider -Identity EXPR -Server CASSERVER -CertPrincipalName mail.abc.com Set-OutlookProvider -Identity WEB -Server CASSERVER -CertPrincipalName mail.abc.com

Hi,I don't think so. I'd like to see if the address in your autodiscover file gets corrected or not.Regards,Zoltnhttp://www.clamagent.org - Free Antivirus for Exchange http://www.it-pro.hu http://emaildetektiv.hu

<?xml version="1.0" encoding="utf-8"?><Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> <User> <DisplayName>Jameson Collins</DisplayName> <LegacyDN>/o=Contoso Organization/ou=First Administrative Group/cn=Recipients/cn=jcollins</LegacyDN> <DeploymentId>af3fb63d-5151-4417-9929-19cc8455db86</DeploymentId> </User> <Account> <AccountType>email</AccountType> <Action>settings</Action> <Protocol> <Type>EXCH</Type> <Server>EXCHSRV.Contoso.local</Server> <ServerDN>/o=Contoso Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCHSRV</ServerDN> <ServerVersion>720180F0</ServerVersion> <MdbDN>/o=Contoso Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCHSRV/cn=Microsoft Private MDB</MdbDN> <PublicFolderServer>EXCHSRV.Contoso.local</PublicFolderServer> <AD>PDC.Contoso.local</AD> <ASUrl>https://exchange.contoso.com/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://exchange.contoso.com/EWS/Exchange.asmx</EwsUrl> <OOFUrl>https://exchange.contoso.com/EWS/Exchange.asmx</OOFUrl> <UMUrl>https://exchange.contoso.com/UnifiedMessaging/Service.asmx</UMUrl> <OABUrl>Public Folder</OABUrl> <CertPrincipalName>exchange.contoso.com</CertPrincipalName> </Protocol> <Protocol> <Type>EXPR</Type> <Server>EXCHSRV</Server> <ASUrl>https://exchange.contoso.com/EWS/Exchange.asmx</ASUrl> <EwsUrl>https://exchange.contoso.com/EWS/Exchange.asmx</EwsUrl> <OOFUrl>https://exchange.contoso.com/EWS/Exchange.asmx</OOFUrl> <UMUrl>https://exchange.contoso.com/UnifiedMessaging/Service.asmx</UMUrl> <OABUrl>Public Folder</OABUrl> <CertPrincipalName>msstd:exchange.contoso.com</CertPrincipalName> </Protocol> <Protocol> <Type>WEB</Type> <External> <OWAUrl AuthenticationMethod="Fba">https://exchange.contoso.com/owa</OWAUrl> <Protocol> <Type>EXPR</Type> <ASUrl>https://exchange.contoso.com/EWS/Exchange.asmx</ASUrl> </Protocol> </External> <Internal> <OWAUrl AuthenticationMethod="Basic, Fba">https://exchange.contoso.com/owa</OWAUrl> <Protocol> <Type>EXCH</Type> <ASUrl>https://exchange.contoso.com/EWS/Exchange.asmx</ASUrl> </Protocol> </Internal> </Protocol> </Account> </Response></Autodiscover>

Any other ideas?

I have all the autodiscver settings correct now, but Outlook Anywhere still doesnt work. I am not sure where the issue is now. Internal clients are now fully using RPC proxy with split dns names and it works fine, so I assume there may be some firewall rules I am unaware of. I will probably start another thread for it.

Did you ever get this problem resolved? If you did, how was it fixed?

<Internal> <OWAUrl AuthenticationMethod="Basic, Fba">https://exchange.contoso.com/owa</OWAUrl> <Protocol> It should be internal url ?