We're currently running Exchange 2010 SP1 on Windows 2008 R2. We have 2 servers with a mailbox role and 2 servers with a combined CAS and Hub Transport role. One of our CAS servers is constantly running at 100% cpu on the w3wp.exe and lsass.exe services. It's a dual E5345 Quad Core with 8GB of ram so it should be more than sufficient for the 1500 max users we have in the system. If you dig deeper into the process through Process Explorer, it looks like it's the MSExchangeAutodiscoverAppPool that's causing the processing issue and IIS logs confirm that every one of our Outlook 2007 clients continue to poll for AutoDiscover settings--almost every second. For example: 2010-09-23 15:25:24 10.12.224.165 POST /Autodiscover/Autodiscover.xml - 443 - 10.12.225.111 Microsoft+Office/12.0+(Windows+NT+5.1;+Microsoft+Office+Outlook+12.0.6535;+Pro) 401 1 2148074254 280 2010-09-23 15:25:24 10.12.224.165 POST /Autodiscover/Autodiscover.xml - 443 - 10.12.225.150 Microsoft+Office/12.0+(Windows+NT+5.1;+Microsoft+Office+Outlook+12.0.6535;+Pro) 401 1 2148074254 265 Autodiscover works setting up the Outlook client for the first time, testexchangeconnectivity.com shows autodiscover is working correctly from the outside and an outlook client on the internal side running a "Test E-mail AutoConfiguration" looks to be correct as well. What might be causing Outlook to poll autodiscover so much? All of the internal url settings on all of the CAS and AutoDiscover setup seem ok to me but maybe I missed something? Or is this an Outlook issue?

On Thu, 23 Sep 2010 17:20:11 +0000, Pipeline wrote: > > >We're currently running Exchange 2010 SP1 on Windows 2008 R2. We have 2 servers with a mailbox role and 2 servers with a combined CAS and Hub Transport role. One of our CAS servers is constantly running at 100% cpu on the w3wp.exe and lsass.exe services. It's a dual E5345 Quad Core with 8GB of ram so it should be more than sufficient for the 1500 max users we have in the system. > >If you dig deeper into the process through Process Explorer, it looks like it's the MSExchangeAutodiscoverAppPool that's causing the processing issue and IIS logs confirm that every one of our Outlook 2007 clients continue to poll for AutoDiscover settings--almost every second. For example: > > > >2010-09-23 15:25:24 10.12.224.165 POST /Autodiscover/Autodiscover.xml - 443 - 10.12.225.111 Microsoft+Office/12.0+(Windows+NT+5.1;+Microsoft+Office+Outlook+12.0.6535;+Pro) 401 1 2148074254 280 > >2010-09-23 15:25:24 10.12.224.165 POST /Autodiscover/Autodiscover.xml - 443 - 10.12.225.150 Microsoft+Office/12.0+(Windows+NT+5.1;+Microsoft+Office+Outlook+12.0.6535;+Pro) 401 1 2148074254 265 > > > >Autodiscover works setting up the Outlook client for the first time, testexchangeconnectivity.com shows autodiscover is working correctly from the outside and an outlook client on the internal side running a "Test E-mail AutoConfiguration" looks to be correct as well. > >What might be causing Outlook to poll autodiscover so much? The 401.1 error. It's a Login Failed status. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

That's strange. I know those people are getting their e-mail ok through Outlook 2007 and like I've mentioned testing autodiscover to make accounts seems ok. Any idea why would there be so many login failures? I've had the same problem since Exchange 2007 and we were hoping that replacing all of our aging domain controllers and upgrading to Exchange 2010 would help the situation. But it still remains. I know it's possible I have something set incorrectly with autodiscover but I can't see how it would work at all if it was. Thanks for your help.

On Fri, 24 Sep 2010 12:58:38 +0000, Pipeline wrote: >That's strange. I know those people are getting their e-mail ok through Outlook 2007 Autodiscover isn't used to read the messages. >and like I've mentioned testing autodiscover to make accounts seems ok. Any idea why would there be so many login failures? Wrong password? :-) You have the log files. Are all the POST commands with status 401.1 coming from the same IP address, or from some small number of IP addresses? Go visit those machines and verify that they're being used correctly. >I've had the same problem since Exchange 2007 and we were hoping that replacing all of our aging domain controllers and upgrading to Exchange 2010 would help the situation. But it still remains. Login failures aren't an Exchange problem. >I know it's possible I have something set incorrectly with autodiscover but I can't see how it would work at all if it was. I can't draw any conclusions from just lines from a log file. Neither should you. Using LogParser would give you a set of IP addresses that have 401 status pretty quickly. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

I guess my problem with this is that the IPs are from clients running Outlook 2007 and they've already logged into their computer and there fore the domain. Outlook isn't asking them to login again, it's behind the scenes. And they're getting their e-mail just fine so why on earth would they continually try to grab autodiscover settings and how could Outlook even use a bad password at that point. One client maybe but it's all of them. And the same IP address gets a valid login milliseconds later. and then another 401 and then another success. It's every Outlook 2007 client in the building. But there's no apparent issue to the end user, everything works fine for them. I just see 100% CPU.

On Mon, 27 Sep 2010 17:30:20 +0000, Pipeline wrote: >I guess my problem with this is that the IPs are from clients running Outlook 2007 and they've already logged into their computer and there fore the domain. Outlook isn't asking them to login again, it's behind the scenes. And they're getting their e-mail just fine so why on earth would they continually try to grab autodiscover settings and how could Outlook even use a bad password at that point. One client maybe but it's all of them. And the same IP address gets a valid login milliseconds later. and then another 401 and then another success. It's every Outlook 2007 client in the building. But there's no apparent issue to the end user, everything works fine for them. I just see 100% CPU. Have you tried turning on the Netlogon logging on your domain controllers and seeing if this happens only when a particular DC is used? Do you see the same IP addresses hitting the other CAS server? Do they only fail when they use CAS1 but not CAS2? Are the CAS machines load balanced? --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Rich, I thought I would get back to you sooner but Microsoft Support took awhile to come up with an answer. It seems as though having the TTL on the OutlookProvider config set to anything other that 1 will cause clients to continually ask for autodiscover settings. I don't have an answer for why yet, but just running a "Get-OutlookProvider | Set-OutlookProvider -TTL 1" improved things dramatically. Our TTLs were set at 2 for some reason, and you would think that would be ok but maybe that's out of range for Outlook clients so then it assumes a value of 0 and continuously requests start. We have to see what happens over the course of a few days here, but it looks as though that was the issue. Thanks for your help. -Andrew