Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, December 13, 2018 2:41 PM
Hey there,
I have been trying to get this working for a little over a week now and i still can't figure out why my auto discover is not working. I am running exchange 2016 CU10, the installation when flawless. The way autodiscover should connect to my exchange server is via a SRV record which i tested, is working & resolvable. ONE THING: i'm using HAproxy since i am also hosting various other web application services.
Here is what i tried so far:
- Exchange 2016 CU8 (same issue on fresh install).
- Tried to reset autodiscover virtual directory
- Reset OAB virtual directory
- Recycle application pool autodiscover & OAB
- Disable windows authentication (autodiscover + OAB+ EWS + MAPI)
- Restart exchange server entirely
- Access the autodiscover XML file via internet explorer externally = This went well
- Set external URL's on virtual directories
random side note: I have a valid ssl certificate.
- iisreset via powershell
- tried to use ntlm instead of negotiate (This has been reverted to negotiate, don't worry)
- Tried troubleshooting split-dns
Please keep in mind, i have not made any changes to registry. Simply because i didn't feel like a fresh install of exchange 2016 on a windows 2016 updated server should require registry changes in order for autodiscover to work. I am ofcourse willing to change stuff if asked. As far as the testconnectivity tool from microsoft is concerned, it said the following:
Attempting to contact the Autodiscover service using the DNS SRV redirect method.
The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method.
Additional Details
Test Steps
Attempting to locate SRV record _autodiscover._tcp.contoso.com in DNS.
The Autodiscover SRV record was successfully retrieved from DNS.
Additional Details
Attempting to test potential Autodiscover URL https://mail.contoso.com:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
Additional Details
Test Steps
Attempting to resolve the host name mail.contoso.com in DNS.
The host name resolved successfully.
Additional Details
Testing TCP port 443 on host mail.xxx.nl to ensure it's listening and open.
The port was opened successfully.
Additional Details
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Additional Details
Test Steps
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
Additional Details
Test Steps
The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://mail.contoso.com:443/Autodiscover/Autodiscover.xml for user [email protected].
The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response.
Additional Details
An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name (UPN).
HTTP Response Headers:
request-id: 8ff16c9b-e43b-4371-bbb1-5137368060c7
Server: Microsoft-IIS/10.0
WWW-Authenticate: Basic realm="mail.contoso.com",Negotiate,NTLM
X-Powered-By: ASP.NET
X-FEServer: MX
Date: Thu, 13 Dec 2018 14:25:25 GMT
Content-Length: 0
Elapsed Time: 226 ms.
If any more information, i will happily provide information (yes i have access to the exchange management shell).
I can send mails and stuff just fine via the web app & ecp is all working as expected.
All help is deeply appreciated!
Kind regards
All replies (9)
Friday, December 14, 2018 6:57 AM
Hi,
From the Microsoft Connectivity Analyzer test you have run, it looks there is no problem with DNS and certificate. The external connection request has successfully got to your Exchange server. It's the attempt to retrieve an XML Autodiscover response that failed.
Based on my research, HAproxy, the load balancer could be the probable cause in your case. I'd recommend you first try to bypass HAproxy and see whether this issue still continues.
Please keep us posted.
Regards,
Steve Fan
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Friday, December 14, 2018 8:25 AM
Hi,
I tried removing haproxy from the equation, and this made no difference.
Testconnectivity still gives the same error as listed in my initial post.
Thank for your help.
Kinds regards.
Monday, December 17, 2018 7:41 PM
Hi,
Not sure if you missed my reply but here's a little bump if you did :)
Thank you very much!
Kind regards
Tuesday, December 18, 2018 9:45 AM
Thank you for the update.
May I know what the error message is when it failed to connect in your Outlook? Is it possible to upgrade to Exchange 2016 CU11 to see whether this issue continues?
Besides, please check the authentication settings on the /AutoDiscover virtual directory and make sure you have the settings configured exactly like below:
- Anonymous Authentication: Enable
- ASP .NET Impersonation: Disabled
- Basic Authentication: Enabled
- Digest Authentication: Disabled
- Forms Authentication: Disabled
- Windows Authentication: Enabled
Regards,
Steve Fan
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Wednesday, December 19, 2018 9:52 AM
Hello, thank you for getting back i litterally just fixed by disabling ssl on the OAB virtual directory. I set every virtual directory to their default settings.
For the record; now the tool testconnectivity says it works, but outlook still gives 401. errors and yes it is using the correct autodiscover url. I DO think this is were HAproxy might be the cause of this problem. However this problem seems common, so i'll keep on googling.
Is this a known issue?
Thank you very much for your help so far!
Kind regards.
Friday, December 21, 2018 8:44 PM
Hi,
So figured out autodiscover is working fine, i can also access ews externally although that did require me to disable ssl on that virtual directory under the default website. Now i tried to run EWSeditor which gave me the following, internally as well as externally.
Exception details:
Message: The request failed. The remote server returned an error: (401) Unauthorized.
Type: Microsoft.Exchange.WebServices.Data.ServiceRequestException
Source: Microsoft.Exchange.WebServices
Stack Trace:
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverRequest.InternalExecute() in e:\EWSManagedAPI\ews-managed-api\Autodiscover\Requests\AutodiscoverRequest.cs:line 200
at Microsoft.Exchange.WebServices.Autodiscover.GetDomainSettingsRequest.Execute() in e:\EWSManagedAPI\ews-managed-api\Autodiscover\Requests\GetDomainSettingsRequest.cs:line 94
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.InternalGetDomainSettings(List`1 domains, List`1 settings, Nullable`1 requestedVersion, Uri& autodiscoverUrl) in e:\EWSManagedAPI\ews-managed-api\Autodiscover\AutodiscoverService.cs:line 1151
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetSettings[TGetSettingsResponseCollection,TSettingName](List`1 identities, List`1 settings, Nullable`1 requestedVersion, GetSettingsMethod`2 getSettingsMethod, Func`1 getDomainMethod) in e:\EWSManagedAPI\ews-managed-api\Autodiscover\AutodiscoverService.cs:line 949
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetDomainSettings(List`1 domains, List`1 settings, Nullable`1 requestedVersion) in e:\EWSManagedAPI\ews-managed-api\Autodiscover\AutodiscoverService.cs:line 1121
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetDomainSettings(String domain, Nullable`1 requestedVersion, DomainSettingName[] domainSettingNames) in e:\EWSManagedAPI\ews-managed-api\Autodiscover\AutodiscoverService.cs:line 1723
at EWSEditor.Forms.Dialogs.DomainSettingsForm.GoRun_Click(Object sender, EventArgs e) in C:\Users\danba\Documents\GitHub\EwsEditor\EWSEditor\Forms\Discovery\DomainSettingsForm.cs:line 105
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
Exception details:
Message: The remote server returned an error: (401) Unauthorized.
Type: System.Net.WebException
Source: System
Stack Trace:
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.WebServices.Data.EwsHttpWebRequest.Microsoft.Exchange.WebServices.Data.IEwsHttpWebRequest.GetResponse() in e:\EWSManagedAPI\ews-managed-api\Core\EwsHttpWebRequest.cs:line 132
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverRequest.InternalExecute() in e:\EWSManagedAPI\ews-managed-api\Autodiscover\Requests\AutodiscoverRequest.cs:line 119
If you know anything about this error, let me know.
thanks in advance!
Kind regards,
Quint
Monday, December 24, 2018 9:57 AM
Hi Quint,
Thank you for the update. It looks the original problem has been fixed. Regarding the EWSeditor error, I'd recommend you have a look at this Microsoft KB article and see whether it helps.
For further assistance on EWSeditor, please post a new thread to the Exchange development forum:
https://social.technet.microsoft.com/Forums/exchange/en-US/home?forum=exchangesvrdevelopment
Thank you for the understanding and support.
Regards,
Steve Fan
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Tuesday, December 25, 2018 4:13 AM
Hi,
Thanks for getting back, i have been putting this project to a break.
After getting back, everything is BROKEN. can't access management shell owa = 500 redirect error and ecp also some stupid type of error. I am sorry but i can't have this stuff in an enterprise environment. We are looking to an alternative for microsoft all together, it has been causing too many insurmountable issues that are simply unacceptable, get your act together, your a billion dollar company yet everything is unstable, poorly optimized and expensive.
We're done.
Thanks
edit: this is likely due to some windows server update. (not that it changes anything)
Friday, December 28, 2018 9:34 AM
Sorry to hear that. May I know whether there is any change you made to your environment before the things got worse?
Generally, the error was 500 which indicates some kind of authentication errors. You may try the following steps to see whether it helps:
1. Checked IIS, ensure that all of the authentication is set correctly and "Require SSL" is checked on the root of the default website.
2. Restart IIS service by running “IISReset /NoForce”.
3. If it fails, please try to start the “Microsoft Exchange Forms-Based Authentication” service on Exchange server.
Regards,
Steve Fan
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.