Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, July 12, 2016 3:56 PM
Hi all,
I just installed Exchange 2013 for a customer, and I was having trouble getting autodiscover to work. I went to https://yourdomain.com/autodiscover/autodiscover.xml, and got the error message http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006, with the further error code 600, "Invalid Request".
The good news for you is that that is 100% normal, and you will get that even when autodiscover is working perfectly. I still suspect that the reason you are here is that you have the problem that I had, and you will benefit from the simple the solution that I am about to present. As I was having my problem, I read MANY solutions to this, and frankly, I found them wrong for most situations.
The underlying issue is domain credentials that are used with a [email protected] name and trying to use them from the Internet. Using autodiscover with [email protected] is not going to resolve, and if you put in [email protected], Windows does not find that as a valid user so we need to take care of that with two simple steps.
The first is go into the “Active Directory Domains and Trusts” mmc, and right click on “Active Directory Domains and Trusts” in the left column at the very top (not your domain itself). Then add your full domain (yourdomain.com) as an alternative UPN suffix and hit OK. Next you need to go into the “Active Directory Users and Computers” mmc, and test this on one user to start, but go into the user’s properties>account, and you will see a drop-down for the domain after the “User logon name”. Change that to your external domain. Assuming this works for you, you can then highlight many users, and right click, and edit this property for all of them at once.
Chances are good that it will work now, but if not, there are a few more things to look at that should only take a few minutes.
You should use a valid certificate from a trusted provider like Network Solutions or GoDaddy with the external name of your server (mail.yourdomain.com), and subject alternative names for autodiscover.yourdomain.com. They should be bound to the services in the ECP>Server>Certificates then double-click on the certificate, and go to services on its left menu. Bind it to at least SMTP, IIS, POP, and IMAP, and click “OK”.
Then still in the ECP, go to Servers>Virtual Directories, and set the internal and external URLS for EWS, Microsoft-Server-ActiveSync, OAB, and OWA to your server’s external URL using https (https://mail.yourdomain.com/plus whatever extension is already there).
Lastly, from the Exchange Shell (run as administrator), run the following command (minus the quotes): “Set-ClientAccessServer -Identity "yourservername" –AutodiscoverServiceInternalURI https://mail.yourdomain.com/autodiscover/autodiscover.xml
Kevin Cotreau
P.S. if you run the Exchange Remote Connectivity Analyzer, and I don’t know why this is, but it never works using the administrator account, so try it with a normal user account.
All replies (2)
Thursday, July 14, 2016 2:22 AM ✅Answered
The P.S. is normal, and it's likely because Administrator accounts have inherited permissions blocked. That's just one of many reasons you shouldn't use administrator accounts for e-mail.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Celebrating 20 years of providing Exchange peer support!
Friday, July 15, 2016 8:10 AM
Hi Kevin,
Thanks for your sharing, this would be beneficial to other community members.
Thanks again.
Best regards,
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected].
Niko Cheng
TechNet Community Support