Hi
I have a setup with one CAS server and one Exchange backend server. Serves 4 Domains.
Activesynch is working (both on intranet and internet). owa is working both Networks too.
heres some test data (domain and such stuff have been sanitized contoso.com is the excernal name, contoso is the internal name, casserver is the CAS Server etc.
my autodiscover is on https://mail.contoso.com/autodiscover/autodiscover.xml
any http on autodiscovery.* (my 4 domains) will do a 302 redirect to https://mail.contoso.com/autodiscover/autodiscover.xml
browsing https://mail.contoso.com/autodiscover/autodiscover.XML from intranet or internet yields this response (after providing username and password
<Autodiscover><Response><Error Time="09:32:02.3112517" Id="2271660173"><ErrorCode>600</ErrorCode><Message>Invalid Request</Message><DebugData/></Error></Response></Autodiscover>
Other Things I've done to help showing the configuration:
1. Test autodiscover configuration: Test-OutlookWebServices -ClientAccessServer "casserver"
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>Test-OutlookWebServices -ClientAccessServer casserver
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1019
Type : Information
Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://casserver.contoso.com/Autodiscover/Autodiscover.xml.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1013
Type : Error
Message : When contacting https://casserver.contoso.com/Autodiscover/Autodiscover.xml received the error The remote server returned an error: (404) Not Found.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1023
Type : Error
Message : The Autodiscover service couldn't be contacted.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1013
Type : Error
Message : When contacting https://casserver.contoso.com/EWS/Exchange.asmx received the error The request failed with HTTP status 404: Not Found.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1025
Type : Error
Message : [EXCH] Error contacting the AS service at https://casserver.contoso.com/EWS/Exchange.asmx. Elapsed time was 437 milliseconds.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1013
Type : Error
Message : When contacting https://casserver.contoso.com/EWS/Exchange.asmx received the error The remote server returned an error: (404) Not Found.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1027
Type : Error
Message : [EXCH] Error contacting the UM service at https://casserver.contoso.com/EWS/Exchange.asmx. Elapsed time was 0 milliseconds.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1013
Type : Error
Message : When contacting https://mail.contoso.com/ews/exchange.asmx received the error Client found response content type of '', but expected 'text/xml'.
The request failed with an empty response.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1025
Type : Error
Message : [EXPR] Error contacting the AS service at https://mail.contoso.com/ews/exchange.asmx. Elapsed time was 468 milliseconds.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1026
Type : Success
Message : [EXPR] Successfully contacted the UM service at https://mail.contoso.com/ews/exchange.asmx. The elapsed time was 140 milliseconds.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1113
Type : Error
Message : When contacting https://casserver.contoso.com/ews/exchange.asmx received the error The request failed with HTTP status 404: Not Found.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1125
Type : Error
Message : [Server] Error contacting the AS service at https://casserver.contoso.com/ews/exchange.asmx. Elapsed time was 0 milliseconds.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1113
Type : Error
Message : When contacting https://casserver.contoso.com/ews/exchange.asmx received the error The remote server returned an error: (404) Not Found.
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Id : 1127
Type : Error
Message : [Server] Error contacting the UM service at https://casserver.contoso.com/ews/exchange.asmx. Elapsed time was 0 milliseconds.
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>2. Ping and browse https://mydomain/autodiscover/autodiscover.xm
Browse https://casserver/autodiscover/autodiscover.XML = 404
ping casserver Works OK
note above about https://mail.contoso.com/autodiscover/autodiscover.XML actually Works.
3. If you are testing from outside, test https://autodiscover.mydomain/autodiscover/autodiscover.xml
See 2
4. Test autodiscover virtual diretories: Get-AutodiscoverVirtualDirectory |FL
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>Get-AutodiscoverVirtualDirectory |FL
RunspaceId : 735fd88b-e9e1-4350-b7d7-c0aca66ebecd
Name : Autodiscover (Default Web Site)
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
LiveIdSpNegoAuthentication : False
WSSecurityAuthentication : False
LiveIdBasicAuthentication : False
BasicAuthentication : True
DigestAuthentication : False
WindowsAuthentication : True
MetabasePath : IIS://casserver.contoso.com/W3SVC/1/ROOT/Autodiscover
Path : C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Autodiscover
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
Server : CASSERVER
InternalUrl :
ExternalUrl :
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols,CN=CASSERVER,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Contoso,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=contoso,DC=com
Identity : CASSERVER\Autodiscover (Default Web Site)
Guid : 9f99c3b7-f63f-474c-899d-72c6d4f5d480
ObjectCategory : contoso.com/Configuration/Schema/ms-Exch-Auto-Discover-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}
WhenChanged : 29-08-2014 02:45:44
WhenCreated : 29-08-2014 02:46:03
WhenChangedUTC : 29-08-2014 00:45:44
WhenCreatedUTC : 29-08-2014 00:46:03
OrganizationId :
OriginatingServer : adserver.contoso.com
IsValid : True
[PS] C:\Program Files\Microsoft\Exchange Server\V14\Scripts>5. Also Checked my Certificate:
The certificate is a signed UCC / SAN certificate from my own authority it contains the following (sanitized) information:
Certificate:
Identity / Subject:
casserver.contoso.com
SAN
dns=casserver.contoso.com
dns=mail.contoso.com
dns=autodiscover.contoso.com
dns=mail.domain2.com
dns=autodiscover.domain2.com
dns=mail.domain4.com
dns=autodiscover.domain4.com
dns=mail.domain3.com
dns=autodiscover.domain3.com
dns=contoso.com
dns=domain2.com
dns=domain4.com
dns=domain3.com
dns=casserver
6. Tried resetting the Autodiscovery Virtual Directory.
7. Testing on https://testconnectivity.microsoft.com/ (remote Connectivity Analyzer):
Exchange ActiveSync Autodiscover:
<?xml version="1.0" encoding="utf-8"?><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting the Autodiscover and Exchange ActiveSync test (if requested)." resultdescription="Testing of Autodiscover for Exchange ActiveSync failed." additionaldetails="" elapsedMilliseconds="22354"><children><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting each method of contacting the Autodiscover service." resultdescription="The Autodiscover service couldn't be contacted successfully by any method." additionaldetails="" elapsedMilliseconds="22354"><children><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to test potential Autodiscover URL https://contoso.com:443/Autodiscover/Autodiscover.xml" resultdescription="Testing of this potential Autodiscover URL failed." additionaldetails="" elapsedMilliseconds="17286"><children><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Attempting to resolve the host name contoso.com in DNS." resultdescription="The host name resolved successfully." additionaldetails="IP addresses returned: 255.255.255.255" elapsedMilliseconds="332"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing TCP port 443 on host contoso.com to ensure it's listening and open." resultdescription="The port was opened successfully." additionaldetails="" elapsedMilliseconds="293"><children /></testresult><testresult status="Success" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing the SSL certificate to make sure it's valid." resultdescription="The certificate passed all validation requirements." additionaldetails="" elapsedMilliseconds="15540"><children><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server contoso.com on port 443." resultdescription="The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate." additionaldetails="Remote Certificate Subject: CN=casserver.contoso.com, OU=contoso, O=contoso, L=City, S=State, C=US, Issuer: CN=my-ca-autority, DC=contoso, DC=com." elapsedMilliseconds="15517"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Validating the certificate name." resultdescription="The certificate name was validated successfully." additionaldetails="Host name contoso.com was found in the Certificate Subject Alternative Name entry." elapsedMilliseconds="0"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing the certificate date to confirm the certificate is valid." resultdescription="Date validation passed. The certificate hasn't expired." additionaldetails="The certificate is valid. NotBefore = 8/28/2014 11:15:35 PM, NotAfter = 8/27/2016 11:15:35 PM" elapsedMilliseconds="0"><children /></testresult></children></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Checking the IIS configuration for client certificate authentication." resultdescription="Client certificate authentication wasn't detected." additionaldetails="Accept/Require Client Certificates isn't configured." elapsedMilliseconds="679"><children /></testresult><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to send an Autodiscover POST request to potential Autodiscover URLs." resultdescription="Autodiscover settings weren't obtained when the Autodiscover POST request was sent." additionaldetails="" elapsedMilliseconds="440"><children><testresult status="Error" errorid="12f4b21a-7e8d-4c95-b4a8-f4608e7d73b0" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://contoso.com:443/Autodiscover/Autodiscover.xml for user ohm@contoso.com." resultdescription="The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response." additionaldetails="A Web exception occurred because an HTTP 404 - NotFound response was received from Unknown.
HTTP Response Headers:
Connection: close
Content-Length: 315
Content-Type: text/html; charset=us-ascii
Date: Fri, 29 Aug 2014 07:46:13 GMT
Server: Microsoft-HTTPAPI/2.0
" elapsedMilliseconds="440"><children /></testresult></children></testresult></children></testresult><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to test potential Autodiscover URL https://autodiscover.contoso.com:443/Autodiscover/Autodiscover.xml" resultdescription="Testing of this potential Autodiscover URL failed." additionaldetails="" elapsedMilliseconds="2303"><children><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Attempting to resolve the host name autodiscover.contoso.com in DNS." resultdescription="The host name resolved successfully." additionaldetails="IP addresses returned: 255.255.255.255" elapsedMilliseconds="321"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing TCP port 443 on host autodiscover.contoso.com to ensure it's listening and open." resultdescription="The port was opened successfully." additionaldetails="" elapsedMilliseconds="347"><children /></testresult><testresult status="Success" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing the SSL certificate to make sure it's valid." resultdescription="The certificate passed all validation requirements." additionaldetails="" elapsedMilliseconds="505"><children><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.contoso.com on port 443." resultdescription="The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate." additionaldetails="Remote Certificate Subject: CN=casserver.contoso.com, OU=contoso, O=contoso, L=City, S=State, C=US, Issuer: CN=my-ca-autority, DC=contoso, DC=com." elapsedMilliseconds="483"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Validating the certificate name." resultdescription="The certificate name was validated successfully." additionaldetails="Host name autodiscover.contoso.com was found in the Certificate Subject Alternative Name entry." elapsedMilliseconds="0"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing the certificate date to confirm the certificate is valid." resultdescription="Date validation passed. The certificate hasn't expired." additionaldetails="The certificate is valid. NotBefore = 8/28/2014 11:15:35 PM, NotAfter = 8/27/2016 11:15:35 PM" elapsedMilliseconds="0"><children /></testresult></children></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Checking the IIS configuration for client certificate authentication." resultdescription="Client certificate authentication wasn't detected." additionaldetails="Accept/Require Client Certificates isn't configured." elapsedMilliseconds="676"><children /></testresult><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to send an Autodiscover POST request to potential Autodiscover URLs." resultdescription="Autodiscover settings weren't obtained when the Autodiscover POST request was sent." additionaldetails="" elapsedMilliseconds="451"><children><testresult status="Error" errorid="12f4b21a-7e8d-4c95-b4a8-f4608e7d73b0" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.contoso.com:443/Autodiscover/Autodiscover.xml for user ohm@contoso.com." resultdescription="The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response." additionaldetails="A Web exception occurred because an HTTP 404 - NotFound response was received from Unknown.
HTTP Response Headers:
Connection: close
Content-Length: 315
Content-Type: text/html; charset=us-ascii
Date: Fri, 29 Aug 2014 07:46:15 GMT
Server: Microsoft-HTTPAPI/2.0
" elapsedMilliseconds="451"><children /></testresult></children></testresult></children></testresult><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to contact the Autodiscover service using the HTTP redirect method." resultdescription="The attempt to contact Autodiscover using the HTTP Redirect method failed." additionaldetails="" elapsedMilliseconds="2487"><children><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Attempting to resolve the host name autodiscover.contoso.com in DNS." resultdescription="The host name resolved successfully." additionaldetails="IP addresses returned: 255.255.255.255" elapsedMilliseconds="8"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing TCP port 80 on host autodiscover.contoso.com to ensure it's listening and open." resultdescription="The port was opened successfully." additionaldetails="" elapsedMilliseconds="161"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is checking the host autodiscover.contoso.com for an HTTP redirect to the Autodiscover service." resultdescription="The redirect (HTTP 301/302) response was received successfully." additionaldetails="Redirect URL: https://mail.contoso.com/Autodiscover/Autodiscover.xml
HTTP Response Headers:
Content-Length: 179
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Aug 2014 07:46:15 GMT
Location: https://mail.contoso.com/Autodiscover/Autodiscover.xml
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
" elapsedMilliseconds="310"><children /></testresult><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to test potential Autodiscover URL https://mail.contoso.com/Autodiscover/Autodiscover.xml" resultdescription="Testing of this potential Autodiscover URL failed." additionaldetails="" elapsedMilliseconds="2006"><children><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Attempting to resolve the host name mail.contoso.com in DNS." resultdescription="The host name resolved successfully." additionaldetails="IP addresses returned: 255.255.255.255" elapsedMilliseconds="368"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing TCP port 443 on host mail.contoso.com to ensure it's listening and open." resultdescription="The port was opened successfully." additionaldetails="" elapsedMilliseconds="169"><children /></testresult><testresult status="Success" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Testing the SSL certificate to make sure it's valid." resultdescription="The certificate passed all validation requirements." additionaldetails="" elapsedMilliseconds="354"><children><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.contoso.com on port 443." resultdescription="The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate." additionaldetails="Remote Certificate Subject: CN=casserver.contoso.com, OU=contoso, O=contoso, L=City, S=State, C=US, Issuer: CN=my-ca-autority, DC=contoso, DC=com." elapsedMilliseconds="329"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Validating the certificate name." resultdescription="The certificate name was validated successfully." additionaldetails="Host name mail.contoso.com was found in the Certificate Subject Alternative Name entry." elapsedMilliseconds="0"><children /></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Testing the certificate date to confirm the certificate is valid." resultdescription="Date validation passed. The certificate hasn't expired." additionaldetails="The certificate is valid. NotBefore = 8/28/2014 11:15:35 PM, NotAfter = 8/27/2016 11:15:35 PM" elapsedMilliseconds="0"><children /></testresult></children></testresult><testresult status="Success" errorid="00000000-0000-0000-0000-000000000000" contentUrl="" testdescription="Checking the IIS configuration for client certificate authentication." resultdescription="Client certificate authentication wasn't detected." additionaldetails="Accept/Require Client Certificates isn't configured." elapsedMilliseconds="669"><children /></testresult><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to send an Autodiscover POST request to potential Autodiscover URLs." resultdescription="Autodiscover settings weren't obtained when the Autodiscover POST request was sent." additionaldetails="" elapsedMilliseconds="445"><children><testresult status="Error" errorid="a28be452-a4b2-419c-851a-37f441f3120e" contentUrl="" testdescription="The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://mail.contoso.com/Autodiscover/Autodiscover.xml for user ohm@contoso.com." resultdescription="The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response." additionaldetails="An HTTP 500 response was returned from Unknown.
HTTP Response Headers:
Content-Length: 0
Cache-Control: private
Date: Fri, 29 Aug 2014 07:46:18 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
" elapsedMilliseconds="444"><children /></testresult></children></testresult></children></testresult></children></testresult><testresult status="Error" errorid="734044ef-11c2-4e30-9ee6-450d49e9d92c" contentUrl="" testdescription="Attempting to contact the Autodiscover service using the DNS SRV redirect method." resultdescription="The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method." additionaldetails="" elapsedMilliseconds="132"><children><testresult status="Error" errorid="8249cc81-d0ce-43d2-b319-48ceadb1bfe7" contentUrl="http://go.microsoft.com/?linkid=9843849" testdescription="Attempting to locate SRV record _autodiscover._tcp.contoso.com in DNS." resultdescription="The Autodiscover SRV record wasn't found in DNS." additionaldetails="" elapsedMilliseconds="132"><children /></testresult></children></testresult><testresult status="Warning" errorid="c0f75b77-072c-48d5-ab17-eebc99a4b3d9" contentUrl="http://go.microsoft.com/?linkid=9843786" testdescription="Checking if there is an autodiscover CNAME record in DNS for your domain 'contoso.com' for Office 365." resultdescription="Failed to validate autodiscover CNAME record in DNS. If your mailbox isn't in Office 365, you can ignore this warning." additionaldetails="There is no Autodiscover CNAME record for your domain 'contoso.com'." elapsedMilliseconds="145"><children /></testresult></children></testresult></children></testresult>
8. Testing Autodiscover from Exchange Client (intranet):
SMTP=me@contoso.com Attempting URL https://casserver.contoso.com/Autodiscover/Autodiscover.xml Found Through SCP Autodiscover to https://casserver.contoso.com/Autodiscover/Autodiscover.xml starting GetLastError=0;httpStatus=404. ... more errors... Redirect Check to http:/autodiscover.contoso.com/Autodiscover/Autodiscover.xml starting (recieves redirect) Autodiscover to https://mail.contoso.com/Autodiscover/Autodiscover.xml starting GetLastError=0;httpStatus=500. ..SRV Attempt.. .Fails. End of tests.
(sorry for lack of details in this test) - the tests done by Outlook has to be transcribed by hand :-(
I hope anyone out there can help me resolve my issue.
Regards,
Henrik