Autodiscover redirected prompt when creating profile
You need an DNS SRV record,
_autodiscover._tcp.anotherdomain.com resovled to 0 0 443 autodiscover.domain.com
February 25th, 2015 10:23am
this is for internal email not outlook anywhere do i need the SRV on internal DNS too?
February 25th, 2015 10:38am
Yes, it applies to internal client as well.
Btw, internal client is also using Outlook Anywhere.
February 25th, 2015 10:44am
Great thanks for the answer, I just thought any internal client would use the autodiscover scp from AD... we do not have all smtp domains as internal DNS zones so do I need to create them to get around this?
February 26th, 2015 3:33am
This is what I have set already, it looks like we may have an issue with autodiscover internally as we are seeing the redirect error so the SCP is failing, I am seeing certificate issues on RCA, I think because the certificate revocation check has
failed as we have blocked outbound internet access on the CAS servers for web traffic
February 26th, 2015 3:49am
CRL should not cause that.
Can you post your autodiscover test log here?
February 26th, 2015 4:08am
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.domain.com on port 443. |
|
The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate. |
|
|
Additional Details |
|
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Elapsed Time: 659 ms.
|
|
February 26th, 2015 4:17am
this happens internally as well, however I can browse to
https://autodiscover.domain.com/autodiscover/healthcheck.htm from a web browser on an external and internal IE client (no cert errors and chain is good)...
I see no errors on event logs on servers, we are going through F5 load balancer and have isolated each CAS 1 by 1 so don't think its a particular server error, this was working yesterday but nothing has changed to my knowledge, only thing I can see if the
revocation check has failed on the c
February 26th, 2015 4:18am
update: someone has installed Symantec endpoint on the CAS's but it is disabled, I will try to remove this...
February 26th, 2015 4:21am
From the client running Outlook, ctrl-right-click the Outlook icon in the system tray, Test Email AutoConfiguration, start Test.
Take a look at the Log tab
February 26th, 2015 4:22am
I would if I had any...this is a vanilla deployment and unable to connect any outlook clients at the moment since this started happening.
February 26th, 2015 4:25am
this seems to be all ssl traffic not just autodiscover
February 26th, 2015 4:26am
You can configure your Outlook manually while AutoDiscover is not working.
February 26th, 2015 5:05am