Being prompted for AutoDiscovery
I'm trying to setup AutoDiscover for a new "Trusted" domain. My exisitng domain is the "Resource" domain. I've added another domain to my certificate and added a DNS entry to point to the existing CAS Server. Were using Linked Mailboxes. When trying to use AutoDiscover it fails. If I configure Outlook manually I can get into the mailbox but I am prompted for Authentication when attempting to download the OAB. I tried to go to the AutoDiscover site and was prompted for authentication. I'm guessing it has something to do with Clients needing to access the XML file and not being able to because of authentication. The problem I have is that the account that I'm being prompted for is the disabled account in the resource domain. I've tried using both accounts to attempt access but it fails. I'm pooring over the AutoDiscover stuff and haven't found anything yet. I know I can't do "Anonymous" to the AutoDiscover because it needs authentication to find the account. Any help is much appreciated.David Jenkins
September 27th, 2011 12:00pm

I was able to add the SCP with this article. http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx#ConfiguringADMultipleForestsHowTo But that hasn't fixed anything. It just fails faster now. I'm getting a failed (0x800C8203)David Jenkins
Free Windows Admin Tool Kit Click here and download it now
September 27th, 2011 1:56pm

When I try to go to the https://resourcedomain/autodiscover/autodiscover.xml from within the resource domain everything works. When I try the same url in the trusted domain I get prompted for Authentication. This shouldn't be happening. Any help? I show in the logs in IIS on the CAS server that authentication is successful. David Jenkins
September 27th, 2011 4:48pm

In step three of article http://technet.microsoft.com/en-us/library/ff597981(EXCHG.80).aspx It shows to run "Get-Mailbox" on a user account. I've noticed that for the LinkedMasterAccount it only shows the GUID of the account and not the name. David Jenkins
Free Windows Admin Tool Kit Click here and download it now
September 28th, 2011 11:19am

In the event logs on the exchange server I show the logon success yet still have failures. Anyone please help. I've been searching for days trying to figure out the issue. I get a failed (0x800C8203). Nothing I've found helps. Is this a client issue? I'm using Windows 7 with Office 2007. David Jenkins
September 28th, 2011 3:01pm

In IE if I add the site to my "Intranet" Sites I can get to the Autodiscover.xml file. Do I need something similar in Outlook?David Jenkins
Free Windows Admin Tool Kit Click here and download it now
September 28th, 2011 3:02pm

Hi David, So you have two forests, the “resource forest” has Exchange server resided on and the “client forest” has no Exchange server; you are not able to use autoconfigure to setup Outlook profile when the user first logon in the client forest; and you are prompted for credentials when try to download OAB. Is that correct? If I understand correctly, the issue is by design. The authentication on the autodiscover service is granted to the mailbox account in the resource forest—and it is disabled; but the Outlook running in the client forest can only provide the credentials from the login windows—and it is belonged to client forest. Your understanding would be appreciated. To use autodiscover service in the client forest, you may consider one of the following methods: 1. Enable the mailbox account in the resource forest, and logon as this account into Windows in client forest. 2. Alternately, you may configuration the autodiscover service for multiple forests. However, it request at least one Exchange server in each forest. Please refer to http://technet.microsoft.com/en-us/library/aa996849(EXCHG.80).aspx. 3. As a workaround, we may use the DNS method to work the autodiscover service. To do this, create a DNS record in the client forest and point the external URL of autodiscover to the CAS server in the resource forest. Note that: --the external URL of autodiscover service should match the SMTP suffix. For example, the user email address is User@domainA.com; then the external url of autodiscover is https://domainA.com/autodiscover/autodiscover.xml; --the external URL should match the name of the certificate you installed on the resource forest. --the credential prompt could not be get rid of. Hope it is helpful Fiona
September 29th, 2011 3:18am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics