Exchange 2007 Autodiscover/IIS problem
Hello, I have an issue that I've been dealing with over the last week or so. I thought I'd come here to try and get some help (my first post). I have a simple 1 server exchange 2007 environment on server 2008. The server has a self-signed certificate, and for our needs it works well, until recently. I'm not sure what changed, but Autodiscover stopped working. When I test it using Test-OutlookWebServices from the EMS on the server, I get a few errors as posted below. When I run the same command from my PC with Exchange tools, it succeeds and passes all tests. This is a problem for us because our Anti-virus program uses Autodiscover to attach to and find Exchange, so anti-spam has not been working since this issue. I've read a ton of articles on trying to troubleshoot the problem, including deleting and re-creating the autodiscover virtual directory, but it hasn't helped. The autodiscover service is not available to the public domain, and we do not use Outlook 2007 clients to take advantage of it (although, I have a test copy of it, and it "finds" Exchange just fine) - it's really only used by our anti-virus program that has to reside on the CAS and Mailbox. I've disabled the loopback setting and that didn't help. When the Test-OutlookWebServices fails, the exchange server seems to ____ out -- Outlook starts to have a hard time "finding" and logging onto Exchange, and I can no longer connect to SMB admin or other shares. Outlook clients start to hang and get a retry or cancel message. After retrying a few times, it logs on and works fine. (rebooting the server fixes that issue). One more thing, the problems seemed to appear after adding a second domain controller/DNS to our domain, so I thought it was a DNS issue, but that seems to be working and resolving fine from everywhere, and AD seems to be replicating fine. I believe this has become an IIS issue more than anything? Here is the output of Test-OutlookWebServices from both the Exchange server and my Cient; Server: [PS] C:\Windows\System32>test-outlookwebservices -identity admin@jrhall.ca |fl Id : 1003 Type : Information Message : About to test AutoDiscover with the e-mail address Administrator@jrhall.ca. Id : 1013 Type : Error Message : When contacting https://exchange.jrhall.local/autodiscover/autodiscover.xml received the error The underlying connection was closed: An unexpected error occurred on a send. Id : 1013 Type : Error Message : When contacting https://exchange.jrhall.local/autodiscover/autodiscover.xml received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. Id : 1013 Type : Error Message : When contacting https://exchange.jrhall.local/autodiscover/autodiscover.xml received the error An existing connection was forcibly closed by the remote host Id : 1006 Type : Error Message : The Autodiscover service could not be contacted. Client: [PS] P:\>test-outlookwebservices -identity admin@jrhall.ca | fl Id : 1003 Type : Information Message : About to test AutoDiscover with the e-mail address Administrator@jrhall.ca. Id : 1006 Type : Information Message : The Autodiscover service was contacted at https://exchange.jrhall.local/autodiscover/autodiscover.xml. Id : 1016 Type : Success Message : [EXCH]-Successfully contacted the AS service at https://exchange.jrhall.local/EWS/Exchange.asmx. The elapsed time was 264 milliseconds. Id : 1015 Type : Success Message : [EXCH]-Successfully contacted the OAB service at https://exchange.jrhall.local/EWS/Exchange.asmx. The elapsed time was 0 milliseconds. Id : 1014 Type : Success Message : [EXCH]-Successfully contacted the UM service at https://exchange.jrhall.local/UnifiedMessaging/Service.asmx. The elapsed time was 512 milliseconds. Id : 1006 Type : Success Message : The Autodiscover service was tested successfully.
January 29th, 2010 6:15pm

Another symptom I failed to mention above is, when the test-outlookwebservices command fails on the server, the OWA component also stops responding. It gets to the log in screen, then hangs and hangs as if loading, but never does, and never times out. A reboot of the server fixes that along with the SMB connectivity. Here are some other settings that someone will likely ask for. Let me know if there's anything else you wish to see. Thanks in advance for your time and effort. [PS] C:\Windows\System32>get-autodiscovervirtualdirectory |fl Name : Autodiscover (Default Web Site) InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated} ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated} BasicAuthentication : True DigestAuthentication : False WindowsAuthentication : True MetabasePath : IIS://Exchange.jrhall.local/W3SVC/1/ROOT/Autodiscover Path : C:\Program Files\Microsoft\Exchange Server\ClientAccess\Autodiscover Server : EXCHANGE InternalUrl : ExternalUrl : AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) DistinguishedName : CN=Autodiscover (Default Web Site),CN=HTTP,CN=Protocols,CN=EXCHANGE,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=jrhall,DC=local Identity : EXCHANGE\Autodiscover (Default Web Site) Guid : d98ef18a-e034-4497-9818-dec49930ee51 ObjectCategory : jrhall.local/Configuration/Schema/ms-Exch-Auto-Discover-Virtual-Directory ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory} WhenChanged : 1/25/2010 4:18:18 PM WhenCreated : 1/25/2010 4:18:03 PM OriginatingServer : hallsrv.jrhall.local IsValid : True [PS] C:\Windows\System32>get-exchangecertificate |fl AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule} CertificateDomains : {mail.jrhall.ca, exchange.jrhall.ca, autodiscover.jrhall.ca, mail.jrhall.local, exchange.jrhall.local, autodiscover.jrhall.local} HasPrivateKey : True IsSelfSigned : True Issuer : CN=mail.jrhall.ca, O=J&R Hall Transport Inc., S=Ayr, C=CA NotAfter : 1/18/2011 2:23:18 PM NotBefore : 1/18/2010 2:23:18 PM PublicKeySize : 2048 RootCAType : None SerialNumber : 5B32443E986F06B249F80D7053500C36 Services : IIS, SMTP Status : Valid Subject : CN=mail.jrhall.ca, O=J&R Hall Transport Inc., S=Ayr, C=CA Thumbprint : 48DD624861D08456EE5A36DCC93062C8D984EE4D
Free Windows Admin Tool Kit Click here and download it now
January 29th, 2010 6:27pm

Hi-So what's running for system anti-virus, firewall, HIPS, etc on the server in question? This doesn't sound like an exchange level issue.Any errors in the event log of relevance?Active Directory, 4th Edition - www.briandesmond.com/ad4/
January 30th, 2010 9:02am

Hi, thanks for the response. Anti-virus and Spam is by Sunbelt called Vipre Email Security. It's been disabled until I can get autodiscover back up successfully. I've been running this server for over a year now with that software, and it's only been an issue until this autodiscover problem. Firewall on the server is also disabled. We have Cisco firewall controlled by our ISP at the Internet connection point, but Internally, firewall's have been disabled. As far as IIS logs, or event logs, I'm not seeing anything that would indicate a problem, although I may not be looking for the correct things. If you don't think this is an Exchange/IIS problem, what are you thinking the problem could be? As far as the server service is concerned (that's what appears to hang up eventually), it's a weird one. When I browse to the server at \\server\, it shows me the file shares, and when I connect to one, it doesn't let me (I'm logged in as domain admin). It doesn't let me on the hidden admin shares either. After attempting to connect, I get errors that say the server service is not running on the remote machine. But it is.... anyway, that's an issue for another day. At this point those problems are secondary. I would really like to get this autodiscover working again to restore our email sanity. The Spam coming in is overwhelming. So, if you or anyone can offer any assistance, it would be greatly appreciated.
Free Windows Admin Tool Kit Click here and download it now
February 1st, 2010 8:01pm

Hi,Please try to access https://localhost/Autodiscover/Autodiscover.xml by using browser on the CAS server side, then post the information on the forum.ThanksAllen
February 3rd, 2010 12:32pm

From the CAS server, I have both ESC and friendly http errors disabled. Using https://localhost/Autodiscover/Autodiscover.xml, I get a prompt for the self-signed certificate, which I accept, then I get; <?xml version="1.0" encoding="utf-8" ?> - <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> - <Response> - <Error Time="09:50:20.4810366" Id="3007185755"> <ErrorCode>600</ErrorCode> <Message>Invalid Request</Message> <DebugData /> </Error> </Response> </Autodiscover> When I try with the local IP instead of "localhost", I get prompted for username and password, then the same message as above. When I try from another computer with firefox, I get a username and password prompt, and then, 600 Invalid Request
Free Windows Admin Tool Kit Click here and download it now
February 3rd, 2010 5:50pm

umm... I was poking around my IIS settings and noticed that I had hard coded the bindings to the local IPv4 address, so I changed that back to "unassigned" before testing your address as above. Then on a whim, tested outlookwebservices again, and it passed?? Could that have been the problem??
February 3rd, 2010 6:07pm

Hi,From the message that you tested, that indicates the Autodiscover service itself is working fine. The normal log is as you posted above.By default, the IP address should be Unassigned. After that, please check whether the third party anti-spam can work.ThanksAllen
Free Windows Admin Tool Kit Click here and download it now
February 4th, 2010 5:59am

Everything is working as it's supposed to be now, including 3rd Party AntiSpam. thank you, Andrew
February 8th, 2010 6:39pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics