How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask A. Stevens Your Own Question
A. Stevens
A. Stevens, Computer Engineer
Category: Email
Satisfied Customers: 1557
Experience:  10+ years of Desktop, Laptop, and Server troubleshooting and support.
71208907
Type Your Email Question Here...
A. Stevens is online now

I am trying to configure Autodiscover second domain on

Customer Question

I am trying to configure Autodiscover for a second domain on Exchange 2010. I have a wildcard SSL, only one IP. I have read this can be done by creating an SRV record, but am struggling with DNS...

Submitted: 2 years ago.
Category: Email
Expert:  A. Stevens replied 2 years ago.
Hi, I am A. Stevens here to help with your question! Could you explain a little bit about how you have the 2nd domain set up with the domain controller? How is your hardware set up or are you using VM?
Customer: replied 2 years ago.
Sure, it's an exchange 2010 machine running in a Microsoft hyperv failover cluster.
Primary domain has been running for a couple of years. Secondary domain was added a few weeks ago following a guide online. Basically - added the secondary domain to the Accepted Domain tab under Organization Congif >> Hub Transport.
- created an MX record for the secondary domain to point to our primary SMTP server. Mail flow has been fine, it's just autodiscover that isn't working. I'm thinking it's because autodiscover.secondarydomain doesn't exist and I can create an svr record for the secondary domain in DNS manager on the server. I think I also need to create forward lookup zones for the secondary domain. But tbh I'm at a loss as what is the right way to do this and the steps I need to take...
Expert:  A. Stevens replied 2 years ago.
Thanks for that info. Have you done the autodiscover connectivity tests? Can you give me the results?
Expert:  A. Stevens replied 2 years ago.
Use PS on the server running Exchange 2010 and run - Test-OutlookWebServices
Expert:  A. Stevens replied 2 years ago.
Please let me know what results so we can confirm if it is DNS related or not
Expert:  A. Stevens replied 2 years ago.
If you are interested, I can offer additional services for remote support so that I can diagnose and resolve it for you. Let me know and we can schedule.
Customer: replied 2 years ago.

Hi, happy to allow remote access but our times are not quite in sync...

Here are the results of some testing..

Customer: replied 2 years ago.
Relist: Other.
Happy to receive answers from this user but out Time difference makes it very difficult
Customer: replied 2 years ago.

The Microsoft Connectivity Analyzer is attempting to test Autodiscover for *****@******.***.
Testing Autodiscover failed.

Additional Details

Elapsed Time: 43913 ms.

Test Steps

Attempting each method of contacting the Autodiscover service.
The Autodiscover service couldn't be contacted successfully by any method.

Additional Details

Elapsed Time: 43913 ms.

Test Steps

Attempting to test potential Autodiscover URL https://haddenhamathome.co.uk:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.

Additional Details

Elapsed Time: 21382 ms.

Test Steps

Attempting to resolve the host name haddenhamathome.co.uk in DNS.
The host name resolved successfully.

Additional Details

IP addresses returned: 216.139.212.174

Elapsed Time: 309 ms.

Testing TCP port 443 on host haddenhamathome.co.uk to ensure it's listening and open.
The specified port is either blocked, not listening, or not producing the expected response.
Tell me more about this issue and how to resolve it

Additional Details

A network error occurred while communicating with the remote host.

Elapsed Time: 21073 ms.

Attempting to test potential Autodiscover URL https://autodiscover.haddenhamathome.co.uk:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.

Additional Details

Elapsed Time: 1078 ms.

Test Steps

Attempting to resolve the host name autodiscover.haddenhamathome.co.uk in DNS.
The host name resolved successfully.

Additional Details

IP addresses returned: 62.232.172.138

Elapsed Time: 355 ms.

Testing TCP port 443 on host autodiscover.haddenhamathome.co.uk to ensure it's listening and open.
The port was opened successfully.

Additional Details

Elapsed Time: 329 ms.

Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.

Additional Details

Elapsed Time: 394 ms.

Test Steps

The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.haddenhamathome.co.uk on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.

Additional Details

Remote Certificate Subject: CN=*.people-in-action.co.uk, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)14, OU=GT17077673, SERIALNUMBER=TgmhSy1u6HYbYdJsaHjZVPneRiQc9D9t, Issuer: CN=RapidSSL CA, O="GeoTrust, Inc.", C=US.

Elapsed Time: 348 ms.

Validating the certificate name.
Certificate name validation failed.
Tell me more about this issue and how to resolve it

Additional Details

Host name autodiscover.haddenhamathome.co.uk doesn't match any name found on the server certificate CN=*.people-in-action.co.uk, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)14, OU=GT17077673, SERIALNUMBER=TgmhSy1u6HYbYdJsaHjZVPneRiQc9D9t.

Elapsed Time: 0 ms.

Attempting to contact the Autodiscover service using the HTTP redirect method.
The attempt to contact Autodiscover using the HTTP Redirect method failed.

Additional Details

Elapsed Time: 21107 ms.

Test Steps

Attempting to resolve the host name autodiscover.haddenhamathome.co.uk in DNS.
The host name resolved successfully.

Additional Details

IP addresses returned: 62.232.172.138

Elapsed Time: 45 ms.

Testing TCP port 80 on host autodiscover.haddenhamathome.co.uk to ensure it's listening and open.
The specified port is either blocked, not listening, or not producing the expected response.
Tell me more about this issue and how to resolve it

Additional Details

A network error occurred while communicating with the remote host.

Elapsed Time: 21059 ms.

Attempting to contact the Autodiscover service using the DNS SRV redirect method.
The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method.

Additional Details

Elapsed Time: 152 ms.

Test Steps

Attempting to locate SRV record _autodiscover._tcp.haddenhamathome.co.uk in DNS.
The Autodiscover SRV record wasn't found in DNS.
Tell me more about this issue and how to resolve it

Additional Details

Elapsed Time: 148 ms.

Checking if there is an autodiscover CNAME record in DNS for your domain 'haddenhamathome.co.uk' for Office 365.
Failed to validate autodiscover CNAME record in DNS. If your mailbox isn't in Office 365, you can ignore this warning.
Tell me more about this issue and how to resolve it

Additional Details

There is no Autodiscover CNAME record for your domain 'haddenhamathome.co.uk'.

Elapsed Time: 186 ms.

Customer: replied 2 years ago.

Ive created an A record for autodiscover on the secondary domain to point to the WAN IP of the exchange server which produced the following Ecxh Conn Test results...

Expert:  A. Stevens replied 2 years ago.
Thanks for all the info so far. What is your time zone? I am in GMT-6 so currently 9:28AM
Expert:  A. Stevens replied 2 years ago.
Do any of the features of autodiscover work at all? IE OAB, OWA, etc. ?
Customer: replied 2 years ago.

UK, So GMT...

OWA works, Outlook Anywhere works... I was trying to share calendars and names were resolving from both domains so OAB must be working too?

Customer: replied 2 years ago.
OWA works, Outlook Anywhere works... I was trying to share calendars and names were resolving from both domains so OAB must be working too?
Expert:  A. Stevens replied 2 years ago.
Are you able to sync the Global Address List?
Customer: replied 2 years ago.

I get no errors when trying to download it.

Customer: replied 2 years ago.
Relist: Other.
Again, time difference is making this difficult...
Expert:  A. Stevens replied 2 years ago.
Hmm. OK. I would be available for a remote session in about an hour, would that work for you?
Customer: replied 2 years ago.

Yeah I can be around, keen to get this resolved so let me know as soon as you're ready.

Customer: replied 2 years ago.

Hi,

Any luck with the remote session yet?

Thanks,

Paul.

Expert:  A. Stevens replied 2 years ago.
Sorry about that, I got locked in another question right when you had responded.
A. Stevens and 4 other Email Specialists are ready to help you
Expert:  A. Stevens replied 2 years ago.
Do you have team viewer on the machine?
Expert:  A. Stevens replied 2 years ago.
Do you have team viewer on the machine?
Expert:  A. Stevens replied 2 years ago.
Just Answer has their own remote software but it is a bit slow at times, Tv would be much faster. If you don't already have it you can go to www.teamviewer.com to download it
Expert:  A. Stevens replied 2 years ago.
Please give me the Partner ID and password ***** you have it running
Customer: replied 2 years ago.

hi

ok, ill get it now

Customer: replied 2 years ago.

138 701 314

7207

Expert:  A. Stevens replied 2 years ago.
See you tomorrow
Customer: replied 2 years ago.

I read through that guide today and it appears to relate more to setting up multiple domains to use the same certificate and so I had difficulty trying to relate that to my scenario. I had asked the hosts to create an SRV record but with little understanding of what I was asking for.

I asked them to create an SRV record for autodiscover.haddenhamathome.co.uk to point to the WAN IP of the exchange server...

Expert:  A. Stevens replied 2 years ago.
I was in the understanding that is what you wanted to do? Since you are wanting to use the certificate for people-in-action for haddenhamathome?
Customer: replied 2 years ago.

Sorry, let me elaborate. This guide seems to geared towards setting up multiple domains on one certificate (3,4...) and therefore the steps involved in getting the SRV record are too general for me to extract the information I need to apply it to my scenario of a secondary domain.

I appreciate the efforts you have made to get us to this stage but I am still unclear if I am doing it the correct way?

Expert:  A. Stevens replied 2 years ago.
Could you please elaborate a bit on why a secondary domain and not just another domain?
Customer: replied 2 years ago.

it is... but its a singular entity, rather than multiple entities. The guide shows you how to setup if you were adding 3, 4 or more domains all redirecting to a generic HTTP redirect method though IIS.. I am trying my hardest to understand how I can apply this to setting up the DNS SRV method I thought was needed for my scenario, but cannot get my head around it...

Expert:  A. Stevens replied 2 years ago.
Could you tell me how the mail flow works for your different domains?
Customer: replied 2 years ago.

We setup an accepted domain using this guide:

https://www.youtube.com/watch?v=5ZAVOouuO-o

I then setup an MX record to Point to the WAN IP of the exchange server.. and that's it.

Expert:  A. Stevens replied 2 years ago.
OK let me do a bit of research on this guide so I have a good understanding of what you want to accomplish
Customer: replied 2 years ago.

question showing as closed... Just posting this to make sure it remained open

Expert:  A. Stevens replied 2 years ago.
Yes I tried to reach you via Team Viewer as I suppose this question timed out, looks like you were able to re open it
Expert:  A. Stevens replied 2 years ago.
Let me know when we can connect via team viewer again
Customer: replied 2 years ago.

I can set you up again now? although I will be afk for a bit...

Expert:  A. Stevens replied 2 years ago.
yeah just let me know the partner ID and password
Customer: replied 2 years ago.

138 701 314 9841

Expert:  A. Stevens replied 2 years ago.
can you unlock? and adjust the timeout period? seems to be locking me out even if cursor is active
Customer: replied 2 years ago.

back now...