Just forgot to mention, when the CAS array has been created you should create an “A record” in your internal DNS named mail.company.com pointing to the virtual IP address of your internal load balancing solution\CAS server (in case of a single CAS).
ExchangeGeek (MCITP,Enterprise Messaging Administrator)
***Don't forget to mark helpful or answer***
**Note:(My posts are provided “AS IS” without warranty of any kind)TheExchangeGeek - I never setup a CAS array. Not sure why I didn't think about this. I created one using 'new-clientaccessarray' - created the array name with the fqdn of mail.company.com (I think I can reuse the same as my OWA page right?).
I then tried to Set all my mailbox DBs to the RpcClientAccessServer of the new array name (mail.company.com) and i didn't get any errors. However, when I run:
get-mailboxdatabase | select name.rpcclientaccessserver | ft -auto
It ends up giving me a blank result.
TheExchangeGeek - I never setup a CAS array. Not sure why I didn't think about this. I created one using 'new-clientaccessarray' - created the array name with the fqdn of mail.company.com (I think I can reuse the same as my OWA page right?).
I then tried to Set all my mailbox DBs to the RpcClientAccessServer of the new array name (mail.company.com) and i didn't get any errors. However, when I run:
get-mailboxdatabase | select name.rpcclientaccessserver | ft -auto
It ends up giving me a blank result.
It looks ok.
Do you have any proxy/reverse proxy sitting in between the PC and CAS?
Thanks for helping with this everyone.
Here is the autoconfig screen
Browsing with IE9 I get prompted for credentials and each page gives me the same error: 600 Invalid Request
The only one on here I noticed is it has autodiscover failing for my domain name which is external and would not find my server. example:
https://company.com/autodiscover/autodiscover.xml Failed (0x80072EF3) -- this is targeting our website and it it immediately attempts autodiscover.company.com which is correct but this might be worth noting.
In order to avoid further confusion, create a CAS array and assign it to the various Exchange virtual directories.
ExchangeGeek (MCITP,Enterprise Messaging Administrator)
***Don't forget to mark helpful or answer***
**Note:(My posts are provided “AS IS” without warranty of any kind)Get-AutoDiscoverVirtualDirectory |fl name,*auth*
Thanks for helping with this everyone.
Here is the autoconfig screen
Browsing with IE9 I get prompted for credentials and each page gives me the same error: 600 Invalid Request
The only one on here I noticed is it has autodiscover failing for my domain name which is external and would not find my server. example:
https://company.com/autodiscover/autodiscover.xml Failed (0x80072EF3) -- this is targeting our website and it it immediately attempts autodiscover.company.com which is correct but this might be worth noting.
I'll check. But one thing I noticed is if I create a new email and get the error box and hit cancel it immediately gives me a:
Mailtips could not be retrieved.
Perhaps it is trying to pullup mailtips and this is the culprit?
Did you also see this in the AutoDiscover log
Attempting URL https://cas02.domain.local/Autodiscover/Autodiscover.xml found through SCP
If not, there is definitely something wrong with your AD, replication problem is one of the possible causes.
Maybe you can post the entire AutoDiscover log here.
Both are on the same AD Site and the same IP subnet. I tried this externally to use Outlook connecting over Outlook anywhere and get the same error. Ultimately it still works. but you get the nagging error message for security.
Cas01 was decommissioned - I thought properly (removed all roles and moved anything to cas02). No errors during the removal. However, I ended up creating a new server called cas01 and made that a cas/hub server on new hardware. Therefore anything pointing to it should still work - but I got this error before I brought the new cas01 up and now after it is running.
Based on the AutoDiscover output, there are at least 2 issues:
1. Your old server CAS01 was not decommissioned properly. Outlook still find the SCP in AD. But you mentioned you setup a VM, so this could be the record of the VM.
2. Outlook does not detect the SCP of the new server CAS02 in AD.
Are your Outlook client and Exchange server located in different AD site? If this is the case and your AD replication does not working properly, you will encounter such situation.
Also, when i go to the autodiscover.xml page, I end up getting a prompted for my credentials and then a 600 error. But I believe this is normal.
[PS] C:\Windows\system32>Get-ClientAccessServer |fl *uri, name*
AutoDiscoverServiceInternalUri : https://cas02.domain.local/Autodiscover/Autodiscover.xml
Name : cas02
AutoDiscoverServiceInternalUri : https://cas01.domain.local/Autodiscover/Autodiscover.xml
Name : cas01
------------------------------------
InternalNLBBypassUrl : https://cas02.domain.local/ews/exchange.asmx
InternalUrl : https://cas02.domain.local/EWS/Exchange.asmx
ExternalUrl : https://mail.company.com/ews/exchange.asmx
PSComputerName : cas02.domain.local
Name : EWS (Default Web Site)
AdminDisplayName :
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=CAS01,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Company Organization,CN=Microsoft Exchange,CN
=Services,CN=Configuration,DC=domain,DC=local
InternalNLBBypassUrl : https://cas01.domain.local/ews/exchange.asmx
InternalUrl : https://cas01.domain.local/EWS/Exchange.asmx
ExternalUrl : https://mail.company.com/ews/exchange.asmx
PSComputerName : cas02.domain.local
Name : EWS (Default Web Site)
AdminDisplayName :
DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=cas01,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Hytorc Organization,CN=Microsoft Exchange,C
N=Services,CN=Configuration,DC=domain,DC=local
Upload the output of these commands.
Get-ClientAccessServer |fl *uri, name*
Get-WebServicesVirtualDirectory| fl *url,*name
ExchangeGeek (MCITP,Enterprise Messaging Administrator)
***Don't forget to mark helpful or answer***
**Note:(My posts are provided “AS IS” without warranty of any kind)I've been going through multiple threads and articles and figured I should post mine in case someone has an idea of what is wrong. I had hardware issues with my single CAS/HUB server and decided to replace it entirely. I brought up a new server, launches
services on it and downed the old server with the intention of replacing it. After installing the services on the new server and importing the SSL cert, I uninstalled Exchange from the old server and verified it was no longer listed using ADSI Edit in any
locations. As soon as I decommissionsed the server I started getting popups regarding windows security error (it was a prompt but no way to enter credentials).
Then I created a new VM as a secondary CAS/HUB server and used the same hostname / ip address (in case something was targetting it and causing the issue.
Now the firewall is configured to send exchange ports to CAS01 (.13) and these ports include 80/443 and SMTP/POP ports. These were already in the firewall and I simply pointed them to the new servers internal IP. (Sonicwall)
Then I used Digicert to rekey a new SSL license so that it also includs the new internal server (cas02.internal.local).
However if I run any AutoDiscover tests it fails. This wouldnt be a big deal if Outlook would launch correctly. If you launch Outlook when manually entering the data in the config of it - it will receive e-mail and show connected to exchange but then prompt you for credentials. But this prompt is a grey box saing Windows Security - displaying your email and then your only option is to cancel.
My auto discovery in outlook displays the following - after I uncheck the guesssmart options >
SMTP=myemail@company.com
Attempting URL https://cas01.domain.local/Autodiscover/Autodiscover.xml found through SCP
Autodiscover to https://CAS01.domain.local/Autodiscover/Autodiscover.xml starting
Getlasterror=12044; httpStatus=0
Autodiscover to https://HYCAS01.domain.local/Autodiscover/Autodiscover.xml Failed (0x80040113)
it continues to do this for the other server, and other hostnames (internet ones instead of local ones) and for Srv Record lookup.
Anyone have any idea how to figure this out?
Whenever we configure redirection at the root level, by default it get applied on all the sub directories.
You have to manually disable the redirection from each of the exchange virtual directories.
ExchangeGeek
(MCITP,Enterprise Messaging Administrator)
**My posts are provided “AS IS” without warranty of any kind**
