During a recent Office 365 Hybrid Deployment, we utilized an existing set of Exchange 2010 CAS Servers (Clue) to preform the required Federation, MRS Proxy and AutoDiscover functions. All configuration tasks where completed without error. The Microsoft RCA (Remote Connectivity Analyzer) passed and test mailbox moves worked fine.
The Issue
However.! During the testing of AutoDiscover with setting up Outlook over the web (no SCP)
we discovered this would fail. Upon checking the Outlook "Test E-Mail AutoConfiguration" we were presented with the failure "0x80040413" Failed
Fig 1. AutoDiscover error
So, as I mentioned above, The RCA gave us the "all clear", However it did carry a "warning". This is normally to do with some certificate warning on old windows mobile devices. However I decided to drill down through the RCA to find a warning I have "never" seen before. it was the test for "Checking the IIS configuration for client certificate authentication"
There was a warning something like (sorry, did not screen shot) "Client certificate authentication was detected" And a statement around setting to ignore. Upon checking the IIS Virtual Directory for AutoDiscover, Indeed this setting was set to "Accept"
Fig 2. This is what caused the issue.
Pretty obvious now, and so it seems from the (Clue) I find myself victim of inheriting a configuration that had been "tampered" with. So simply set the SSL settings client certificate to Ignore. All good !
Fig 3. Set back to Ignore. The resolution
No comments:
Post a Comment