AutoDiscover
This article will describe how to configure your organization's domain to ensure proper operation of Outlook 2007 features which rely on autodiscover and to eliminate any potential sync errors or security alerts about the SSL certificate for autodiscover.yourdomain.com.
1. If you have implemented a registry tweak to make Outlook suppress certificate errors, that entry should be removed from your registry. If you did not specifically create this registry entry, the ShowCertErrors value will not be present in your registry and you can skip this step. The registry entry is as follows:
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"ShowCertErrors"=dword:00000000
To remove that entry from your registry, browse to it with regedit, right-click ShowCertErrors and choose Delete.
This registry tweak effectively suppresses the security alert, but it results in syncronization log errors and denies your system access to features including the out of office assistant and the availability service of the meeting planner.
Note that if Webville hosts the DNS (name servers) for your domain name we will create the appropriate AutoDiscover SRV Record record in the DNS zone for your domain. The following instructions are for clients whose DNS is hosted elsewhere.
2a. If applicable, remove any CNAME (Alias) or Host records for autodiscover in your domain's DNS zone.
2b. If applicable, remove any wildcard record in your domain's DNS zone which would respond to calls for autodiscover.yourdomain.com.
2c. Use the following parameters to create a new SRV record in your domain's DNS zone.
Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: mail.webville.net
If you are using Windows DNS, the steps to create an SRV record are as follows:
- Open the DNS Management MMC snap-in.
- Expand Forward Lookup Zones.
- Locate and right-click the external DNS zone corresponding with your primary email address, and then click Other New Records.
- Click Service Location (SRV).
- Enter the parameters by using the required values shown above and in the screen shot below.
- Click OK.
Note new server name for 2010,
now using mail.webville.net for autodiscover
If your domain's DNS is hosted by GoDaddy, create an SRV record with the following parameters:
Service: _autodiscover
Protocol: _tcp
Name: @
Priority: 0
Weight: 0
Port: 443
Target: mail.webville.net
The interface may look like the following GoDaddy DNS control panel screen shot. Click the graphic below to view full size.
When the SRV record is configured correctly and has had time to propagate, start Outlook. It will prompt you as shown in the following screen shot to Allow this website to configure [you@yourdomain.com] server settings:
Check the box marked "Don't ask me about this website again" and click Allow.
Testing AutoDiscover
1. Testing your DNS configuration
If you try to ping autodiscover.yourdomain.com you should get no replies and a message that the host or domain could not be found or does not exist. If autodiscover.yourdomain.com is resolved to an IP address and your system tries to ping that address, whether or not your get replies to your pings, see step 2 above and remove the wildcard, host or CNAME record which is causing the response.
Use PING to Verify absense of wildcard, host or CNAME Records
-
Click Start then click Run
-
In the Open box type CMD
-
At the command prompt type ping autodiscover.yourdomain.com (where yourdomain.com is the domain of your primary email address) then press Enter.
PING should return results similar to the following:
Ping request could not find host autodiscover.yourdomain.com. Please check the name and try again.
Use NSLOOKUP to Verify SRV DNS Record
-
Click Start then click Run
-
In the Open box type CMD
-
At the command prompt type nslookup then press Enter
-
At the nslookup prompt type set type=all then press Enter
-
Type _autodiscover._tcp.yourdomain.com where yourdomain.com is the domain of your primary email address, then press Enter.
NSLOOKUP should return results similar to the following:
_autodiscover._tcp.webville.net SRV service location:
priority = 0
weight = 0
port = 443
svr hostname = mail.webville.net
mail.webville.net internet address = 65.115.231.142
2. Testing from Outlook
After you confirm your DNS configuration, you may want to test autodiscover from within Outlook. Hold down Ctrl and right-click the Outlook icon in the system tray while Outlook is running. Choose Test E-mail AutoConfiguration. See screen shot below.
The Test E-mail AutoConfiguration dialog will appear (see screen shot below). Uncheck the Guessmart and Secure Guessmart options to focus on AutoDiscover. Confirm that your primary email address is in the E-mail Address field. Password is not necessary here and can be left blank. You should quickly get an error free return showing a lot of details about the URLs Outlook connects to.
3. Online Testing Tool
Run the tests available here to verify connectivity and AutoDiscover configuration:
Troubleshooting AutoDiscover
Synchronization Log Errors
If you simply ignore the whole issue and have no AutoDiscover record in your domain's DNS, you will get errors in the Outlook 2007 synchronization log and significant loss of functionality. If you implement a CNAME for AutoDiscover plus the well known registry tweak to suppess the security alert it leads to, you will get similar errros in the sync log and loss of functionality. See step 1 above about removing the registry tweak. Screen shot of security alert is shown below.
Create SRV Record in Internal and External DNS
Microsoft's published instructions on this topic refer to creating the SRV Record in your external DNS server, but the SRV Record needs to exist in whatever DNS server responds to your users' requests, whether the user is inside or outside of your office location.
CNAME Method Superceded
The previously popular solution to AutoDiscover configuration was to create a CNAME (Alias) in DNS for autodiscover.yourdomain.com which points to our CAS server shelley5.webville.net. This solution results in a security alert message when Outlook starts, saying that the name on the certificate (shelley5.webville.net) doesn't match the name autodiscover.yourdomain.com, but if you click Yes every time it does enable full functionality and eliminates sync log errors. The CNAME solution is superceded by the SRV Record solution. See screen shot:
Outlook 2007 with update required
The SRV Record solution requires an updated version of Outlook 2007. The original RTM version of Outlook 2007 does not support this solution. The update was released in June of 2007, so if you've visited Microsoft Update since then, you should already have it. See
Microsoft Update to update your copy of Outlook.
AutoDiscover itself is required for Outlook 2007
Note: Outlook will generate errors if the AutoDiscover record is not found.
Outlook 2007 with cache mode enabled will generate the following error message:
"Microsoft Exchange offline address book
Not downloading Offline address book files. A server (URL) could not be located." 0X8004010F
Outlook 2007 without cache mode enabled will generate the following error message:
"Task reported error (0x8004010F): The operation failed. An object cannot be found."