Question : Problem with autodiscover with Outlook 2007/Exchange 2003

I have just started having a problem with just two of our users when opening Outlook.
This problem appears to happen only for just the user on a particular PC.  
If that user logs onto an alternative PC on the network, then the problem does not occur.  
If another user logs onto the “problem” PC, then the problem does not occur.

Small Business Server 2003
Microsoft Outlook 2007
This problem occurs for the outlook client accessing Exchange on the local server.

When the user logs onto the network and then opens Outlook (after Outlook has opened after about 5 – 10 seconds) a Certificate error window pops up.  See Certificate error 1.

Clicking either Yes to continue or No results in Outlook working normally.

The certificate error refers to websitelive, which is our web host.  I spoke to them and they considered that there may be a problem with the DNS pointing the autodiscover process to their server rather than our internal server.  They added a DNS record so that the autodiscover process was routed to our internal server.

Unfortunately that did not solve the problem, but just changed it.  The Certificate error now refers to our own router – see certificate error 2.

Now I am completely baffled.

I checked on some Microsoft information which suggested that autodiscover is only used for Exchange 2010 working with Outlook 2007 and above.  This suggests to me that this client should not be calling autodiscover anyway.

I would very much welcome some suggestions as to how this can be solved.


Certificate error 1
Certificate error 2

Answer : Problem with autodiscover with Outlook 2007/Exchange 2003

1) this issue will go away, but you need to be prepared for other things to stop working. Using a wildcard DNS record is bacically a general "and everything else I fortot to specifically add" option. If this has been used as a quick, lazy way to point many subdomains at one place, deleting it will stop those things from resolving to the right IP.
I would always recommend having a specific record for each subdomain you want to resolve as it avoids situations like this occurring.

2) outlook is not doing anything wrong. this is what it is designed to do. Every outlook 2007 tries to find an auto discover, its hard coded and cannot be disabled. Some of them are correctly failing to find one and giving up. a couple of your PCs seem to be having trouble but its not outlooks fault.
You may find that the users on the other PCs use some webapp on this IP address and may have permanently accepted or installed the certificate for the web based interface sometime in the past. These ones with a problem may not have done so and get the certificate issues.

Technically it isnt outlooks fault, it is the DNS/website's issue.
Random Solutions  
programming4us programming4us