Posts Tagged ‘autodiscover’

It is possible to disable certain autodiscover steps by creating DWORD entries in the HKEY_CURRENT_USER\Software\Microsoft\Office\<version>\Outlook\AutoDiscover registry key.

Note. <version> can be 16.0 for Outlook 2016, 15.0 for Outlook 2013 and 14.0 for Outlook 2010.

The following DWORD entries can be created:

  • ExcludeHttpRedirect
  • ExcludeHttpsAutoDiscoverDomain
  • ExcludeHttpsRootDomain
  • ExcludeScpLookup
  • ExcludeSrvRecord
  • ExcludeLastKnownGoodURL (Outlook 2010 version 14.0.7140.5001 and later)
  • ExcludeExplicitO365Endpoint (Outlook 2016 version 16.0.6741.2017 and later)

Add the DWord of 1 to any of the above to skip the check

Per here https://support.microsoft.com/nl-nl/help/2212902/unexpected-autodiscover-behavior-when-you-have-registry-settings-under

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

When trying to add your email account to Outlook 2016 you get the follow error

an encrypted connection to your mail server is not available

365 is obviously  encrypted which means there must be something wrong with Autodiscover

  1. Check Autodiscover

Should be a CNAME to autodiscover.outlook.com. ( Put full stop on the end )

2. Make sure you have finished setting up the domain in 365 or it won’t listen for the domain

Test Autodiscover via : https://testconnectivity.microsoft.com/

Try logging in to powershell on your 365 Tenant and disabling OAuth2 (2fa ) 

Set-OrganizationConfig -OAuth2ClientProfileEnabled:$true
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

mit-logo[1]To get Autodiscover working on a certificate that does not have any extra SAN’s available apart from it’s main Conical Name on the Certificate , you will need to use either a autodiscoer.xml file hosted on the companies main website or create a SRV record with the registrar.

The registrar was Melbourne IT , who for some reason don’t have valid DNS validation so records get stuck “Publishing”. After trial and error I finally got the records needed and beat their own Helpdesk by 2 Weeks to the fix.

Name : companydomain.com. ( remember dot on the end )

TTL : Can be left @ their default 86400 but should be 3600

Priority : 0

Port : 443

Weight : 0

Service : _autodiscover

Protocol :  _tcp

Target : mail.domain.com ( domain name on the CN Cert) ( remember dot on the end )

VN:F [1.9.22_1171]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: +2 (from 2 votes)