none
Outlook Anywhere "Error while preparing to send sharing message" when sharing contacts

    Pregunta

  • Hi,

    Recently i have implemented outlook anywhere, all external users, email flow is working fine, we did bought 3rd party Single SSL with mail.123.com. Right now, whenever user open outlook 2010, users will prompt out autodiscover.123.com cert error, click yes to proceed.

    Thought this is just a small issue, now user complaint cant share contacts to other users, it prompt "Error while preparing to send sharing message". 

    Already test with outlook connectivity test, no autodiscover problem, what can i do next? 


    Thanks


    Alfred

    martes, 17 de julio de 2012 5:19

Respuestas

  • The above registry keys will stop Outlook from looking for Autodicover at 123.com/Autodiscover and autodiscover.123.com, but as I wrote before...that is just a workaround.

    Without one SAN/UC Certificate with the names mail.123.com and autodisover.123.com you need the SRV-Record, but I do recommend you to buy a new certificate. At least if you have users that will use ActiveSync. Not having to manually configure a device for EAS is really worth it.
    SRV-Records is for Outlook and Mobile Devices not have a clue of what that is.

    You can get one UC/SAN certificate for $59.99/yr so...


    Martina Miskovic

    • Propuesto como respuesta sanjee31 martes, 17 de julio de 2012 6:27
    • Marcado como respuesta AlfredL martes, 17 de julio de 2012 6:34
    martes, 17 de julio de 2012 6:03

Todas las respuestas

  • Hi,
    Did you create a SRV-Record for Autodiscover as suggested in your other thread and removed autodiscover.123.com from the internal and external DNS ?

    Martina Miskovic


    martes, 17 de julio de 2012 5:26
  • Ensure that you have autodiscover DNS record that matches user's primary SMTP address for example: autodiscover.123.com and valid certificate assigned to CAS server. Once you have these two in place the error should go.

    - Sarvesh Goel - Enterprise Messaging Administrator (Exchange 2010)

    martes, 17 de julio de 2012 5:31
  • Ensure that you have autodiscover DNS record that matches user's primary SMTP address for example: autodiscover.123.com and valid certificate assigned to CAS server. Once you have these two in place the error should go.

    - Sarvesh Goel - Enterprise Messaging Administrator (Exchange 2010)


    That would be true when using a SAN/UC Certificate, but that is not the case here.

    Martina Miskovic

    martes, 17 de julio de 2012 5:33
  • Hi Martina,

    Thanks for quick respond,

    Yes, already created at my internal DNS 123.com

    _autodiscover

    _tcp

    443

    mail.123.com,

    i did plan to remove the autodiscover at internal and external, but really worry of might affect email flow, should be schedule on weekend to do so.

    in my preivous post, you mentioned that you dont understand why i install cert for client,

    i did so because if i didnt install cert for user, i cant configure outlook anywhere.

    Thanks

    martes, 17 de julio de 2012 5:37
  • The best you can do is to bet a SAN/UC Certificate with the names mail.123.com and autodiscover.123.com in it.

    As long as you don't have that, you will need a SRV-record in your external DNS for things like Availability, OOF and OAB Download to work.

    Since Outlook is hardcoded to check for the root domain and autodiscover.primarysmtpdomain before SRV-Records, you will have certificate errors as long as you still have the A-Record for autodiscover created.

    You can change that with registry settings on the client, but that would only be a workaround.
    [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]
     "ExcludeHttpRedirect"=dword:00000001
     "ExcludeHttpsAutodiscoverDomain"=dword:00000001
     "ExcludeHttpsRootDomain"=dword:00000001

    Autodiscover has nothing to do with mailflow and if you needed to install the certificate on the client machines, then I don't think you installed the root/intermediate certificate correct on the server. IF you bought the certificate from the known public Issuer.


    Martina Miskovic



    martes, 17 de julio de 2012 5:46
  • Hi Martina,

    Can i said that the workaround is just disable the outlook to look for the autodiscover?

    if yes, the sharing message issue will still will be there, and i have 2 only 2 solutions, one is get a cert for autodiscover.123.com Or setup the SRV-record.

    (and thanks for clarify)

    Alfred

    martes, 17 de julio de 2012 5:56
  • The above registry keys will stop Outlook from looking for Autodicover at 123.com/Autodiscover and autodiscover.123.com, but as I wrote before...that is just a workaround.

    Without one SAN/UC Certificate with the names mail.123.com and autodisover.123.com you need the SRV-Record, but I do recommend you to buy a new certificate. At least if you have users that will use ActiveSync. Not having to manually configure a device for EAS is really worth it.
    SRV-Records is for Outlook and Mobile Devices not have a clue of what that is.

    You can get one UC/SAN certificate for $59.99/yr so...


    Martina Miskovic

    • Propuesto como respuesta sanjee31 martes, 17 de julio de 2012 6:27
    • Marcado como respuesta AlfredL martes, 17 de julio de 2012 6:34
    martes, 17 de julio de 2012 6:03
  • Hi Martina,

    I thought i was cleared from previous post, but im not,

    (before that, you are giving me a very clear picture, thanks for that. )

    in previous post from ManU Philip

    "If you are going to purchase certificate for Autodiscover alone, create a new certificate Request for autodiscover service from EMC and import it to exchange server through EMC. Assign the certificate to autodiscover service..No further reconfigurations required.

    If you can add the autodiscover url in to the existing certificate, again you require a certificate request and importing that certificate to EMC. Then assign the certificate to autodiscover too.

    As you are using a trusted third party certificate, you don't require it to import it in to clients. The certificate is already trusted there."

    does he means if i can get another single cert, i just need to apply it to the autodiscover service?

    man...i confused here

    Alfred

    martes, 17 de julio de 2012 6:21
  • "If you are going to purchase certificate for Autodiscover alone, create a new certificate Request for autodiscover service from EMC and import it to exchange server through EMC. Assign the certificate to autodiscover service..No further reconfigurations required.

    does he means if i can get another single cert, i just need to apply it to the autodiscover service?

    man...i confused here

    Alfred


    ManU Philip is suggesting something that is not technically possible.

    Martina Miskovic



    martes, 17 de julio de 2012 6:25