Problem with autodiscover and IMAP on exchange 2019

drClays 151 Reputation points
2022-12-01T18:31:59.293+00:00

Hi,
I have a problem with correctly working autodiscover on my exchange servers.

This is my configuration:

Domain name(external/internal): contoso.com
I have an SSL wildcard certificate: *.contoso.com
External IP addresses:

  • 1.1.1.1,
  • 2.2.2.2
    Exchange Servers:
  • EXCH19A - 10.0.0.10
  • EXCH19A - 10.0.0.20
  • EXCH19B - 10.0.1.10
  • EXCH19B - 10.0.1.20

External DNS:

  • mail.contoso.com > A > 1.1.1.1
  • mail.contoso.com > A > 2.2.2.2
  • autodiscover.contoso.com > A > 1.1.1.1
  • autodiscover.contoso.com > A > 2.2.2.2

Internal DNS:

  • mail.contoso.com > 10.0.0.10
  • mail.contoso.com > 10.0.1.10
  • autodiscover.contoso.com > 10.0.0.10
  • autodiscover.contoso.com > 10.0.1.10

These servers working in cluster:
DNS: dag>10.0.0.20\ dag>10.0.1.20

Here is the result from testconnectivity:
266284-test-autodiscover.txt

Here are port redirections on my firewall:
266341-2022-12-01-19h19-41.png

The second problem is with IMAP configuration. IMAP is enabled. Some mailboxes don't synchronize correctly on outlook.
For example: I see other emails in Outlook with Exchange protocol configuration and other emails in Outlook with IMAP protocol configuration on the same mailbox

Any suggestions? In the beginning, I would like to repair autodiscover.

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,178 questions
Exchange | Exchange Server | Management
{count} votes

2 answers

Sort by: Most helpful
  1. drClays 151 Reputation points
    2022-12-07T14:44:40.89+00:00

    Hi,

    I did a few tests on testconnectivity and that looks nice, but on every test, I have the same information about certificate validation:

    Analyzing the certificate chains for compatibility problems with versions of Windows.
    The test passed with some warnings encountered. Please expand the additional details.
    Additional Details
    The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.

    Outlook test:
    268242-2022-12-07-15h07-27.png

    ActiveSync test:
    268216-2022-12-07-15h09-43.png

    SMTP test:
    268234-2022-12-07-15h11-42.png

    IMAP test:
    268140-2022-12-07-15h13-09.png

    I can configure my mailbox on Outlook Mobile via exchange protocol and it's working - send/receive email but I cannot do this on external Outlook.

    I cannot configure the same account via IMAP protocol on Outlook Mobile, Outlook and Thunderbird. Where I use ports 993/465.
    268226-2022-12-07-15h33-23.png

    Any suggestions?


  2. drClays 151 Reputation points
    2022-12-23T14:36:43.833+00:00

    Hi,
    This is probably a problem with one mailbox. I tried it on other devices and there is the same problem.

    Now I try to fix the failover cluster of dag.

    There was on Exchange servers only one ethernet adapter with two IP addresses.

    I add a new eth adapter and configure the second IP from eth1 on eth2.

    Now I have:
    EXCH19A:
    ETH1: 10.0.0.10/27
    ETH2: 10.0.0.20/27

    EXCH19B:
    ETH1: 10.0.1.10
    ETH2: 10.0.1.20

    When I added new eth adapters I see a lot of new ReplicationDagNetwork and I think it's something wrong.
    I would like to change network on 192.168.x.x for replication - is it's gonna be ok?

    273774-2022-12-23-13h24-26.png

    In ECP/Servers/DAG where is configured witness, there are IP addresses:
    10.0.0.10
    10.0.1.20
    and it's wrong.

    In AD I have a computer object colled "DAG01" and in DNS record A has DAG01.contoso.com with IP: 10.0.0.10 and it's wrong

    Witness is:
    EXWitness with IP: 10.0.1.60

    Now I would like to change DNS record A "DAG01" from 10.0.0.10 to 10.0.1.70.
    Next step when I change DNS I would like to change IP DAG on ECP. I will remove 10.0.0.10 and 10.0.1.20 and add only 10.0.1.70 and it's could be fine, yes?

    How to fix EVENT ID 1259?

    Cluster network name resource failed registration of one or more associated DNS name(s) because the cluster service failed clean up the existing records corresponding to the network name.

    Cluster Network name: 'Claster name'
    DNS Zone: 'contoso.com'

    Ensure that cluster name object (CNO) is granted permissions to the Secure DNS Zone.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.