2 Replies Latest reply on Feb 17, 2015 9:47 AM by equipereseau

    Autodiscover Exchange 2010

    equipereseau

      Hello,

       

      I'm unable to gets working the Autodiscover process on MacOS with MWG 7.5 (i didn't test with older version).

      The process works fine without any proxy and our old TMG 2010 proxy, but not with McAfee.

       

      I will try to explain you the Exchange Autodiscover process. During the Entourage setup process (or other Exchange mailbox client setup), you just have to fill your email address in the setup wizard. With this email, the wizard know the standard Exchange process is to make a HTTP call on autodiscover.domainmail.com. In my case, it's autodiscover.domain.com.

      This URL call redirect to complete URL https://autodiscover.domain.com/autodiscover/autodiscover.xml.

      This XML need an authentication (basic or NTLM, I don't know exactly) to be able to ask the CAS Exchange server what is the URL of the server and the Ldap server for this particular mailbox.

      Now, you understand why, if i exclude the autodiscover.domain.com from authentication process, it will never prompt for login/domain/password and the setup will failed.

       

      Our TMG Proxy is capable to give an access to a specific rule without authentication (anonymous) but able to provide authentication prompt if asked by client, it's why it works.

      On MWG, if I exclude this URL from authentication, even if the application need to authenticate, it will never ask.

       

      Is anyone here is using Exchange 2010 Autodiscover, and witch rules had you implement to get it works?

       

      Thanks.

        • 1. Re: Autodiscover Exchange 2010
          lubomir.cerny

          We use MWG7 with Exchange2007+2013. we use explicit proxy mode in HA with 2 nodes and aprx 3000 users.

          PC use IE with autoconfig script via proxy.pac file. The point is that this proxy.pac order user to go direct to URL autodiscover.domain.com without proxy server.

           

          This way the PC starts, than reads pac file. When Outlook starts, it uses Windows IE setting to reach internet. autodiscovery URL is constructeed based on user smtp email address and PC tries to connect to autodiscover.domain.com this URL is resolved as internal 10.x.x.x subnet the PAC file directs such subnet go direct. So Outlook tries to contact exchange server via internal LAN not via proxy and internet.

           

          Works ok in whole WAN.

          • 2. Re: Autodiscover Exchange 2010
            equipereseau

            Thanks, the McAfee support team don't seems to know the Exchange Outlook Anywhere authentication process, so i had to exclude the autodiscover.domain.com from proxy in our proxy.pac, as you...

             

            But, our policy is to route all traffic in our proxies, so i hope the support will find something.