Troubleshooting Autodiscover

There are often problems reported by users related to connectivity or you just setup your lab and want to know if you configured everything correct. But even when you double-checked and everything looks okay you might want to see what Autodiscover returns for a given user. Maybe not only for a given user, maybe just the result from one specific server or when you have larger environments from servers within a specific AD site.

Background

Of course you can use Outlook and run “Test E-Mail AutoConfiguration”, but for this you need to have Outlook installed. Outlook on a server? Might not be a good idea and anyways not supported to have Outlook installed on an Exchange server.

If you want to send a request to Autodiscover service you can choose between two services:

  • POX, which is the older version
  • SOAP, which is the latest version

The main difference is that POX is returning always the complete configuration for a client, while with SOAP you can query individual elements/parts of clients configuration. Besides this POX can send 2 special headers:

  • X-MapiHttpCapability: If present and set to “1”, indicates that the client is requesting information that can be used to connect to the server by using the MAPI/HTTP protocol. This header is applicable to clients that implement the MAPI/HTTP protocol
  • X-ClientCanHandle: This header contains a comma-delimited list of capabilities that the client supports:
    • Negotiate  (min. server version 15.00.0995.014)
    • ExHttpInfo (min. server version 15.00.0995.014)

Now that we know the basics we can build our own request and parse the result. Therefore I wrote a script, which accepts the following parameters:

Parameters

ParameterDescription
EmailAddressThe required parameter EmailAddress defines the e-mail address for the object we want the configuration.
ServerThis parameter Server overrides the automation process of finding the Autodiscover endpoint. This is the hostname you will send the request to.
Note: Cannot be used in combination with FromAD.
CredentialsThe parameter Credentials accepts PSCredential objects, which are used for authentication. If omitted and no OAuth is used, the scripts runs in the context of the executing user.
SOAPThe parameter SOAP will cause to send SOAP requested instead of POX.
FromADThe parameter FromAD will cause the script to query AD for SCP in order to find the Autodiscover endpoint. Note: Cannot be used in combination with Server.
ADSiteThe parameter ADSite defines which ADSite will be queried. Note: Can only be used in combination with FromAD.
TimeoutThe parameter Timeout defines the Timeout of the request.
TrustAllThe parameter TrustAll will disable certificate check.
UseOAuthThe parameter UseOAuth will trigger OAuth2 auth code flow for authentication.
RawResponseThe parameter RawResponse will return the raw response.

How to use?

You just need to download the script from GitHub here. As we are all moving away from Basic authentication, I added the support of using OAuth2.0 for authorization and authentication. In fact I’m using the well-known application, which is used by C2R. If you still want to use Basic auth you can use the parameter Credentials or none, which then uses the default network credential.

Here some screenshots:

Conclusion

With the support of OAuth2.0 I wanted to make the script capable for scenarios, where Basic authentication is not available.

I hope this helps troubleshooting. Any feedback is highly appreciated.

4 thoughts on “Troubleshooting Autodiscover

  1. Pingback: Get-AutoDV2 | The clueless guy

  2. Thomas, is there any chance to upload your PowerShell scripts to Github or anywhere else because Technet Gallery is not available anymore?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s