1. Outlook 2007/2010 and Windows 7
During the course of migration from XP to a windows 7 environment the rules on how programs operate has changed. In Windows XP one could load up programs, load a proxy server setting, and go about your business if not on the web. Not true anymore. In windows 7 if a program needs access to the internet then all programs are deemed to go through internet options. This can be disastrous when needing to institute a web proxy. In each case with Outlook when trying to open via RPC over HTTP users receive a prompt for username and password. This is annoying and unproductive. If the user chooses cancel a prompt in Outlook will change to say needing password where the connection should reside. In order to get around this, organizations with remote users taking advantage of Outlook over RPC are going to need to make a few modifications to allow for Outlook to function appropriately.

2. The Infamous XML File
Outlook 2010 uses xml files to authenticate to specific items. One of these items is to use a configuration that will bypass proxy and allow outlook to use the https:// rpc protocol with msstd. This XML file needs to be placed in the directory: C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\Name.xml Name= your organization name. If you are mail.aloha.com then your file will be aloha.xml Here is an example of the XML file that you need. <?xml version="1.0" encoding="utf-8" ?> <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> <Account> <AccountType>email</AccountType> <Action>redirectUrl</Action> <RedirectUrl>https://mail.aloha.com/autodiscover/autodiscover.xml</RedirectUrl> </Account> </Response> </Autodiscover> Save this and rename it to your organization.

It is important that when testing the “use guessmart” and “secure gessmart authentication are unchecked. If autodiscover continues to fail this is a function of the exchange server not having the appropriate certificate. One is to install a single certificate on the exchange server that is multi-domain capable and add autodiscover. Once you have copied these items to the PC it is time to test Autodiscover and make sure if it working correctly. Once created put in the value of the xml location as seen here: C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha. One is regular string value named aloha. The other option is to set up a secondary cert on the exchange server. .aloha. On a machine that is operating remotely open Outlook and allow the connection to the Exchange server to be made. Once these are unchecked choose the test button to begin the test If Autodiscover completes successfully a log file view will show this status. To do this go down to the Outlook Icon in the system tray.0\Outlook\AutoDiscover] One there two keys need to be created. At this point two options are available. If no prompts come up and Outlook says connected to Exchange then everything should be okay.3. hold down the ctrl key and click the icon. Open regedit and go to: [HKEY_CURRENT_USER\Software\Microsoft\Office\14. It is still good to go ahead and check Autodiscover to make sure however.com to the cert. Testing Autodiscover with these files in place.com. Making the appropriate adjustments to Registry In order for Outlook to take advantage of this XML file a registry needs to be modified which allows outlook to default over.XML After creating this registry the next key to create is a regular dword value and name it: PreferLocalXML Assign the value in decimal to this dword =1 4. This will bring up a new window which allows username credentials to be added. You will see the option to test the Autodiscover.

The simplest way to do this is through the logon script option in GPO.vbs ' Objective: ' ' VBScript to change registry and file copy for Websense: Will allow Outlook to function appropriately when out of the office.strValue2.0\Outlook\Autodiscover\aloha.dwValue. strKeyPath = "HKCU\Software\Microsoft\Office\14. Now that outlook is working on one machine it is time to create a GPO and get this applied to all machines affected.RegWrite strKeyPath. Dim objShell Dim strKeyPath. strValue.xml" strValue2 = "C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha."REG_SZ" objShell. ' Author James Mosley ' August 17th 2010 ' -----------------------------------------------------------------' 'Delcare all administrative overhead Option Explicit 'Comment this out for testing.strValue.0\Outlook\Autodiscover\aloha.com" strValue = "C:\Program Files (x86)\Microsoft Office\Office12\OutlookAutoDiscover\aloha. Please note the following VBscript which will install the file as well as change the appropriate registry.RegWrite strKeyPath. On Error Resume Next 'Declare Variables that will be used for the script. Optional objShell.5. Set objShell = CreateObject("Wscript. Deploying the registry changes and xml file through GPO. ' Editing the Registry and File Copy for Websense.RegWrite strKeyPath.com" 'Assign the value that you wish to have within the key strValue = "C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\aloha.xml" ."REG_DWORD" strKeyPath = "HKCU\Software\Microsoft\Office\12."REG_SZ" strKeyPath = "HKCU\Software\Microsoft\Office\14.Shell") 'This allows for creation of the key at the path provided all together.0\Outlook\Autodiscover\PreferLocalXML" dwValue = 1 objShell. strValue2 Dim dwValue 'Create an object that is going to the work as a user.xml" 'Called method to actually write the key that we want. The last value states whay type of key it is going to be.

True FSO.strValue."REG_SZ" strKeyPath = "HKCU\Software\Microsoft\Office\12. _ "C:\Program Files (x86)\Microsoft Office\Office14\OutlookAutoDiscover\aloha.XML".CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha. _ "C:\Program Files\Microsoft Office\Office12\OutlookAutoDiscover\aloha.XML".aspx Note that it is important to configure your SCP to point to the appropriate url.XML".CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.0\Outlook\Autodiscover\PreferLocalXML" strValue = "PreferLocalXML" dwValue = 1 objShell.dwValue. http://msexchangeteam. It is of interesting note that this fix is not 100% accurate for the multiple certificate issue.quit 6. Note the use of the "_" 'For line continuation FSO.RegWrite strKeyPath.XML". True wscript. Exchange 2007 and the Autodiscover certificate The information provided here is additional troubleshooting if autodiscover is still failing in the organization.XML".XML".com/archive/2007/04/30/438249.com/en-us/library/bb332063%28EXCHG. Please see the link below and follow along."REG_DWORD" '======================================================================' 'Declare the variables that are going to copy our files to allow for Outlook to bypass Autodiscover Dim FSO 'Create the object that is going to be a worker process Set FSO = CreateObject("Scripting. True FSO.aspx#Scenario3 .CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha.objShell.FileSystemObject") 'Copy all of the files from a unique location to the place that we want.XML". Included are additional steps which should help in getting a multiple certificate infrastructure set up.microsoft.RegWrite strKeyPath.CopyFile "\\swhqfsr01\apps\Firefox Modifier\AutodiscoverAloha\aloha. _ "C:\Program Files (x86)\Microsoft Office\Office12\OutlookAutoDiscover\aloha.XML".80%29. _ "C:\Program Files\Microsoft Office\Office14\OutlookAutoDiscover\aloha. The context of configuring the SCP can be found at: http://technet. True FSO.

Close IISManager and re-open.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0 %SYSTEMROOT%\Microsoft. Create a new Exchange SCP pointing to the site.Scroll down in this section and locate the “Step2: Modify the Service Connection Point.com/autodiscover/autodiscover. Properties of the autodiscover should be identical to default web site.NET\Framework64\v2. The autodiscover should be gone.xml -AutodiscoverServiceInternalUri 6. Remove-AutodiscoverVirtualDirectory -Identity "swhqex04\Autodiscover (Default Web Site)" (Say Y to remove. Set-ClientAccessServer -identity <servername> https://autodiscover. Make sure that you provide additional IP and DNS addressing internal and external. Lastly included are the steps taken with Microsoft when resolving autodiscover using two certs. From the exchange command shell: Get-AutodiscoverVirtualDirectory New-AutodiscoverVirtualDirectory -WebSiteName "Autodiscover Web Site" If you receive an error then remove the old autodiscover first and then re-add.contoso. Re-register ASP 2. etc.0. directories. It is assumed that the administrator understands websites. The above is provided as a framework and does not imply that ALL steps are provided. Home directory should point to Inetputb\wwwroot default 4.0 for the new web site from a command prompt (especially if this is a 64bit OS install): cscript %SYSTEMDRIVE%\inetpub\adminscripts\ads util. Also done from the exchange command shell.) New-AutodiscoverVirtualDirectory (Check to make sure they are created.) 5.) (Re-add the default autodiscover and then add the new autodiscover on the website. . Create a new website named: Autodiscover Web Site Add your SSL certificate at the root.exe -i (Note: it will say there may have been errors but that is normal) iisreset 3.50 727\aspnet_regiis. Correcting SSL Certificate with WebSite (Two separate SSL EXCH Hub) 1. Test outlook settings.” This article also contains good information regarding the autodiscover service. Turn off both guess smart. 2. Look at log and you should see two fails and then a succeed.