1 / 12

Troubleshooting Issues with Outlook® Connectivity

Troubleshooting Issues with Outlook® Connectivity. August 30, 2012. Agenda. How Outlook® Connectivity to Office 365 W orks Troubleshooting Tools/Methods Scenarios (Total time: 1 hour). Autodiscover Outlook Profile Generation.

ama
Download Presentation

Troubleshooting Issues with Outlook® Connectivity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Troubleshooting Issues with Outlook® Connectivity August 30, 2012

  2. Agenda • How Outlook® Connectivity to Office 365 Works • Troubleshooting Tools/Methods • Scenarios (Total time: 1 hour)

  3. AutodiscoverOutlook Profile Generation (3) Outlook attempts to discover endpoint through DNS record “autodiscover.service.contoso.com” (1) Where is my mailbox? (2) Local Exchange passes a redirect to “service.contoso.com” (4) Request Authentication (5) Authentication Success (6) Profile Builds

  4. Troubleshooting Tools/Methods • Web • Powershell • Outlook® • Networking • Miscellaneous

  5. Web • OWA • https://outlook.com/<domain> or via O365 portal(https://portal.microsoftonline.com) • Determine if user can log into their mailbox at all • Determine if user’s temporary password has been changed (must be changed before Outlook® can connect) • For non-Identity Federation configurations, if able to log in, it helps verify user credentials are ok/correct • ExRCA (Exchange Remote Connectivity Analyzer): • https://www.testexchangeconnectivity.com/ • “Outlook Autodiscover” & “Outlook Anywhere (RPC over HTTPS)” tests • Independent of client & network client is on • O365 portal: • https://portal.microsoftonline.com • Determine autodiscover CNAME record information for O365 domain • Determine if user has been blocked from signing into account • Another way to verify if user credentials are ok/correct (good test if OWA login fails) in non-Identity Federation (aka SSO) configurations • Take Exchange out of the picture

  6. Web (Cont’d) • O365 DIY Troubleshooting Tool: • http://community.office365.com/en-us/tools/troubleshooting.aspx • Helps narrow down & shows possible solutions for the issue • Recording Explaining Tool at http://community.office365.com/en-us/blogs/office_365_technical_blog/archive/2012/08/09/troubleshooting-issues-with-sending-and-receiving-email-in-office-365-lync-and-learn.aspx • Browser itself: • Example: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml • Prompted for Org ID credentials • Good response below: <?xml version="1.0" encoding="utf-8" ?> <Autodiscoverxmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> <Response> <Error Time="00:38:55.0596225" Id="1018033456"> <ErrorCode>600</ErrorCode> <Message>Invalid Request</Message> <DebugData /> </Error> </Response> </Autodiscover>

  7. Powershell • Get-CASMailbox • Determine if mailbox is enabled for MAPI • Get-CASMailbox <user> | flMapiEnabled • For Outlook® to connect MapiEnabled must be set to True • How to correct: Set-CASMailbox <user> -MapiEnabled $True • Get-Mailbox/Get-MsolUser • Determine if “soft deleted” mailboxes with duplicate UserPrincipalName exists • Get-Mailbox <user> | flUserPrincipalName,Guid • Get-Mailbox <user> -SoftDeletedMailbox | flUserPrincipalName,Guid • Get-MsolUser–UserPrincipalName <user’s UPN> -ReturnDeletedUsers | fl • Test-MAPIConnectivity • Determine if mailbox can be accessed via MAPI: • Test-MAPIConnectivity <user> | fl • Good response: Result = Success • Bad response : Result = *FAILURE* • Error listed with bad responses

  8. Outlook • Test E-mail AutoConfiguration • Ctrl – Right-click on Outlook icon in system tray • Disable “Guessmart” check boxes • Autodiscover Log • Outlook Logging must be enabled via Outlook GUI or EnableLogging registry DWORD entry • http://support.microsoft.com/kb/831053 • Olkdisc.log file located in %temp% • Connection Status • Ctrl – Right-click on Outlook icon in system tray • Manual Configuration • Follow “Method 3: Manually set up Outlook” from http://support.microsoft.com/kb/2404385 • Tests MAPI connectivity to mailbox • Autodiscover, OOF/Availability, & OAB will still fail if Autodiscover was failing before

  9. Networking • Netmon/WireShark • Outlook traffic to O365 is encrypted (RPC over HTTPS), but you can look for retransmits and/or blocked packets • TCP port 443 must be allowed through networking devices • Look at DNS traffic for resolution attempts on autodiscover FQDNs • Example: autodiscover-s.outlook.com • Ping • Determine if autodiscover DNS record resolves • Example: C:\>ping autodiscover-s.outlook.com Pinging autodiscover-s.outlook.com [157.56.240.137] with 32 bytes of data: Request timed out. Etc… • NSLookup • Determine if autodiscover DNS record resolves • DNS • In split-brain DNS environments, autodiscover record must also be created on internal DNS servers

  10. Miscellaneous • MOSDL Support Toolkit • http://support.microsoft.com/kb/960625 • Performs network diagnostics and collects configuration and logging information • Example: NSLookup, ExRCA Outlook Anywhere test, etc… • Things to try • Working user on same client as affected user • Affected user on another client, including on a working user’s client • Affected user on a client on a different network

  11. Scenarios • Soft Deleted Mailboxes • http://support.microsoft.com/kb/2619308 • ExRCA“Outlook Anywhere” test shows “HTTP 401 Unauthorized” error when making Autodiscover XML request to https://pod51xxx.outlook.com/Autodiscover/Autodiscover.xml • Use Get-Mailbox & Get-MsolUsercmdlets to troubleshoot • Example (Looking up specific user): • Get-Mailbox <user> | flUserPrincipalName,Guid • Get-Mailbox <user>-SoftDeletedMailbox| flUserPrincipalName,Guid • Get-MsolUser–UserPrincipalName <user’s UPN> -ReturnDeletedUsers | fl • O365 license removed/re-added • OWA error shows “Your account has been disabled.” • ExRCA “Outlook Anywhere” test shows ErrorCodeof 500 with Message of “The e-mail address cannot be found.” when making Autodiscover XML request to https://pod51xxx.outlook.com/Autodiscover/Autodiscover.xml • Can take up to 24 hours before mailbox can be accessed

  12. Scenarios (Cont’d) • Sign-in Access Blocked • This is an intentional block on the user against any access, including Outlook® Anywhere • OWA and O365 portal shows error “Sign-in is blocked” • User must be allowed sign-in access via the O365 portal(Users -- <user> -- Settings –Set Sign-In Status = Allowed) • Password Reset/Expired • User has password reset (i.e. user has temp password) or it expires • “HTTP 456” error when making Autodiscover XML request to https://autodiscover-s.outlook.com/Autodiscover/Autodiscover.xml • User with temporary password must log into either O365 portal and/or directly into OWA and change their password • User with expired password must contact their admin/help desk to get a new temporary password and then change their password

More Related