Tuesday, November 8, 2011

AutoDiscover fails for all users with error code 0x80072F0C

If the AutoDiscover service not working properly users may experience problems when setting Out of Office replies, sharing calendars, viewing Free/Busy information in outlook client.

This happens if the client certificate option selected in IIS for AutoDiscover virtual directory.

Although client certificates and SSL server certificates both use certificates, they are not directly related to each other.

SSL server certificates provide encryption and security functionality.

Client certificates provide user authentication functionality.

In Native mode, we need to use server/SSL certificates and to ignore client certificates.

WINHTTP, which our client uses for web connections, does not have any mechanism for client certificate handling so we attempt to try to use the client certificate instead of the server SSL certificate which fails the certificate requirement to access the site via SSL.

To make AutoDiscover work change the Client Certificate option for AutoDiscover virtual directory to ignore instead of Accept or Require.

In your IIS server...

Open IIS Manager

Expand the Web Site

Select each of the virtual directories and in the middle pane, Select "SSL Settings" per virtual directory

Under "Client Certificates", make sure the option "Ignore" is selected instead of "Accept" or "Require"

No comments:

Post a Comment