Orion's Belt

Autodiscover, Outlook 2016 and Office 365 Issues in Windows 10

So there I was minding my own business, checking emails on Outlook when suddenly a message pops up which asks:

"Allow this website to configure your@domainname server settings?"

" ......../autodiscover/autodiscover.xml"

"Your account was redirected to this website for settings..."

And I had the option to either Allow or Cancel, as well as could tick a box so that it doesn't ask about this website again.

The only issue is, the address that was given was my web hosting's email server address, whereas I was using Office 365.



I clicked allow - and for those that don't know, this also creates a registry entry for that address under:

HKEY_CURRENT_USER\Software\Microsoft\Office\xx.0\Outlook\AutoDiscover\RedirectServers

Where xx was 16 for Office 2016.

Also for those who are unaware like I was - apparently you can no longer manually configure Office 365 accounts, they have to be automatic, and they need the correct autodiscover settings present. Autodiscover is basically a mechanism that allows users to easily configure their email client knowing only their email address and password. Outlook tries a list of various methods of autodiscover until one of them succeeds.

That's when the real trouble began - that email account under Outlook was now corrupt. It wasn't the first time this had happened, and I did the same thing that I had done every other time that this had happened before, I went to Control Panel -> Mail -> deleted the corrupt account, then tried to add it again. Except this time it just wouldn't add!

I cannot say what was the exact reason why I couldn't add the account, but I have a sneaky suspicion it was because my web hosting provider, which also keeps the DNS records, had something wrong with their SSL certificate as it was giving a big red F on one of those free SSL reports from ssllabs.com.

 When I couldn't add my email account back to Outlook, I tried to create a new profile and add the account to that, which failed as well.

Next I tried to check if my domain setup was correct, from the Microsoft Admin portal for Office 365 (login.microsoftonline.com). It turns out I had a few extra DNS records in my custom domain's DNS settings. I had a second MX record pointing to the web hosting's email server, and as well as an extra SRV autodiscover record. I restored all default DNS, re-added the ones required by Office 365, and removed the extra MX and SRV records.

My troubles weren't over yet - I re-checked the domain status and all records were correct and there weren't any extra ones, but when I tried to add the email account again:

a. It was taking a long time to check the server settings (approx. 15 minutes), and
b. It was not adding the Office 365 account!

Instead it was adding the IMAP account provided by the web host.

I tried flushing the DNS cache, that did not work either.

I tried Microsoft's Remote Connectivity Analyzer tool and it told me that everything was correct.

I tried Microsoft's Support and Recovery Assistant for Office 365 - this took about 5-10 minutes each time I tried it, and it failed at the Autodiscover step each time. The first time it failed, it asked me to add a registry entry to ExcludeHttpsRootDomain with a link to this site so I did that to no avail. However there were references to the address on that old SRV record for autodiscover, even though it was now deleted, hence I added a ExcludeSRVRecord DWORD set to 1.

THIS DID NOT WORK EITHER. By now the error kept saying "There is a problem with one of the certificates that Outlook needs to communicate securely with Office 365. Please contact your administrator..." , as well as "We couldn't validate the SSL certificate name. Host name "xxx" doesn't match any name found on the server." This had something to do with the web host's SSL server certificate not being trusted due to a mismatch in the name I presume.

I tried testing the E-Mail Auto-Configuration in Outlook and 9 times out of 10 it failed, and the one time it did succeed it gave me the address that was present in the deleted SRV record for autodiscover.

By this time I was pretty much frustrated (and yes I did try turning it off and on again) so I asked for help. First I tried the hosting company's support to see if they could shed a light on the matter. Unfortunately they had not provided a phone number - only a way to chat with an online support person who did his best but didn't have a solution to the puzzle.

Finally, I tried calling Microsoft support - they asked me to create a service ticked from the admin panel and someone will call me back so I did exactly that, and a lady named Irish did call back within a few minutes and logged on remotely to my computer. After listing all of the things I had already tried, she asked me to add another DWORD value to:

HKEY_CURRENT_USER\Software\Microsoft\Exchange\

Name: "MapiHttpDisabled"
Value: 1

Restarted the computer - tried to add the Office 365 account again - and Boom! Success.

However - was this success due to this registry entry, or was it because enough time had passed since the SRV record had been deleted that the DNS had propagated properly? I don't want to risk changing the setting and finding out!

1 comment

  1. This worked... like a charm.

    Thank you for posting.

    HKEY_CURRENT_USER\Software\Microsoft\Exchange\

    Name: "MapiHttpDisabled"
    Value: 1

    ReplyDelete