Unified Messaging with Microsoft Office 365 Auto Discovery Process Troubleshoot

Introduction

This document describes a problem encountered where the Auto Discovery process does not work when Cisco Unified Messaging is used with Microsoft Office 365.

Problem

When you attempt to configure Cisco Unified Messaging with Office 365, you populate the Search for Hosted Exchange Servers field with mycompany.mail.onmicrosoft.com as the site URL. However, when you click Test, none of the tests return successful results.

In order to collect additional information, you must enable additional traces under the Cisco Unity Connection Serviceability web page. In order to complete this, choose Trace > Micro Trace and enable:

    CsMBXSync: 02, 10, 11,13,14,15,19,20,22,23
     CsEWS: 10,11,12,13
     EWSNotify:All

Use the Real Time Monitoring Tool in order to collect these traces from the timeframe that you run the test on the user:

• Connection Mailbox Sync
• Connection Tomcat

These results appear in the logs if there is a failure:

10:47:02.756 |31923,,,CsExMbxLocator,10,[CsExMbxLocator/CsExMbxLocator.cpp:1249]: HTTP
request failed with error: Couldn't resolve host name -- Could not resolve host:
mycompany.mail.onmicrosoft.com (DNS server returned answer with no data), HTTP
status code: 0, for Autodiscovery URL:
https://mycompany.mail.onmicrosoft.com/autodiscover/autodiscover.xml, verb: GET,
query: 

10:47:02.756 |31923,,,CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:192] Test
Button result: Failed connected to Exchange CAS server at
(https://mycompany.mail.onmicrosoft.com/autodiscover/autodiscover.xml)
10:47:02.756 |31923,,,CsExMbxLocator,13,[CsExMbxLocator/CsExMbxLocator.cpp:1116]: HTTP
request: GET /
https://autodiscover.mycompany.mail.onmicrosoft.com/autodiscover/autodiscover.xml /

Solution 1

Change the data in the Search for Hosted Exchange Servers field from mycompany.mail.onmicrosoft.com to outlook.office365.com. Save the changes and run the test again. The problem should be resolved.

Solution 2

This behavior also occurs if there is a firewall or routing issue that blocks communication between Unity Connection and the Internet. In order to determine this, collect a network capture from the CLI of Unity Connection. Use Wireshark to open the capture and enter dns in the display filter.

Look for the packet with the CNAME Domain Name System (DNS) response returned from the DNS server to Unity Connection. This contains all of the public IP addresses of Office 365 servers that Unity Connection is told to use. Once you have located the list of those IP addresses within the packet, modify your display filter so it is easier to follow:

dns || ip.addr == X.X.X.X || ip.addr == X.X.X.X || ip.addr == X.X.X.X || ip.addr == X.X.X.X

The X.X.X.Xs are the public IP addresses of Office 365 returned in the DNS CNAME response.

If Unity Connection is unable to connect to these public IP addresses, TCP SYN leaves Unity Connection to those public IP addresses. There is not a TCP SYN,ACK return, which causes Unity Connection to attempt to connect to the next several IP addresses. This results in the described failure.