Cannot Turn Off Outlook Autodiscover? Yes You Can.

A newer Outlook/Exchange feature (when connecting to Exchange using HTTP Proxy) in Outlook 2007, 2010 and Outlook 2013 is for client configuration to be autodiscovered. Outlook’s autodiscover feature searches your corporate email domain for the proper Outlook configuration. Per Microsoft this feature cannot be suppressed. However when Outlook autodiscover cannot find the settings/domain or if a valid https certificate isn’t present or is misconfigured, end users experience an initial popup message or the annoying continuous popup stating:

Allow this website to configure user1@cust1.com server settings?
https://mail.companydomain.com/autodiscover/autodiscover.xml
Your account was redirected to this website for settings.
You should only allow settings from sources you know and trust.

One person’s Outlook was completely disabled by this feature after the autodiscover configuration file changed his settings*. A support engineer would correctly reconfigure Outlook but then autodiscover would RE-reconfigure Outlook. When Outlook was closed and reopened it no longer worked, again, frustrating the end user and support engineer.

Online, the proposed solutions are to either buy an https certificate or run several commands against the Exchange server to verify correct settings. Such as here, here or here. Most experts will say that autodiscover cannot be disabled for remote Outlook clients. They are wrong. Using the previous article, I created local computer registry settings that effectively turn Outlook’s autodiscover off.

The important registry settings are:

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0 14.0 for Outlook 2010\Outlook\AutoDiscover and create these DWORD values:

“PreferLocalXML”
“ExcludeHttpRedirect”
“ExcludeHttpsAutodiscoverDomain”
“ExcludeHttpsRootDomain”
“ExcludeScpLookup”
“ExcludeSrvLookup”
“ExcludeSrvRecord”

(then configure them)

This is performed on each remote client. To expedite the process I create two text/.REG files that are run once our external Exchange clients. Use this configuration to create your own .reg files:

-Outlook 2007-

(begin the registry file at and include the windows registry editor version 5.00 line as your first line)

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]

“ExcludeScpLookup”=dword:00000001
“PreferLocalXML”=dword:00000000
“ExcludeHttpRedirect”=dword:00000001
“ExcludeHttpsAutodiscoverDomain”=dword:00000001
“ExcludeHttpsRootDomain”=dword:00000001
“ExcludeSrvLookup”=dword:00000001
“ExcludeSrvRecord”=dword:00000001

 

-Outlook 2010-

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]

“ExcludeScpLookup”=dword:00000001
“PreferLocalXML”=dword:00000000
“ExcludeHttpRedirect”=dword:00000001
“ExcludeHttpsAutodiscoverDomain”=dword:00000001
“ExcludeHttpsRootDomain”=dword:00000001
“ExcludeSrvLookup”=dword:00000001
“ExcludeSrvRecord”=dword:00000001

 

The autodiscover popups and associated problems have disappeared.

Enjoy,

Michael Pasatieri

 

*Which is ironic since it must initially be configured properly in order to find the configuration file! Therefore is the autodiscover process necessary? I believe that Microsoft was thinking about the enterprise and that when servers are replaced the autodiscover file helps streamline client reconfiguration. In reality, I can change servers and IPs but then I simply repoint DNS records. The external clients never know the difference – no problems. I hope MS makes this feature optional in Outlook 2016.

_____________

Disclaimer – editing the Windows registry can cause Windows system failure, do so at your own risk.

UPDATE: This doesn’t always work. Microsoft is expected to ‘fix’ this in Outlook 2016.

Windows Server 2008 r2 and Windows 7 not Resolving Network Names Correctly

Microsoft has forced the adoption of IPv6. Microsoft Windows 2008/2012 servers and applications are heavily dependent on it. If you have disabled IPv6 on a Windows 2008/2012 server (including Windows 2011 Small Business Server) it may take 30-75 minutes before you can logon. IPv6 is critical to Windows Server and its applications, including Exchange. Leave IPv6 on, even unbinding IPv6 from the server NIC results in very slow boot times. This happened to many people who support Microsoft server products so Microsoft released a patch. This patch fixes the slow IPv6 boot time in Windows 7 and Windows Server 2008 and R2 here: http://support.microsoft.com/kb/3014406.

When IPv6 was turned off not only were slow boot times experienced but also local name resolution requests were being sent out to the Internet instead of resolved the local DNS server. It was as though DNS was forwarding all name resolution requests instead of resolving them. The timing could have been coincidental, we aren’t certain. To fix it I installed the above software patch and cleaned up DNS. I removed old A and AAAA entries (and scavenged old DNS records). That worked and local network name resolution is running faster than ever.

The above update was under ‘optional’ for windows 2008 (or 7) without any other additional information in the Windows update console. From this experience I think this should be a required patch, not an optional one.

2015 Update: IPv6 is key to Windows running smoothly so I recommend leaving IPv6 on. We’ve been seeing DNS preferring IPv6 name resolution over IPv4. In larger environments detailed planning is required but in less than 250 employee corporate networks, leave it on as Microsoft is not going back to preferring IPv4.

Microsoft Networking – A Network Name Issue

There’s a known problem onh Windows 7 and Windows 8 and Windows Vista mapping documents to the network. The issue is when you map a user’s desktop documents folder to the network share the userfolder’s name disappears and “documents” is all the other users see instead of “bsmith” or whatever your naming convention is.

Microsoft has a “fix” here: http://support.microsoft.com/default.aspx?scid=kb;EN-US;947222 and you’ll see they recommend 3 different actions that MIGHT fix the problem. If you look on technet this problem still isn’t fixed there either so here’s my fix that is easy and actually works.

1) browse from the server to the share, open the share.
2) show hidden files.
3) delete the desktop.ini file (or open it and modify it to whatever you want it to say)
4) you may need to close windows explorer and reopen as F5 may not refresh the left hand folders properly.
5) it is fixed.

If you are working with large numbers of users this is not very efficient so you could batch delete the desktop.ini if needed.

Good luck, Mike

 

2015 Update: This seemed to be an Office issue that got resolved in the recent Office version. Also we no longer map the document folder directly to a user share but rather a subfolder.

Microsoft Losing Its Way?

Recently the big news was this: Microsoft is removing the START button in Windows 8 and the new Server OS.

The news was here: http://www.pcworld.com/article/256570/microsoft_thwarts_start_button_hacks_as_new_windows_8_build_launches.html

An update to the news is here: http://betanews.com/2012/06/04/dont-believe-the-lies-you-can-have-a-start-menu-on-windows-8-release-preview/

What’s the big deal? It’s just a button! Right? Actually it indicates the changing landscape of IT and how Microsoft perceives the change. They are responding to Apple and the cloud and prepping the company for the future. Microsoft is also making this change to address the growing tablet market segment. However a knee-jerk reaction to Apple’s and Google’s success isn’t the best move for their own future. I’ll explain why this could be a poor overall business strategy for Microsoft…but first a quick history recap.

In the 1980’s and 90’s Microsoft directed their efforts in gaining business market share while Apple went after the consumers and the education market. Microsoft won as technology filtered from businesses into homes and the PC became a useful tool at home and at the office. Additionally the Microsoft OS was an open platform allowing for rapid growth and for hardware to (eventually) be commoditized. Simply put, the technology mass-migrated from businesses to the home not vice-verse.

Over the past several years there’s been a push from the home to the office as Apple put mini-computers (iPhones) into the mass market’s hands. Working in the IT field I’ve seen IT departments trying to figure out how to integrate Apple technology into existing infrastructure. The other new challenge was the reverse flow of home technology forcing its way into the corporate world.  Corporate IT processes have had to adapt as technology has never before moved from the home into corporate IT on this scale.

Many months before Microsoft released Vista, Ray Ozzie, Microsoft’s Chief Software Architect, approached Steve Balmer and said “Windows needs to be rewritten from scratch.” Apple had done this with OS X successfully but it took several years and Microsoft/Balmer didn’t want to take the time and resources to do it. Later Vista was born and Ray left Microsoft in 2010. Ray was correct. Vista’s replacement, Windows 7, has new improved features but was essentially as a fixed version of Vista with a newer GUI.

As Microsoft was contending with Windows Vista problems, Apple was making billions off the iPhone and apps ecosystem. Apple has once again become a tech powerhouse and one of the wealthiest companies in the world with it’s mobile and end user friendly GUI. Microsoft wants a part of this mobile/tablet market (or all of it). But in the process they may be losing their way. They have forgotten that business leads the way, not consumer products.

It is still businesses that drive mass market adoption, even if mobile/table devices are popular, businesses still require a workstation to create documents, graphics, databases and so on. Mobile and tablet devices are for consuming media/data while a traditional monitor/mouse/keyboard is used for creating media/data. Generally, corporations hire employees to CREATE not consume data.

When Microsoft released Windows 8 Pro they forced Metro UI, a tablet/mobile GUI, on business users. Business users and corporate IT departments will revolt against it. This gives IT admins another reason to consider delaying Windows 8 deployments. The metro UI hijacks the traditional business data creation workflow with that designed for home data consumption.  Microsoft’s core is revenue is the Windows Server – Windows Server Applications (Exchange/SQL/Others) – Windows Desktop OS – and Office. This quadfecta powers most businesses in every industry, whether healthcare, real estate, finance, construction and others. Smartphones will not (at this time nor for the foreseeable future) be driving the backend tech (but one day tablets might). Microsoft’s move to force a consumer GUI in Windows 8 on business users was a mistake – obvious from ten miles away. They have made a knee-jerk reaction to Apple’s success, hastily going ‘all-in’ on home user crowd. Microsoft should be busy moving forward instead of looking back to Apple 2008. They should be focused on creating improved ecosystem such as smartphones and tablets accessing corporate apps/desktops remotely and speedily. Making reliable server and desktop OSes and allowing businesses to naturally and slowly move to new tech.  The remote connection technology has been around for a while but if Microsoft could make this ecosystem affordable (while fixing latency and printing issues) while integrating tablets, they would have a winner. Instead they are almost forcing users and SMBs to the cloud.

(update: As of mid-2013 corporate users are still shunning Windows 8. fyi-To boot directly to the Windows 8 desktop I run startmenu8 by IObit, not exactly an enterprise solution but it works. Additionally MS is killing Small Business Server, not a good move as this will force business to decide between paying full licensing fees and moving to the cloud. They think Office365 will capture most of this market – and it’s possible – but to force the migration, well, that’s a risky gamble.)

The company to benefit from Microsoft’s poor management decisions is Google, Amazon, Rackspace and other cloud companies. Google is in the driver’s seat as they are going after businesses with FREE applications with Gmail, google docs, spreadsheets and so on. Additionally, like the 80’s and 90’s Microsoft, they have the premier open source smartphone/tablet OS that is gaining corporate support and once other applications move to the cloud (in the next decade) I see little reason for Microsoft’s existence. Microsoft should have kept Windows 8 and the new server upgrade bland – speed improvement and some functionality improvement with a desktop tablet interface as OPTIONAL and then chased cloud and allowed corporate users to slowly migrate as they can. While Windows 8 is being released they should furiously begin to prep for the low end of the SMB market to migrate to the cloud (and they have with Office 365). Office 365 is Microsoft’s last grasp once most SMBs and Mid-size companies (in a decade) are fully migrate to the cloud why would Microsoft current core mean anything to anyone? It won’t and by favoring tablets over corporate sales they are pushing IT admins to skip the windows 8 upgrade cycle which means lost revenue now and lost revenue later as the mass migration to the cloud gains steam (but not theirs).

Amazon is losing money on its cloud products, they believe it’s a race to outlast every other tech company and to be the last one standing. In light of the competition Microsoft needs to tread carefully and to make the correct decisions or they’ll be outdated very shortly. That said their stack of cash will cover many more short sighted decisions – maybe even enough to survive the mass cloud migration.

Note to IT firms. If your company specializes in providing “hosted client VMs” for the SMB market – beware your current service lineup won’t be needed in about 5-8 years and your engineer(s) will be reduced to registering and loading apps on smartphones/business tablets. Not a profitable business model.

 

2015 Update: Microsoft has a new CEO and while it is still too early to tell I like his decisions thus far. The Windows 10 platform launches in several months and guess what? If the OS detects a mouse and keyboard with switches back to desktop mode and without it switches to tablet mode. Smart. Well done. On the negative, Microsoft server/application/licensing software prices keep rising making SAMBA on Linux with sendmail very attractive for the SMB market and eventually the enterprise.

The Airline Ticket Virus: How to Remove

One of the recent viruses we’ve seen has been the airplane ticket virus. The email shows flight information and instructs the recipient to open the attachment which looks like a Microsoft Word document but is actually a virus. The virus installs a rootkit and embeds itself into a Windows computer. How to remove:

1 – Hopefully you have AVAST or a similar anti-virus program installed already. In AVAST you create a custom scan (bottom right corner) and in the Scan Areas section choose Rootkits Full Scan option and run this on all hard disks.

2 – Boot into safe mode with networking and use combo fix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix. Combofix will restore system setting the virus modified – such as disabling ctrl-alt-del and hiding desktop icons.

3 – Back in Windows Normal mode, run Malwarebytes and remove the final virus items.

Source:
1 – http://www.mcbsys.com/blog/2011/11/new-airline-ticket-virus-email/

Two Methods to Bypass the Great Firewall of China

I was recently asked for some advice to find a way to “bypass the great firewall of China.” The company is trying to allow Chinese developers access and program a website for this company. In other words, the “GFOC” is blocking internal business affairs of the legitimate company – yes that’s communism hard at work…that discussion isn’t for this website, so moving on. I see two methods – don’t know if they work just know they exist. They are:

1 – The “Freedom Stick” – http://www.engadget.com/2008/08/08/cccs-freedom-stick-circumvents-chinas-firewall-just-in-time/

2 – Tele Anti- Censorship System – http://www.engadget.com/2011/08/14/telex-anti-censorship-system-promises-to-leap-over-firewalls-wit/ and https://telex.cc/

Good luck. If it works, let me know!

Technology in a Human Context

I was intrigued by a recent article so I sent this email to Cathy:

Hi Cathy,

I just read the write-up on your efforts here:

http://www.fastcompany.com/magazine/157/cathy-davidson-duke-university-hastac

…and you are so right!

I’ve worked in IT for over 15 years, own an IT company and done IT work for over 300 companies. A couple times during my IT career I recommended against using/deploying technology. These were very specific situations and scenarios where I thought that technology couldn’t fix an operational issue. Once the executives weren’t happy with my recommendation. They thought that technology solves everything, it doesn’t. It is only a tool, to only be used so that a greater purpose is achieved. I’ve noticed this love affair, almost worship of, technology. The recent Lord of Technology that’s captured the hearts of CEOs/CTOs everywhere is the ‘Cloud’. The Cloud can be a useful tool or not – depends on the application of the technology and the business process it is attempting to solve.

In one case, a nonprofit foundation runs several nonprofits including a large and profitable resale shop. The resale shop was staff by volunteers aged 70 and up. A quick survey showed that these volunteers were very against changing their ways and although the resale shop was dependent on these old workers the administration decided, against my advice, to install a POS (Point of Sale) system with barcodes. Money and time were spent and it was implemented but volunteers revolted. The blowback was powerful and the volunteers won. The POS technology was removed from the site.

Technology is also blindly loved at schools. Some think every child must have a laptop and we must move all learning to digital and the kids must be keyboarding experts in 1st grade. Why does this thought exist? Does it help form a child’s mind? No. It is because people do not understand education nor do they understand that technology is only a TOOL. Granted, an important one but it is just a tool. So what, our kids are proficient keyboarders by 3rd grade. Perhaps by the time they graduate college businesses won’t even be using keyboards! Education of our kids should focus on education, critical thinking, logic, reasoning, math, writing, reading, recitation, history and so on. I’m not saying keyboarding or technology is useless or shouldn’t be used but rather it should take it’s place as a tool to learn not the central focus to be concerned about.

 

People miss the fact that technology is a tool, like a hammer is to a carpenter. It should help us accomplish a task; technology isn’t the doer nor is it the task itself. We are the doers and the technology enhances our skills to finish the task. It’s clear to me that technology’s purpose within human society is misunderstood. For example in the school setting it should not replace the development of the fundamentals, after fundamentals are learned then technology aids in the task’s completion. The mistake is thinking that operating a computer is the fundamental skill but it’s not. This is a colossal mistake.

You are right. Our schools, jobs and so on are still operating from the principles of the industrial age. The information age is in it infancy and it’s time to move society towards it. When technology is there but hardly noticed is a sign we are on the right path. In Star Wars, Luke Skywalker lived on the farm with his aunt and uncle. They owned advanced technology, it was everywhere, but it had its place – as a tool. It wasn’t worshipped nor did they think they couldn’t live without it but they lived their lives. I’m not sure how to word this correctly but; living a life is life, learning is learning, family is family and technology was a tool to use for their benefit.

The Internet is a powerful tool and yet it potential has not been realized. At some point schools like we have today could be unnecessary and so could large office buildings which house 1000’s of employees. Everything will change – become more decentralized as decentralization is the Internet’s primary power. Decentralization of such magnitude brings change in all areas of human production; economic, education, art, politics, transparency, thought, and more that are not fully comprehended at this time. It is key to know that human life is separate from a computer and its benefits. We should enjoy those benefits but confusing or blending them together is a mistake. Man isn’t a computer nor will ever be one and to treat him as such robs the unique creative power he/she brings into this world.