Professional Documents
Culture Documents
Using Fiddler For Autodiscover Troubleshooting Scenarios Part 4-4 - Part 24 of 36
Using Fiddler For Autodiscover Troubleshooting Scenarios Part 4-4 - Part 24 of 36
24#36
The current article is the last article in the Autodiscover troubleshooting tools
article series.
In this article, we will review a very interesting tool named Fiddler, that can help
us in our task of capturing and analyzing Autodiscover data that is passed between
the Autodiscover client and the Autodiscover Endpoint throughout the
Autodiscover communication channel.
Page 2 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
Page 3 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
Generally speaking, there are a couple of tools that have the ability to capture
network traffic that flow in the communication channel between two nodes.
An example for such tools is:
Page 4 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
The ability to inspect HTTP and HTTPS session from any type of clients in the
current article, we demonstrate how to use Fiddler for inspecting an Outlook
session but, its important to mention that the Fiddler tool, can use to inspect
HTTP and HTTPS session of any type of client.
For example, we can use the Fiddler for the monitoring OWA session (Outlook
web client) and get a very detailed information about the information the flow
between the client and the server.
Disadvantages
Page 5 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
The Fiddler was not created as a dedicated tool for troubleshooting Microsoft
Autodiscover client problems. The information that we get from Fiddler is not
so clear and understandable as the information that we get when using
tools such as the ExRCA (Exchange remote connectivity analyzer).
Disability of inspecting additional protocols beside HTTP and HTTPS.
For example, an Autodiscover process in Active Directory environments
includes additional protocol beside the HTTP and the HTTPS such as as-DNS
and LDAP.
When using the Fiddler, we will not be able to get any kind of information
about these Autodiscover parts that are implemented by the Autodiscover
client.
Page 6 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
Click the HTTPS tab and choose the option box Decrypt HTTPS traffic
Page 7 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
Page 8 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
On the last window approve the operation of the certificate installation on the local
desktop
Row 1 in this row we can see the icons that Fiddler use for representing a
specific event such as success, failure, encryption etc.
Row 2 the protocol that was used (HTTPS or HTTP)
Page 9 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
The Left part of the Fiddler graphical interface, is dedicated to presenting the
Log rows, the record of the HTTP or the HTTPS session that occurs.
The Right part of the Fiddler graphical interface, is dedicated to presenting the
content of a specific session.
Notice to Tab on the upper part and beneath the content. Each of this tab, enable
us to get a differ view of the information.
For example, SyntaxView, HexView, Image View, XML, Heeders etc.
Page 10 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
In the following screenshot, we can see the Autodiscover round trip that was
accused when a mail client such as Outlook accesses his mailbox on the Exchange
Online server.
We can see that in the begging, the Autodiscover client is trying to access a host
named o365info.com
using HTTP and the communication requires failed.
If we look at the content of the Log row, we can see some additional information
such as:
[Fiddler] The connection to o365info.com failed. <br />Error: TimedOut (0x274c).
<br />System.Net.Sockets.SocketException A connection attempt failed because the
Page 11 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
connected party did not properly respond after a period of time, or established
connection failed because connected host has failed to respond 104.28.12.85:443
Another session such as the HTTPS communication with the Exchange Online
server (pod51049.outlook.com) was completed successfully.
General clarification in Office 365 and Exchange Online environment, the mail
client doesnt reach directly to his final Autodiscover Endpoint.
Instead, the Autodiscover client is going through a journey in which he travel
between couples of nodes until he reaches his destination.
For example, a standard Autodiscover workflow in an Office 365 environment will
start when the Autodiscover client tries to look for the host using the SMTP email
domain as the host name (o365info.com in our scenario), if he fails to find or
communicate with this Autodiscover Endpoint, the client will try to look for a host
using the Autodiscover as a prefix (autodiscover.o365info.com in our scenario).
Because in Office 365 there is not such Autodiscover Endpoint, the Autodiscover
client will be redirected to Potential Autodiscover Endpoint named autodiscovers.outlook.com and, from there will be redirected again to his final destination, in
our scenario an Exchange Online CAS server named- pod51049.outlook.com
An example for the Autodiscover session
In the following screenshot, we can see that Outlook (Autodiscover client) tries to
access host named autodiscover-s.outlook.com
Written by Eyal Doron | o365info.com | Copyright 2012-2015
Page 12 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
If we look at the content of the log row, we can see the information that appears in
the server certificate (the certificate that the server sends to the Autodiscover
client).
In the following screenshot, we can see that Outlook (Autodiscover client) tries to
access host named pod51049.outlook.com
If we look at the content of the log row, we can see the information that appears in
the server certificate (the certificate that the server sent to the Autodiscover client).
Page 13 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
In the following screenshot, we can see that Outlook (Autodiscover client) manage
to reach his Autodiscover Endpoint an Exchange Online CAS server named
pod51049.outlook.com
By using the Syntax View tab, we can see the content of the XML file that the
Exchange server return as an Autodiscover response.
Page 14 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
Another option for viewing the content of the Autodiscover response is by using the
XML tab.
The XML tab enables us to see the information (the XML file) by displaying the XML
Hierarchy.
Fiddler Miscellaneous
As mentioned, the fiddler is a very powerful tool that enables us to do many
things with the recorded data.
In the following screenshot, we can see an example of a nice option that enables us
to replay a specific HTTP or HTTPS session.
To be able to replay a session, we will need to right click on the required Log row,
and choose the replay menu.
Page 15 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
Page 16 of 16 | Using Fiddler for Autodiscover troubleshooting scenarios | Part 4#4 | Part
24#36
Additional reading