Solved

I have an issue with autodiscover and multiple email domains.

Posted on 2010-08-18
19
821 Views
Last Modified: 2012-05-10
We use Outlook2007 on non-domain connected clients and support multiple email domains , domain1.com and domain2.com. Domain2 is a Secondary external domain in our Exchange environment and the domain for our primary SMTP email address. We need to get our CAS servers to accept autodiscover.domain2.com  connections from our clients. Their email addresses are john.doe@domain2.com,, etc... While their domain accounts are in domain1.com. The autodiscover website is not requiring SSL but we still get the certificate error when starting outlook, and are unable to download the OAB. Any help is appreciated, thanks.
0
Comment
Question by:Reeftank
19 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33470032
0
 

Author Comment

by:Reeftank
ID: 33470039
Thanks for the quick response. i will check them out...
0
 
LVL 8

Expert Comment

by:Jessie Gill, CISSP
ID: 33470394
Does your SAN cert have all your domains in it. ie Autodiscover.domain1.com and Autodiscover.domain2.com
0
 

Author Comment

by:Reeftank
ID: 33470525
it doesn't but I removed the ssl as a test with the same results
0
 

Author Comment

by:Reeftank
ID: 34667011
This is still outstanding, anyone have any suggestions?
0
 

Author Comment

by:Reeftank
ID: 34667030
This is still an open issue
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 34670820
For autodiscover to work for more than 1 primary domain then 1 of 2 things need to happen.

You either need to have autodiscover.domainname.com for every domain where domainname.com is the part after the @ in the primary email address

 or

you need a external DNS provider that supports SRV records so that you can create an autodiscover SRV record for each domain that points to an A records that does exist in the SAN/UCC certificate.

There is no other way around this.
0
 
LVL 13

Expert Comment

by:seb_acker
ID: 34671640
if you want them to sign in with user@domain2.com, you just have to add in your DOMAIN1, a specific UPN as @domain2.com
You can do that uner "Domain and Trusts", in the options.

After that, edit each user account ain your domain1, that need to use @domain2 as auth. address, and select the new UPN for them.

The comments for autodiscover and the rest still are valid...
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 
LVL 26

Expert Comment

by:e_aravind
ID: 34676412
IMO,  the best option would be
Scenario 4: Using the Autodiscover Service with Redirection
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx#Scenario4

 With this option, you install a single-name certificate on the Default Web Site and create another Web site that contains no certificate. Domain-connected clients continue to locate the Autodiscover service by using the SCP object and will not receive any security warnings as long as the URL for connecting to the Autodiscover service which is stored in the SCP object has been changed to refer to the FQDN of the certificate installed on the Default Web Site
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34676514
For that option to work you would need a second public IP address, it will also not stop the warning message the users will receive.
0
 

Author Comment

by:Reeftank
ID: 34681340
The issue is that domain1 and domain2 have the same set as reply address of domain1.com
When the outlook client tries to connect to autodiscover from each domain it connects to autodiscover.domain1.com
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34681347
Why do they have the same reply address? Surely domain2.com would have a reply address of domain2.com?
0
 

Author Comment

by:Reeftank
ID: 34681376
The company has multiple domains, domain1,2,3,4,5 etc.... The set as reply address is the same name for the entire Org. All of the compan's bu's have the same set as reply domain name. This decission was made by management not by IT
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34681382
so everyone has the same domain name set as their PRIMARY (the one in bold) for their mailboxes?
0
 

Author Comment

by:Reeftank
ID: 34681400
yes, the entire company has the set as reply address of domain1.com even though their domain may be domain2,3,4,5 etc... .com so there can only be one external DNS entry for autodiscover.domain1.com and it would point to that domain not the others.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35025281
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now