Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Autodiscover Service: DNS Entry?

Posted on 2010-09-13
9
Medium Priority
?
826 Views
Last Modified: 2012-05-10
Guys,
I am opening this question just to get a simplified steps which i need to work on.

Scenario:
I have 4 domains in the forest : NA-EUR-PAC-JPN
All except NA have got a SAN certificate for Exchange with the entry for : Autodiscover.Domain.com
In addition to that, each domain has their own webmail URL Like:

EUR: eurmail.doamin.com
PAC:pacmail.doamin.com
JPN:jpnmail.domain.com
NA: webmail.domain.com

however except eur, all domains are using webmail.domain.com for webmail

Having said that...
on the internal DNS server we have a entry for autodiscover in domain.com which is pointed to a CAS box in NA.domain.com , however we do not have any entry for autodiscover in the external DNS zone. Considering that we still have sometime to upgrade our certs to SAN in NA.
I believe creating an entry in the external DNS for autodiscover which inturn will point to : webmail.domain.com/autodiscover/autodiscover.xml , which is also set as internal URI for autodiscover for the domain, can resolve security cert warning issue.
.

I am not sure if i have put the description in correct or in more descriptive manner...
But i wanted to knwo what can i do to get rid of security cert errors.

Please do not provide me the ref. links.
I need suggestions on steps which i need to carry out in my environment.

I will try my best to explain the situation again if required....
0
Comment
Question by:amku03
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 5

Expert Comment

by:michael_b_smith
ID: 33663151
Your suggestion sounds like the right idea; however, depending on your site configuration, you may suddenly find your users getting redirected to their local webmail servers (not necessarily a bad thing).

Have you run through www.testexchangeconnectivity.com and seen what it has to suggest?
0
 
LVL 32

Accepted Solution

by:
endital1097 earned 2000 total points
ID: 33668206
you may want to read this
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_3585-Exchange-Autodiscover-and-Web-Services-OOF-and-OAB.html

the portion you need to look at is the outlook selecting a service connection point and the -AutoDiscoverSiteScope setting
i think that will answer you autodiscover issue
0
 

Author Comment

by:amku03
ID: 33668217
endital, do you maintain any blog ??
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 32

Expert Comment

by:endital1097
ID: 33668221
i just started and need to get it public
http://jimthemcp.blogspot.com
0
 

Author Comment

by:amku03
ID: 33668223
thanks for the ref. Will go through it and probably come back with some more questions for you or the forum....
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33668252
if your external dns server can handle srv records you have more options
http://support.microsoft.com/kb/940881
0
 

Author Comment

by:amku03
ID: 33668307
This is what I am looking to do ... SRV record in external DNS
This will be till the time we get a SAN cert.

Does this makes sense?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33668340
exactly. create an srv that points to your webmail.domain.com A record
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33668344
internally you need to run
set-clientaccessserver CASname -AutodiscoverServiceInternalURI https://webmail.domain.com/Autodiscover/Autodiscover.xml

does not require the srv record internally
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question