Exchange 2010 Disjoint Namespace and user authentication in Outlook
Posted on 2012-09-15
Hello Exchange adminstrators! Looking some direction on an Exchange Disjoint Namespace and user authentication. For example I have an internal domain "domain.local" and a couple of e-mail domains "domain.com" & "domain2.com". Autodiscover is configured and working with "autodiscover.domain.com" and half of my users use "domain.com" as a primary e-amil domain, but the other half use "domain2.com" as their primary.
First question: I have to instruct all users to enter the "firstname.lastname@example.org" e-mail address in order for Autodiscover to successfully configure their mail client. Even users that have the "domain2.com" for a primary e-mail domain. This isn't really a huge deal, just ends up being confusing for the end user and usually results in a 30 second support call. Anyway to configure Autodiscover to function with multiple domains with only one CAS server? Other suggestions?
Second question: Another issue with a Disjoint Namespace is that during the Outlook configuration the user will be prompted for credentials in Outlook a second time and if they do not use the "domain.local\username" format, they don't get Outlook configured and will be prompted repetedly for creds. Again the user will attempt to just enter their e-mail address here and it results in a 30 second support call. I've seen some situations where administrators have added an "Alternative UPN suffix" in AD Domainsand Trusts. Then went to each user and configured the new domain as their primary authentication domain. What is the recommended way to deal with this?