Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2010 Autoconfig/WEb server DNS issue

Posted on 2014-01-15
3
Medium Priority
?
321 Views
Last Modified: 2014-01-20
Earlier I post this question which was answered successfully.  "I have a correct cert installed for mail.domain.com and can check it 100% via EMC.  When I set up a new outlook profile or test autoconfiguration on an existing outlook profile I receive a certificate mismatch and it states that the cert is for a different domain that I own but it's the www cert that it's finding.  Not sure where to start looking for trouble here because the www server doesn't live on the LAN where the exchange server or outlook clients are located."

Deleting the root A record for my domainname on my windows DNS server solved this sissue but introduced another issue where by no one can get to http://domain.com while on the internal LAN.  The web server lives outside my LAN.  If i create a parent A record for domain.com then exchange autodiscover fails as it find the IP of my web server.  How do I direct web traffic that doesn't use www correctly?
0
Comment
Question by:cmkeur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39783580
Is your internal domain name the same as your public domain name?
If so there isn't much you can do about this other than tell users to use the "www" variant.

Autodiscover will try and use the root of the domain first - although internally that shouldn't be happening unless the clients are NOT members of the domain.

If they are members of the domain then the DNS method of Autodiscover isn't used, it uses an endpoint in the domain. You can see the host name being used with this command:

get-clientaccessserver | select identity, AutodiscoverInternalServiceURI

Ensure the host name resolves internally to the Exchange server and is on the SSL certificate.

Otherwise, you will need to do an Autodiscover test (hold down ctrl while right clicking on the Outlook icon in the system tray) to see what is going on.

Simon.
0
 

Author Comment

by:cmkeur
ID: 39783727
thanks for the reply.
Not quite, I have a forward lookup zone on the DNS server for the webserver domain.
I'm thinking that maybe I need to nuke the forward lookup zone and create a bunch of cname records in the name.local DNS forward lookup zone.  however...
When i process that command i receive under identity column "mail" and under autodiscoverinternalserviceuri it's blank.  Found that you had the service and internal reversed in the command.  after correcting and running command i receive https://mail.domain.com/autodiscover/autodiscover.xml
The clients are all members of the domain so i don't understand why the DNS method of autodiscover is being used.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39784698
Sorry about the typo on the command, damn dyslexia gets in the way sometimes.

If you have a complete zone, then that is probably not helping.
What you should do is create a zone for each host that you want to resolve internally - so create a zone for Autodiscover.example.com then put an entry in the zone with no host name of your internal IP address.

That way nothing else other than that host will be disrupted, so users can use external resources as well.

http://semb.ee/splitdns - see the single host name replacement section.

Simon.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question