Solved

DNS issue

Posted on 2014-04-21
15
2,155 Views
Last Modified: 2014-05-02
I made the cutover (changed the MX records) so that our mailflow will now come from Office 365 and not the in house server. The issue is Once the cutover was made. Everything worked (OWA, reconfigured mobile devices and tablet and even outlook clients out of the network).

The issue is configuring the outlook client in network. This is not my first migration. So I know that I have to change the DNS of each individual user PC to a public DNS like 4.2.2.2 so that when I reconfigure outlook it picks up the office365 setup before the in house exchange.

That part worked. The issue is once I revert the DNS on the PC back to the internal DNS the user PC's start asking for the user name and password and the pop shows that the asking server is the internal OWA link.

I called Microsoft Office 365 team and this is what they said


"As discussed over the call last week, we found that we are able to configure Outlook in External Network and the issue is only in Internal Network. We can access Outlook Web Access in internal Network which means that the Office365 Exchange is working fine. Your Local DNS Manager seems to be blocking the Query to connect the Global Server.

The problem is with the network as you have as the Local DNS is not allowing us to connect to the Office365 exchange server.

As I am not a Network Engineer, would suggest you to contact the Network Admin. He will be able to bypass the Query and connect to the Office365 Exchange Server in internal Network."


I do not have much experience with the DNS. Can someone help me with this? I need to cutover to 365 and turn off the exchange server.

Thank you
0
Comment
Question by:IT_Fanatic
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
15 Comments
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 40012779
When you point users on the internal network to the internal DNS servers and do an NSLookup for the Mail servers domain name what results are you getting? This sounds to me like it is still resolving to the internal Exchange server as opposed to the external Office 365 servers.

You may need to flush the DNS cache on the internal DNS Servers to get rid of the old entry and force the DNS entry to be updated to show the external IP for Office 365
0
 

Author Comment

by:IT_Fanatic
ID: 40012812
We did NS lookup and the default server for the autodiscover.OURDOMAIN.com is our inhouse exchange server.

But if I do autodiscover.outlook.com i get the office 365 info
0
 
LVL 9

Accepted Solution

by:
BigPapaGotti earned 500 total points
ID: 40012818
You need to adjust your in house DNS server to point to Office 365 instead of your inhouse exchange server. If you have access to the DNS server you should be able to connect to it and adjust the dns entry for "autodiscover.ourdomain.com" to point to the Office 365 info you are seeing on autodiscover.outlook.com
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:IT_Fanatic
ID: 40012831
where is it that we do this and what exactly do I need to do?

But by changing the internal DNS to office 365 wont that cause issues to the equipment in house?
0
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 40012888
You will only be changing an internal DNS record for office 365. You will not be moving everything over to office 365. So the only affect this will have is that anything that tries to resolve autodiscover.YOURDOMAIN.com will get a result that lives in Office 365 instead of your exchange server.

You need to connect to your DNS servers that are configured for your domain. You can find the IP address of them by opening a command prompt and typing "ipconfig /all" You will see in the output a list of DNS servers. You will need to adjust them by opening up the DNS MMC and finding the "autodiscover" record and updating it to point to Office 365's information that is found there. Have you ever worked with DNS? Are you the Network/Systems Administrator? If not are you able to touch base with them to see if they are able to assist you?
0
 

Author Comment

by:IT_Fanatic
ID: 40012915
I have the IP of the DNS server and I log into and go to DNS Manager

From there I go to

DNS>The DNS Server>Forward Lookup Zones>My Domain

I see no CNAME record for autodiscover
0
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 40012926
Do you see any DNS entry for autodiscover? This may not be a CNAME record.
0
 

Author Comment

by:IT_Fanatic
ID: 40012939
none. I see an A record called "mail" with the ip of the exchange server
0
 

Author Comment

by:IT_Fanatic
ID: 40012967
I just checked a different client domain and they have a CNAME record call "autodiscover"

I open it and it says
Alias "autodiscover"
FQDN "The domain"
FQDN (i see it says autodiscover.outlook.com" so I look at browse and I see

Look in DNS
Records "The SBSDNS server"
Selection "The SBSDNS server"
Record Types "Hosts and Aliases (A and CNAME records)

So if I am reading this right.

I login to the DNS of the IP of the server under DNS when I did ipconfig /all
Go to DNS>The DNS Server>Forward Lookup Zones>My Domain
Create a CNAME record with the info of
Alias autodiscover
FQDN autodiscover.my domain.com
FQDN (DO i select the DNS server I am currently on?)

If this is correct what will happen if I create this record right now?

Also theres an option that says when your about to finish the creation of the CNAME record "Allow any authenticated user to update all DNS records with the same name. This setting applies only to DNS records for a new name.  (Do i put a check mark on this option)?
0
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 40013209
Yes that is right. You need to create a CNAME on your internal DNS server in order get this setup to work on your hosts in the internal LAN. This would explain why it is working externally and not internally. Microsoft has already setup the public network to use the autodiscover DNS entry. The internal network however has not been configured for this yet which is why you are seeing the issue. Create the CNAME record and use the FQDN that Microsoft gave you for the Office 365 mail server.

When you create the CNAME on your internal DNS server I would NOT put a check mark in this box. This will protect you from any configuration mistakes in the future and any adjustments that would need to be made would be performed by you, the administrator.
0
 

Author Comment

by:IT_Fanatic
ID: 40013226
What will happen if i create this record right now? The cutover has been postponed but If I can at least create the record and when we are good to go again atleast I know it will work 100%

If creating this record will cause issues on the DNS meaning email flow then ill hold back until we can cutover
0
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 40013698
To be safe I would wait until the cutover (maintenance window) to make the change.
0
 

Author Comment

by:IT_Fanatic
ID: 40013706
Is autodiscover basically the past when you setup a new Outlook on a user pc is fill in the blank with the user info to configure Outlook?
0
 
LVL 9

Expert Comment

by:BigPapaGotti
ID: 40013934
Yes AutoDiscover will allow Outlook to automatically be configured with your mail server settings so that the account will be setup automagically. Things like server name, ports, user's full name, etc will automatically be setup. Before this was something that we (IT folks) had to do manually on each machine. Autodiscover will automate this for us so that users can simply click on the Outlook icon, and the information will already be present and the account will be setup saving us some time.
0
 

Author Closing Comment

by:IT_Fanatic
ID: 40038698
that did it. But I also needed to go to every pc and do the following.

All domain joint machines will be performing SCP lookup for autodiscover while creating profile hence if possible please remove SBI from your server or you can create a group policy in your AD for modifying registry:

Registry which you need to modify is:

Hkey_current_user/software/Microsoft/Office/xx.x/Outlook/autodiscover/ExcludeSCPlookup =1

xx.x will be 14.0 for Office 2010 and 15.0 for Office 2013.
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office Picture Manager was included in Office 2003, 2007, and 2010, but not in Office 2013. Users had hopes that it would be in Office 2016/Office 365, but it is not. Fortunately, the same zero-cost technique that works to install it with …
It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question