Go Premium for a chance to win a PS4. Enter to Win


Exchange 2013 autodiscover settings

Posted on 2015-01-16
Medium Priority
Last Modified: 2015-02-04
Dear Experts,

I am deploying an Exchange 2013 server in a windows 2012R2 domain and would like some guidance as to setting up autodiscover correctly.  Its a greenfield install. Lets call the  domains intdomain.local and extdomain.com

What are the DNS entries required for the public domain?

I believe I may need to setup an internal split domain as .local domains are no longer being allowed as SAN on UCC certs. How do I do this properly?

What configuration changes do I need to make in exchange sever?

Question by:tech53
  • 3
  • 2
LVL 12

Expert Comment

by:Md. Mojahid
ID: 40554787
You need to adjust both so that they are handing out the same URL to the domain.

All servers in the same AD site should have the same value for the Autodiscover value.

set-clientaccessserver -Identity servername -AutodiscoverServiceInternalURI https://host.example.com/autodiscover/autodiscover.xml

Just as it was on Exchange 2007 and 2010.

If you have non-domain clients on the internal domain using the internal DNS then you will need to configure DNS records in the usual way, depending on the SSL certificate.

For more

LVL 53

Accepted Solution

Will Szymkowski earned 2000 total points
ID: 40555360
For your SSL SAN cert you need the following DNS names associated with the cert.
- mail.domain.com
- autodiscover.domain.com
- A (host) record for mail.domain.com
- Reverse (x.x.x.x) record pointing to mail.domain.com
- cname record autodiscover.domain.com (mail.domain.com)

Internal DNS you will need to configure a Zone for external.domain.com
- Add all of your entries above to this internal zone for your external DNS names

You will then configure all of the virtual directories using the mail.domain.com (except for autodiscover)
Virtual Directory Examples

Once you have set all of the URL's for your virtual directories you need to import and assign the cert via powershell.


Enable-ExchangeCertificate -Thumbprint xxxxxxxxxxxxxxxxxxx -services "pop,imap,smtp,iis"

These are the high level steps to get your Exchange server up and running.


Author Comment

ID: 40557573
"Internal DNS you will need to configure a Zone for external.domain.com
- Add all of your entries above to this internal zone for your external DNS names"

I have created a new Forward Lookup Zone called mail.domain.com pointing to the internal IP address of the Exchange Server.  Do I need to create a CNAME record for autodiscover.domain.com inside that FLZ or do I even need to create one at all?
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

LVL 53

Expert Comment

by:Will Szymkowski
ID: 40557688
No you don't create a Forward Lookup Zone for "mail.domain.com" you create it for domain.com. Create an A record in this forward lookup zone for mail.domain.com and create a cname record for autodiscover.domain.com.


Author Comment

ID: 40558695
I've setup DNS as described above, thanks.   I setup a test pc and installed outlook 2010.  When I setup the outlook account I get a cert error stating that the internal name of the server doesn't appear in the cert.

Also when I setup the exchange account in outlook on a non-domain PC from a remote site, I get an error which states that "the connection to Microsoft exchange is unavailable. Outlook must be online or connected to complete this action"

When setting the internal and external names of the virtual directories, I used https://mail.domain.com/virtualdirectory for both the internal and external names. Should I have left the internal names as they were?


Author Closing Comment

ID: 40589493
Thanks folks. It was really the DNS that was holding me back. All working as promised.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question