Solved

Exchange 2013 autodiscover settings

Posted on 2015-01-16
6
247 Views
Last Modified: 2015-02-04
Dear Experts,

I am deploying an Exchange 2013 server in a windows 2012R2 domain and would like some guidance as to setting up autodiscover correctly.  Its a greenfield install. Lets call the  domains intdomain.local and extdomain.com

What are the DNS entries required for the public domain?

I believe I may need to setup an internal split domain as .local domains are no longer being allowed as SAN on UCC certs. How do I do this properly?

What configuration changes do I need to make in exchange sever?

Thanks
0
Comment
Question by:tech53
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 40554787
You need to adjust both so that they are handing out the same URL to the domain.

All servers in the same AD site should have the same value for the Autodiscover value.

set-clientaccessserver -Identity servername -AutodiscoverServiceInternalURI https://host.example.com/autodiscover/autodiscover.xml

Just as it was on Exchange 2007 and 2010.

If you have non-domain clients on the internal domain using the internal DNS then you will need to configure DNS records in the usual way, depending on the SSL certificate.

For more

http://jaworskiblog.com/2013/04/13/setting-internal-and-external-urls-in-exchange-2013/
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40555360
For your SSL SAN cert you need the following DNS names associated with the cert.
External
- mail.domain.com
- autodiscover.domain.com
- A (host) record for mail.domain.com
- Reverse (x.x.x.x) record pointing to mail.domain.com
- cname record autodiscover.domain.com (mail.domain.com)

Internal DNS you will need to configure a Zone for external.domain.com
- Add all of your entries above to this internal zone for your external DNS names

You will then configure all of the virtual directories using the mail.domain.com (except for autodiscover)
Virtual Directory Examples
https://mail.domain.com/owa
https://mail.domain.com/EWS/Exchange.asmx
https://mail.domain.com/Microsoft-Server-ActiveSync
https://mail.domain.com/oab
https://autodiscover.domain.com//Autodiscover/Autodiscover.xml

Once you have set all of the URL's for your virtual directories you need to import and assign the cert via powershell.

Get-ExchangeCertificate

Enable-ExchangeCertificate -Thumbprint xxxxxxxxxxxxxxxxxxx -services "pop,imap,smtp,iis"

These are the high level steps to get your Exchange server up and running.

Will.
0
 
LVL 1

Author Comment

by:tech53
ID: 40557573
"Internal DNS you will need to configure a Zone for external.domain.com
- Add all of your entries above to this internal zone for your external DNS names"

I have created a new Forward Lookup Zone called mail.domain.com pointing to the internal IP address of the Exchange Server.  Do I need to create a CNAME record for autodiscover.domain.com inside that FLZ or do I even need to create one at all?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40557688
No you don't create a Forward Lookup Zone for "mail.domain.com" you create it for domain.com. Create an A record in this forward lookup zone for mail.domain.com and create a cname record for autodiscover.domain.com.

Will.
0
 
LVL 1

Author Comment

by:tech53
ID: 40558695
I've setup DNS as described above, thanks.   I setup a test pc and installed outlook 2010.  When I setup the outlook account I get a cert error stating that the internal name of the server doesn't appear in the cert.

Also when I setup the exchange account in outlook on a non-domain PC from a remote site, I get an error which states that "the connection to Microsoft exchange is unavailable. Outlook must be online or connected to complete this action"

When setting the internal and external names of the virtual directories, I used https://mail.domain.com/virtualdirectory for both the internal and external names. Should I have left the internal names as they were?

Thanks
0
 
LVL 1

Author Closing Comment

by:tech53
ID: 40589493
Thanks folks. It was really the DNS that was holding me back. All working as promised.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SPF settings for 3rd party IPs 8 77
Exchange 2016 4 64
Office 365:  Hybrid without everyone DirSync 5 65
Powershell - getting input from CSV File 9 21
Find out what you should include to make the best professional email signature for your organization.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question