How should you set the AutoDiscoverServiceInternalUri?

How should you set the AutoDiscoverServiceInternalUri?

Currently it is set to the local server name:  
Https://servername.domain.local/autodiscover/autodiscover.xml

How should it be set? External URL?
example: https://mail.domain.com/autodiscover/autodiscover.xml
cyberservicesAsked:
Who is Participating?
 
IvanConnect With a Mentor System EngineerCommented:
Hi,

If you are using public certificate, then there is no more support for .local name, so you can use only public names, eg. .com, .org and so on.

If you have .local domain name internally, then you need to create DNS zone (on your internal DNS) for your public name domain.com and setup autodiscover as you said. This way there will be no certificate error when Outlook is configured.

To change autodiscover uri:

[PS] C:\>Set-clientaccessserver –identity <servername> -autodiscoverserviceinternaluri "https://mail.domain.com/autodiscover/autodiscover.xml"

PS: Creating DNS zone for domain.com on local DNS, and pointing mail.domain.com to you internal exchange would automatically redirect you internal users to Exchange. No need for them to exit first to internet, to contact public DNS.

Regards,
0
 
cyberservicesAuthor Commented:
One last thing.
I know you have to create an A record for the public URL such as mail.mydomain.com but do you also create a CNAME too that goes along with the SAN certificate?
0
 
Alexander KireevIT ArchitectCommented:
Hello,

Do you use only one CAS server or several with balancing? If you are usng CAS Array (with balancing) you should set a link with common DNS name like "https://mail.domain.com/autodiscover/autodiscover.xml".

There is a good article regarding your question: http://www.msexchange.org/blogs/walther/news/exchange-20072010-autodiscover-virtual-directory-urls-should-i-care-595.html
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
cyberservicesAuthor Commented:
the CAS and mailbox server are together. Small network.
0
 
IvanSystem EngineerCommented:
On certificate you need only 2 names (exchange 2013).

One is for mail.domain.com, and second is autodiscover.domain.com
There is option to use SRV record on public DNS in stead of A for autodiscover, but I would go with 2 names on cert.

So only 2 A DNS records as well.. No need to create CNAME or such.

A for mail.domain.com
A for autodiscover.domain.com
0
 
cyberservicesAuthor Commented:
Great I have both of those on my SSL SAN certificate. I was just trying to figure out what type of records to create from our public DNS manager. I handle the internal and they handle the external so I need to ensure to give them the right information to create what ever records are necessary. thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.