Link to home
Start Free TrialLog in
Avatar of rivkamak
rivkamakFlag for United States of America

asked on

Will repointing autodiscover from on-premise to exchange online cause outlook profiles to be recreated?

Hi,

We have a 365 hybrid setup, with 1 exchange 2007 and 1 exchange 2010. Autodiscover is pointed to on premise (ex2007). All mailboxes have been migrated to exchange online. MX records have been repointed to online. We plan on keeping exchange 2010 for managing mailboxes.

If we repoint autodiscover (externally and internally) to exchange online, will end users outlook profiles be recreated? If yes, is there a way to avoid this?

Thank you.
ASKER CERTIFIED SOLUTION
Avatar of Adam Brown
Adam Brown
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of rivkamak

ASKER

Thank you very much.

In regards to editing autodiscover internally, do you think its better to  just change the SCP in AD to https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml , delete SCP and change internal DNS to have CNAME autodiscover.outlook.com, or just delete SCP without changing anything in internal DNS?
You can change the SCP and add the CNAME or remove the SCP and rely only on the CNAME record. It's up to you. Just note that non-domain devices will use CNAME
I might be misunderstanding but won't non-domain devices be able to just use the CNAME in external DNS? Why does CNAME also have to be setup internally as well?
Yeah, they can use external CNAME, but that will point them to an External IP, which many firewalls and routers don't allow by default. It's usually easier to have an internal and external CNAME record. If you don't want to maintain an internal copy of your DNS zone, you can use Pinpoint DNS: http://wp.me/pUCB5-f9
have a look at this article:

https://blogs.technet.microsoft.com/rmilne/2016/07/14/office-365-exchange-hybrid-deployments-busting-the-autodiscover-myth/

You might want to check if you are moving to a supported methodology in a hybrid environment.
Hi Adam,

I am experiencing an issue with non domain joined clients in our network. When setting up outlook on them they are not connecting to exchange online. I did setup an internal dns cname but I realize that my internal domain is .local  so the autodiscover record in autodiscover.domain.local points to autodiscover.outlook.com  and that does not seem to be working.

And they dont seem to be connecting to external dns as well...

What is the simplest way to get non domain joined clients outlook to connect to exchange in our network?
autodiscover.domain.local will only be used if the users attempt to configure user@domain.local as their email address. Non-domain joined clients won't use the SCP, so check to see if you have a DNS zone for domain.com on the internal DNS server. If you do, make sure there is an autodiscover CNAME that points to the O365 autodiscover records.
I dont have a domain.com zone, everything is under .local
Is it ok to create an fqdn zone just for this function?
If you have no Internal domain.com zone, the clients should use public DNS to get the correct info. If you already have a public DNS record for domain.com, make sure the users are using the correct email address when configuring Outlook. If the account is auto-populated when you create a new profile, that suggests it is using the domain.local address to configure outlook, and that won't work no matter how hard you try because even if you are redirecting autodiscover requests to autodiscover.outlook.com from autodiscover.domain.local, since the email address is using a non-routeable domain. You would need to make sure your users are not using the auto-populated values when they configure Outlook.
what auto populated values? when outlook first starts i have to manually add the name, email address and credentials. I add the correct credentials and it gives me an encryption error ans try unecrypted , which also doesnt work.

do i need to have a certificate for autodiscover.domain.com?