Add DNS entries to allow Outlook 2016 to configure Office 365 email profiles

Outlook 2016 running on Windows 10 computers within my company's domain are having problems performing the initial Outlook Office 365 email setup.

All Windows 10 computers are using DHCP and are assigned the following DNS addresses through DHCP: (the DNS server address for a Server 2016 domain controller with the DNS server role)

So what I've been doing to fix this issue is temporarily assigning these computers the following static DNS server addresses:

This allows Outlook to connect to the Office 365 email servers and auto configure the user's Office 365 email accounts. Then once the Outlook email profile is configured I change these DNS server addresses back to using DHCP.

What DNS entries can I add to the Server 2016 DNS server so that the Windows 10 client computers will be able to connect to the Office 365 servers and perform the email auto configuration?

Please let me know if any further information is needed.
IT GuyNetwork EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MAS (MVE)EE Solution Guide - Technical Dept HeadCommented:
If you configuration is done correctly you need common name( and points to your local IP in your internal DNS server.
Your outlook will be configured automatically only difference will be a prompt for username and password for O365 users.
Below is a test I did now with the nslookup for your reference.
During your setup of Office 365 all the required records for your domain should have been set up in your public DNS (if you check the portal it will show you these records).  If your public domain name is different than your internal AD domain, then your queries for the public records should just be resolved via those public records.  But if your public domain is the same as your AD domain (or for some reason you had to create a zone matching your public domain on your internal DNS), then your zone on internal DNS should have the same records that you created in the public DNS for Office 365.
^^^^ these DNS servers should not be used by any domain-joined machines directly.
IT GuyNetwork EngineerAuthor Commented:
Our internal domain was setup using a .com suffix so this internal domain name of is exactly the same as the domain name being used by our email addresses and website.

I think that is where this issue is occurring and that certain DNS entries need to be defined within our internal DNS servers that will refer the email configuration to the external Office 365 servers.

When I run the nslookup command of nslookup on any of our Windows 10 computers while they are in the office the IP addresses that are returned are the IP addresses for our two Server 2016 domain controllers/DNS servers.

What are these entries that should be added?

Or what other type of additional configuration is needed to resolve this issue so that all computers within our internal network will be able to fully resolve and perform the Outlook 2016 autoconfiguration anytime that one of our Office 365 email accounts is being setup within Outlook 2016?
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

IT GuyNetwork EngineerAuthor Commented:
Also why shouldn't the DNS server addresses of & be assigned to the Windows 10 client computers?

What external DNS server addresses should be used instead?
MAS (MVE)EE Solution Guide - Technical Dept HeadCommented:
-->What external DNS server addresses should be used instead?
Domain added PC should use only internal AD integrated DNS.
As mentioned, the required records are in the Office 365 portal.  Look under Setup > Domains > yourdomain.
There're some that technically aren't required for your internal DNS, but rather than picking things apart, just make sure they're all in your internal zone.

Also why shouldn't the DNS server addresses of & be assigned to the Windows 10 client computers?
Because if any domain-joined machines ever query those DNS servers for AD resources, the resources won't be found, causing timeouts and other issues.  Even when you have them listed after your AD DNS servers they can still be queried depending on timing.
MAS (MVE)EE Solution Guide - Technical Dept HeadCommented:
Look at this article and follow step 1 and 2, How your internal DNS supposed to be.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2016

From novice to tech pro — start learning today.