Monday, December 29, 2008

Configuring Autodiscover for Exchange 2007

The Autodiscover service provides a mechanism to automatically configure Exchange 2007 client applications to access the Client Access server.

It is used to set up client applications like Outlook to work with Exchange by returning configuration data that is necessary for applications to function properly without requiring users to know where to fetch the data, such as discovery of the server that hosts a user's mailbox.

Configuring Autodiscover for External Access

Outlook 2007 tries the following two URLs to try to connect to the Autodiscover service:

https://mydomain.com/autodiscover/autodiscover.xml

https://autodiscover.mydomain.com/autodiscover/autodiscover.xml

Step 1: Configuring DNS

We will discuss the two simple and most commonly used scenarios here:

1. Using a SSL Certificate That Supports Multiple DNS Names
There are third-party Certification Authorities (CAs) that currently support Subject Alternative Names. In this you provide all the necessary DNS names like mail.mydomain.com, autodiscover.mydomain.com etc. in the same certificate by using a Unified Communications certificate that supports the Subject Alternative Name field.

For the Autodiscover service to function correctly, you must add an additional host record (autodiscover.mydomain.com) so that Outlook 2007 clients can locate and connect to the Autodiscover Service when they use the Outlook Anywhere feature from the Internet. The host record you create should map to the Public IP Address that will be used as the entry point to your Client Access server.

2. Using One Single-Name Certificate and the Autodiscover SRV Record
This solution is to use one single-name certificate installed on the Default Web Site.
If your DNS provider supports SRV records, this solution is the simplest and least expensive way to deploy Outlook Anywhere in hosted and non-hosted Exchange 2007 environments.

Create an SRV record:
Service: _autodiscoverProtocol: _tcpPort Number: 443 Host: mail.mydomain.com

For more information on Outlook 2007 and Autodiscover SRV records configuration, please read this knowledgebase article: http://support.microsoft.com/?kbid=940881

Step 2: Modify the Service Connection Point (SCP)

By default, the URL for the Autodiscover Service stored in the SCP object in Active Directory will reference the internal FQDN for the Client Access server during Exchange 2007 Setup. You will use the Set-ClientAccessServer cmdlet to modify this URL so that it points to the new location (FQDN) for the Autodiscover service.

In the Exchange Management Shell, run the following command:

Set-ClientAccessServer -identity CAS_servername -AutodiscoverServiceInternalUri https://mail.mydomain.com/autodiscover/autodiscover.xml

You can point this to https://autodiscover.mydomain.com/autodiscover/autodiscover.xml if you are using DNS host record for autodiscover.mydomain.com.

Step 3: Configuring Exchange Services for Autodiscover

1. Enable Outlook Anywhere for the external host name.

Enable-OutlookAnywhere -Server CAS_servername -ExternalHostname "mail.mydomain.com" -ExternalAuthenticationMethod "Basic" -SSLOffloading:$False

2. Configure the external URL for offline address book for the Autodiscover service.

Set-OABVirtualDirectory -identity "CAS_servername\OAB (Default Web Site)" -externalurl https://mail.mydomain.com/OAB -RequireSSL:$true

3. Configure the external URL for Unified Messaging for the Autodiscover service.

Set-UMVirtualDirectory -identity "CAS_servername\UnifiedMessaging (Default Web Site)" -externalurl https://mail.mydomain.com/UnifiedMessaging/Service.asmx -BasicAuthentication:$True

4. Configure the external URL for Exchange Web Services for the Availability service and Out of Office services.

Set-WebServicesVirtualDirectory -identity "CAS_servername\EWS (Default Web Site)" -externalurl https://mail.mydomain.com/EWS/Exchange.asmx -BasicAuthentication:$True

8 comments:

Anonymous said...

Can anyone recommend the robust Managed Service system for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central network health tool
? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!

Alex said...

This morning I woke up and noticed my sister in front of myself. She told me that my MS Outlook had been crashed together emails inside. I was shocked and jumped rapidly and started thinking about this problem. I was lucky and quickly found out - importing .ost files into microsoft outlook. It resolved my early issue quite easy. My sister thanked me...

Viagra Online said...

Hell yeah! this application it's like God you know.. do you remember 5 years ago I guess when you must configure all of them manually.. and that could take days deppending of how many....
Thanks for sharing.

mikeyintn said...

Hi! Informative post. I have 2 questions.
1. I have some users that just got the new Office for Mac 2011. The configuration for the server keeps changing to the internal hostname of the server vs the external address of the server and then doesn't work outside the office. What does this new mac version of office use to connect to the exchange server? It used to be WebDAV right?
2. I ran the autodiscover test on microsoft's site and there is an external FQDN entry for the OWAUrl. Which one am I missing for these Outlook 2011 clients?

Thanks so much!
Mike

Kamagra said...

Interesting post, It's all about development of Exchange 2007 and we can't ignore this element. I've configured the same mechanism and its applications.

U N A I S said...

hi.......
Can you advice me Autodiscover for external need to create DNS record in Extrenal DNS server ( Service provide) ?

Email archiving software said...

A lot easier with guide, i forgot how to do it... Nice explained!

The Life said...

Hi all,

I want to set up Autodiscover feature for Internal network (not go to Internet), I meant: from Outlook PC client (non-domain joined PC) connect to Exchange server.

So, all of your steps are suitable for my wish ? - right ?

At step 1, create SRV record
Service: _autodiscoverProtocol: _tcpPort Number: 443 Host: "mail.mydomain.com"

If I changed "mail.mydomain.com" to "FQDN of exchange server (in my case: exchange2k10.test.com)" , do we met any errors ?

Thanks,
cuocdoi