0

All.

I am nearing the completion of the setup of our Exchange Server. The process has been a challenge, but I have enjoyed learning new things.
What I am working on now is setting up the autodiscover.
I cannot find any good information on properly setting up the external.
Does the External URL have to reside on the Exchange Server, or can it be on the Web Server?
If it has to be on the Exchange Server, what port do I have to assign in my router for it, as the 443 is for the Web Server?

The internal link is this.

https://mail-03.domain1.local/EWS/Exchange.asmx

I found a script for creating the link.

Set-WebServicesVirtualDirectory -Identity Contoso\EWS(Default Web Site) -ExternalUrl       
https://www.contoso.com/EWS/exchange.asmx -BasicAuthentication $true -InternalUrl   
https://contoso.internal.com/EWS/exchange.asmx

I have many domains which will have an email for each in the Exchange Server.
So I am assuming I will need to set up the linkage for each domain.
Using Thunderbird Email Client, it looks for the

https://www.contoso.com/EWS/exchange.xml

not .asmx, so does that mean I will have to set up for both of them, and if so, how?

The files in the folder for the internal URL are config files.
Do I need to copy this folder to the External URL Folder and point the link at it?

I found this information about the DNS here SE/SF Autodiscover does not work - Exchange 2016
But he does not provide enough information in his write-up on the DNS.
Do I need to add the DNS entry in the

  1. DC Server DC DNS
  2. Web Server DNS

Thanks for any information you all can help me with. And if there has already been an explanation on SE for this information, by all means, please provide a link, as it did not show up in the suggestions for the title.

--UPDATE-- (I will post more as I continue reading)
I have many domains for all our different company sites.
I used LetsEncrypt for the SSL Cert for all the domains in a single Cert using the Wildcard method.
Within our IIS Server, each domain has an autodiscover.domain.com Binding.
In the SSL Cert, each domain shows that autodiscover. Subdomain binding.

Reading what "joyceshen" supplied in her post.

  1. Http redirect: (With a cert with multiple domains, will I still have to use something like this?)

  2. SRV autodiscover method: (This is the one I will test out first and see how it goes. I might use it if it works.)

--UPDATE DAY II--
I am making progress.
I am using the Redirect Method; with all DNS entries done, I could load Outlook with autodiscover.domain1.com.

I was able to load Outlook through the external domain because I followed the information on the DNS for the Internal DNS and created the two zones, Mail and Autodiscover.domain1.com, which is the reason I was able to load it. I still have not been able to load it through the actual external method yet for the redirect.

Thanks, Wayne

Wayne Barron
  • 131
  • 1
  • 5

1 Answers1

0

Generally there is no necessary to create other virtual directories - one for each organization. Which would suffice that for each company you create in DNS an A record called webmail with the IP address of the Exchange CAS server (in order not to work with IP address, which is hard to remember). There is no additional configuration necessary, or creating virtual directories.

The problem with this scenario is that the users will get security certificate error, and have to make an additional click in order to continue to the login page. You can avoid this issue by adding a SAN (Subject Alternate Name) on the certificate for each organization.

Some similar discussion for such question: Exchange Multi Domain setup Multiple OWA for Multiple Domains

And two methods for multiple domains autodiscover:

1.Http redirect: Exchange 2010 AutoDiscover for Multi-Tenant

2.SRV autodiscover method: Exchange 2013, 2016 – Autodiscover with multiple domains and single name certificate

Detailed information about configuration can be seen here:

Configure external DNS for Exchange

Exchange Autodiscover – A Guide to Making Exchange Work Properly

joyceshen
  • 89
  • 3
  • IP Address in DNS for the exchange server. Is this the internal or external IP address? I only have a single external IP address at the moment in use, and right now that is where all DNS entries are pointed to is that outside IP Address. – Wayne Barron May 05 '22 at 04:02
  • Joyceshen. For the internal and external DNS. The internal DNS all points to our DC. Example domain1.local. And the External DNS points to each of the domain1 domain2 domain3 etc. I am trying method #2 from your list of information above. – Wayne Barron May 05 '22 at 05:00
  • I followed the information on the 1. HTTP redirect, and I don't understand what it is doing? It says to create an empty XML file, which I did. and do the redirect on it, which I did, but, what actual file location with data in it am I pointing to? That is one thing that I have yet to have been told in the articles I have read. – Wayne Barron May 05 '22 at 15:09
  • OK, I am getting someplace now. But I think I might need to get another domain name for just mail to make this work. I am doing the redirect; the host headers (bindings) are on the main website, as you cannot add headers to a virtual site. But I was able to load outlook through the autodiscover.domain1.com. So, I am slowly getting there. I will post back soon. – Wayne Barron May 05 '22 at 16:03
  • Did a test email once I logged into Outlook and it got rejected because it is using the local server and not the external server. – Wayne Barron May 05 '22 at 16:26
  • Could you please share the complete error information or NDR you received for further troubleshooting? Note to clear your personal information – joyceshen May 10 '22 at 07:07
  • Sorry for the late response, Joyce. I will have to respond to this when working on the server again. I will scrap both Outlook Servers I installed and do a clean install and start over again. Except for this time, I will follow the guidelines from the following link and see where I go from there. https://practical365.com/installing-exchange-server-2016/ – Wayne Barron May 18 '22 at 06:46
  • Hi, waiting for your feedback, feel free to share your update here. – joyceshen May 23 '22 at 06:40