1

I have an exchange 2016 with autodiscover.
Mail receive and send works like a charm, autodiscover works too except on iOS clients.

If I add the mailbox on outlook 2019 or 2016, the settings are found via autodiscover. I can add the same mailbox on Apple Mail and autodiscover works too. I just need to fill username/emailaddress and the password.
But as soon as I want to add that mailbox to an iOS (12.4.1) device, doesn't matter if its an iPhone or an iPad, it cannot find the settings automatically.

Is there a difference between Autodiscover for macOS and iOS?

fips123
  • 361
  • 1
  • 5
  • 16

4 Answers4

0

Based on my research, I suppose that it's a compatibility issue about IOS 12 and ActiveSync feature on Exchange server.

May Apple team is still working hard to fix their issues since IOS 11, you could install the system update and check the result.

Or you can refer to this similar thread to create an (A) record or (CNAME) record to see if the issue persists.

Beverly Gao
  • 126
  • 4
  • Thanks, all these posts are quite old..they talking about Windows 2003 servers.. Well I guess its related to iOS and because there are not enough details about the process how those devices use autodiscover its not solvable. – fips123 Sep 25 '19 at 10:20
0

I'm wondering if the iOS devices are on the same network and are resolving all the various DNS entries properly? The Outlook and Mac clients would be picking up their DNS from the LAN but if the iOS devices are not on wifi, or on a guest wifi, they might not be seeing the same records. For example, the Autodiscover record might be resolving internally but not on the public DNS? Can you use iOS Safari to visit the Outlook Web Access page without any errors?

Geoff Vass
  • 41
  • 4
  • Thanks, all these "easy" things like DNS or internal/external network has already been checked. But for the records: only the external names are used and all devices (mac, iphones, windows) connecting via external names and external addresses. – fips123 Sep 25 '19 at 10:25
0

Confirm the results of those commands return the same FQDN:

Get-WebServicesVirtualDirectory | fl server, Name, *URL*, *auth*
Get-ActiveSyncVirtualDirectory | fl server, Name, *URL*, *auth*
Vick Vega
  • 2,398
  • 16
  • 22
  • EWS and MS ActiveSync refer (internalURL and externalURL) to: https://mail.example.org/EWS/Exchange.asmx https://mail.example.org/Microsoft-Server-ActiveSync – fips123 Sep 30 '19 at 11:53
0

Please attempt to reconfigure your autodiscover in a way that would reject or 404 the non-HTTPS connections. I've been using KEMP as LB and 404'd the specific autodiscover URL in the HTTPS redirection rule using some regexp SubVS exclusions.

Using redirection with autodiscover causes some very specific issues with several clients, eg. Outlook prompting users with some really nasty redirection warnings (sic!). A proper autodiscover client would automatically check both HTTP and HTTPS for each attempted autodiscover domain anyways.

  • Basically all clients connect to a custom domain, thats why I have to have a CNAME entry autodiscover.customexample.com to autodiscover-redirect.example.org. which lead to a second public IP of the exchange. Beside the issue with iOS no client (Macs, Windows Outlook, or Android) never had a problem. – fips123 Sep 30 '19 at 12:02
  • What about server certificate? Does it serve both domains? – Michał Sacharewicz Sep 30 '19 at 16:46
  • Of course not, thats why I use http redirect. Its more or less this setup: https://www.mysysadmintips.com/windows/servers/503-configure-exchange-autodiscover-with-multiple-smtp-namespaces – fips123 Sep 30 '19 at 16:50
  • It's a bit unclear. Do you use the HTTP redirects or CNAME? Either way, avoid any redirections at HTTP level, stick to HTTPS and proper certs. – Michał Sacharewicz Sep 30 '19 at 19:11