Presentation is loading. Please wait.

Presentation is loading. Please wait.

Autodiscover is Hero of Exchange Motherland!

Published byBarnard Rodgers Modified over 6 years ago

Similar presentations

Presentation on theme: "Autodiscover is Hero of Exchange Motherland!"— Presentation transcript:

1 Autodiscover is Hero of Exchange Motherland!
Jeff Guillet, MVP | MCSM | CISSP

2 Why is Autodiscover Important?
Autodiscover is more than just a convenience Required for EWS, availability, OOF Required by Mac for Outlook Used by scripts and applications Used by auto-mapping #ITDevConnections

3 What does it do for me? You have no choice – you might get mail to work, but Availability, OOF, EWS, etc. won’t work without it. Autodiscover provides Outlook with several key pieces of information: Outlook Anywhere also includes SSL requirement and Certificate Principal Name Display Name Server/Outlook Anywhere End Point/RPC CAS Alias Availability Service URL OOF URL AOB URL or Location Unified Messaging URL, if appropriate OWA URL ECP URL Authentication Package Alternate Mailboxes Archive Access Public Folder Access #ITDevConnections

4 How does it work? Autodiscover is a web service
Authenticated client posts web request Autodiscover service returns XML response Response comes from mailbox server and is dynamic, based on client and location Configures Outlook or mobile client Configures URLs for each service based on location #ITDevConnections

5 Autodiscover Requirements
Internally, Exchange publishes an SCP during setup Externally, you need the following to get it working: Enable Outlook Anywhere SSL Certificates Configure URLs for each service Publish URLs in external DNS #ITDevConnections

6 How do Clients Connect to Autodiscover?
Authentication Assumes username + domain portion of the user’s primary SMTP address (SMTP domain) Otherwise uses Outlook's Auto Account Setup or prompts for logon ID Domain password Best practice: Match logon ID to address Password policy implications Denials of Service #ITDevConnections

7 Autodiscover 2010 Internal Architecture
The XML request contains a reference to a schema as the first part of the opening <Autodiscover> XML tag xmlns= xmlns= #ITDevConnections

8 Autodiscover 2013 Internal Architecture
The XML request contains a reference to a schema as the first part of the opening <Autodiscover> XML tag xmlns= xmlns= #ITDevConnections

9 Anatomy of an Autodiscover Response
Schema (outlook or mobilesync) User Information Account Information Alias Protocols: EXCH, EXPR, EXHTTP, WEB and sometimes mapiHttp Encryption Authentication URLs Alternative Mailboxes Public Folder Information Exchange 2007\2010: EXCH = Internal Outlook provider; EXPR = External Outlook provider Exchange 2013\2016: EXCH = EWS; EXPR = EWS; EXHTTP = Both, Internal then External WEB = URL for Outlook Web Access EXPR = Exchange HTTP protocol for OA (web services) EXHTTP = #ITDevConnections

10 Outlook Anywhere 2010 Response
Exchange Availability Service OOF OAB, and below that is UM #ITDevConnections

11 Outlook Anywhere 2010 Response
4. Protocol – in this case Outlook Anywhere 5. RPC Proxy server 6. Encryption requirement 7. Type of authentication – mutual means AutoD service uses cert, and user uses password 8. Certificate Principal Name (msstd) – server name (5) must match #ITDevConnections

12 MAPI over HTTP Response
#ITDevConnections

13 MAPI over HTTP Response
#ITDevConnections

14 How Does Internal Outlook Connect to Autodiscover?
Internal Autodiscover (domain-based) Service Connection Point (SCP) AD site-based First server in AD site SSL encrypted, so FQDNs and certs matter! #ITDevConnections

15 How Does External Outlook Connect to Autodiscover?
External Autodiscover (everywhere else) Publish Autodiscover URL in DNS A record CNAME record SRV record SSL encrypted, so FQDNs and certs matter! #ITDevConnections

16 Outlook Order of Operations
SCP lookup HTTPS root domain query HTTPS Autodiscover domain query Local XML file HTTP redirect method SRV record query Cached URL in the Outlook profile (new for Outlook 2010 version and later versions) Direct Connect to Office 365 (new for Outlook 2016 version and later versions) #ITDevConnections

17 Mobile Devices Only once (usually) during initial config
Different customized response HTTP Error 451 redirect does not use Autodiscover #ITDevConnections

18 What Makes Outlook Contact Autodiscover?
On Outlook startup Periodically on a background thread Default every 1 hour TTL setting (in hours) using Set-OutlookProvider If connection to Exchange server fails (failover or migration) Outlook for Mac requires Autodiscover for normal operation #ITDevConnections

19 Publishing Autodiscover
Internal Publishing SCP Edit with Set-ClientAccessServer -AutoDiscoverServiceInternalUri Best practice is to use the load balanced namespace for all servers External Publishing A records CNAME records SRV records #ITDevConnections

20 Autodiscover Coexistence
Autodiscover URL should always point to latest version 2013 CAS can up-level proxy to 2016 Exchange 2007 coexistence Client  CAS2013/16  MBX2013/16 EX2013/16 delivers Exchange 2007 XML for the correct AD site. Exchange 2010 coexistence Client  CAS2013 (proxy)  CAS2010  MBX2010 Hybrid autodiscover should always point on-prem #ITDevConnections

21 Autodiscover Testing Exchange Remote Connectivity Analyzer (ExRCA)
Microsoft Connectivity Analyzer Outlook Test AutoConfiguration #ITDevConnections

22 Demo Outlook Test Autodiscover, ExRCA, Connectivity tool. Show local logs in C:\Users\Jeff\AppData\Local\Microsoft\Outlook\16

23 Autodiscover Gotchas Registry or GPO settings cause Autodiscover to misbehave Ensure autodiscover.domain.com is on your certificate or use a wildcard Set each SCP to the load balanced name on your certificate #ITDevConnections

24 Set-AutodiscoverSCP Script
Prevents Outlook security warnings when building new Exchange servers Copies the SCP to the new AD object Copies all virtual directory URLs to the new server #ITDevConnections

25 Autodiscover Tips Beware of bare domain lookups in hosted environments
Use Set-AutodiscoverSCP.ps1 for new servers Match UPNs to addresses Reconfigure automapping Troubleshooting from Outlook (logs) Only use A records, but if you have to use SRV make sure they're consistent Bare domain lookups may be problematic if it has a cert on it. (expired, android). #ITDevConnections

26 WIN Rate This Session Now! Tell Us What You Thought of This Session
Rate with Mobile App: Be Entered to WIN Prizes! Tell Us What You Thought of This Session Select the session from the Agenda or Speakers menus Select the Actions tab Click Rate Session Rate with Website: Register at Go to Select this session from the list and rate it #ITDevConnections

Download ppt "Autodiscover is Hero of Exchange Motherland!"

Similar presentations

MEC 2014 4/5/2017 1:13 PM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

MEC /5/2017 1:13 PM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Exchange Server 2010 Upgrade and Deployment Meelis Nigols koolitaja IT Koolitus.

Exchange Server 2010 Upgrade and Deployment Meelis Nigols koolitaja IT Koolitus.
Welcome to the Exchange 2013 Webcast Deployment & Coexistence.

Welcome to the Exchange 2013 Webcast Deployment & Coexistence.
Staff Computer Training Exchange 2003: More User Friendly Vicki Hecht Cherry Delaney ITaP Luncheon October 14, 2003.

Staff Computer Training Exchange 2003: More User Friendly Vicki Hecht Cherry Delaney ITaP Luncheon October 14, 2003.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.

Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
1 of 3 Open Outlook 2007. On the Tools menu, click Account Settings. 1 Enable Outlook Anywhere 2 Click your Microsoft Exchange account, and then click.

1 of 3 Open Outlook On the Tools menu, click Account Settings. 1 Enable Outlook Anywhere 2 Click your Microsoft Exchange account, and then click.
1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 3 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Domain Name Server © N. Ganesan, Ph.D.. Reference.

Domain Name Server © N. Ganesan, Ph.D.. Reference.
IMAP migration Cutover migration Staged migration 2010 Hybrid2013 Hybrid Exchange 5.5 Exchange 2000 Exchange 2003 Exchange 2007 Exchange 2010 Exchange.

IMAP migration Cutover migration Staged migration 2010 Hybrid2013 Hybrid Exchange 5.5 Exchange 2000 Exchange 2003 Exchange 2007 Exchange 2010 Exchange.
Archiving in the cloud with Exchange Online Archiving Bharat Suneja Sr Technical Writer | Exchange Microsoft Corporation EXL301.

Archiving in the cloud with Exchange Online Archiving Bharat Suneja Sr Technical Writer | Exchange Microsoft Corporation EXL301.
MEC 2014 4/19/2017 7:51 PM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

MEC /19/2017 7:51 PM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Windows Server 2008 Chapter 8 Last Update 2012.05.31 1.0.0.

Windows Server 2008 Chapter 8 Last Update
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Archiving in the Cloud with Exchange Online Archiving BHARAT SUNEJA SR TECHNICAL WRITER | EXCHANGE MICROSOFT CORPORATION EXL301.

Archiving in the Cloud with Exchange Online Archiving BHARAT SUNEJA SR TECHNICAL WRITER | EXCHANGE MICROSOFT CORPORATION EXL301.
TechEd 2013 4/20/2017 2:02 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

TechEd /20/2017 2:02 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Introduction 4 FeatureSimpleHybrid Mail routing between on-premises and cloud (recipients on either side) Mail routing with shared namespace (if desired)

Introduction 4 FeatureSimpleHybrid Mail routing between on-premises and cloud (recipients on either side) Mail routing with shared namespace (if desired)
Zbyněk Saloň +420606093747 Exchange 2013 – Autodiscover - Overview.

Zbyněk Saloň Exchange 2013 – Autodiscover - Overview.
Exchange 2010 Recipient and Mailbox Management IT:Network:Applications.

Exchange 2010 Recipient and Mailbox Management IT:Network:Applications.
Managing Client Access

Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Similar presentations

Ads by Google