Configure Autodiscover Redirection for the Multi-Tenant Organization
Symptoms (Issue):AutoDiscover redirection permits the tenant organizations to connect to the hosting organization by using a single instance of AutoDiscover. AutoDiscover redirection also permits all of the tenants to use the same SSL certificate.
In order to use AutoDiscover features with hosted e-mail domains, you must set up and configure a site that will function as a redirector to the main Exchange AutoDiscover Web site. For each hosted e-mail domain that you offer, an alias (CNAME) will be setup in DNS to refer AutoDiscover capabilities to this AutoDiscover Redirection Web site. This AutoDiscover Redirection Web site will re-direct the users to the main Exchange AutoDiscover Web site which will then provide the correct information to Outlook clients.
Resolution
Configure AutoDiscover redirection:
- Setup the AutoDiscover redirect site
- Configure the Client Access servers to handle AutoDiscover requests
- Setup the DNS record for the tenant organization.
Have a server running Internet Information Services (IIS), the Client Access Server and the Domain Controller can't be the same server.
Or to have other IP on same server Client server on below scenario I have only one server with below rules:
- Exchange server (Mailbox, Access, Hub, OWA).
- Auto Discover Redirect rule.
- Setup the AutoDiscover redirect site
- On the server that will be running IIS and the Autodiscover redirect, install the HTTP Redirection module.
- Create a virtual website for Autodiscover redirection.
- On the Server that is running IIS manager, open the IIS manager.
- In the console tree, expand the server.
- Right-click onSites, and then clickAdd Web Site.
- In theSite namefield, typeAutodiscoverRedirection.
- Select aPhysical pathto the virtual website. For exampleD:\Autodiscover Redirection.
- In the binding section, complete the following options
Type: http
IP address: Type or select the explicit IP Address to the redirection server. - ClickOK.
- Create a virtual directory for Autodiscover redirection.
- In the console tree, right-click on the AutodiscoverRedirection website, and then selectAdd Virtual Directory.
- In theAdd Virtual Directorydialog box, complete the following options:
Alias: Autodiscover
Physical path: Select the physical path to the virtual directory. This should be a sub folder of the Autodiscover Redirection virtual website that you created in the previous step. For exampleD:\Autodiscover Redirection\Autodiscover. - ClickOK.
- Configure HTTP Redirection for Autodiscover.
- In the console tree, click on the Autodiscover virtual directory. In the results pane double-click on HTTP Redirect.
- Click the Redirect requests to this destination checkbox.
- Type the autodiscover redirection address. For example, This address will match the ExternalURL that you will use in configuring Client Access servers to handle the Autodiscover requests.
- Configure the Client Access servers to handle AutoDiscover requests
- Enable Outlook Anywhere by using theEnable-OutlookAnywherecmdlet. You must set the following options:
- DefaultAuthenticationMethod: Basic
- ExternalHostName: TheExternalHostNamespecifies the host name that users outside of the organization will connect to Outlook Anywhere. For example, mail.contoso.com.
- SSLOffloading: $false
Enable-OutlookAnywhere -Server Server01 -ExternalHostname mail.contoso.com -DefaultAuthenticationMethod:Basic -SSLOffloading $False
- Configure the AutoDiscover Virtual Directory by using theSet-AutoDiscoverVirtualDirectorycmdlet. You must set the following options:
- BasicAuthenication: $true
- InternalURL: The url that is used to connect to the virtual directory from outside the organization. Use /autodiscover at the end of the URL to specify the autodiscover virtual directory.
- ExternalURL: The url that is used to connect to the virtual directory from inside the organization. Use /autodiscover at the end of the URL to specify the autodiscover virtual directory.
Set-AutodiscoverVirtualDirectory -Identity 'autodiscover (default Web site)' -ExternalURL ' -InternalURL' -BasicAuthentication $true
- Set the OAB Virtual Directory by using the Set-OABVirtualDirectorycmdlet. You must set the following options:
- RequireSSL: $true
- InternalURL: TheInternalURLspecifies the URL that is used to connect to the virtual directory from inside of the organization. Use /OAB at the end of the URL to specify the OAB virtual directory.
- ExternalURL: TheExternalURLspecifies the URL that is used to connect to the virtual directory from outside of the organization. Use /OAB at the end of the URL to specify the OAB virtual directory.
- BasicAuthentication: $true
Set-OABVirtualDirectory -Identity "Server1\OAB (Default Web Site)" -ExternalUrl " InternalURL-BasicAuthentication $true -RequireSSL $true
- Set the Web Services Virtual Directory by using the Set-WebServicesVirtualDirectorycmdlet. You must set the following settings:
- ExternalURL: The ExternalURL specifies the URL that is used to connect to the virtual directory from outside of the organization. Use /EWS/Exchange.asmx at the end of the URL to specify the web services virtual directory.
- InternalURL: The InternalURL specifies the URL that is used to connect to the virtual directory from inside of the organization. Use /EWS/Exchange.asmx at the end of the URL to specify the web services virtual directory.
- BasicAuthentication: $true
Set-WebServicesVirtualDirectory -Identity "SERVER01\EWS(default Web site)"-BasicAuthentication $true -ExternalUrl -InternalUrl
More Information