Thursday , February 20 2020

How to Create Autodiscover (SRV) record for Multi Tenant Scenario in Exchange 2013

Lets say you are hosting many domains in one Exchange Server .

Your Server has a SSL cert .

With these below entries for example .

Mail.Careexchange.in

autodiscover.careexchange.in

Now for every domain you host . you cannot keep adding their entries in your SSL . that’s not going to benefit you . the simplest method is using the SRV record method .

like for the every domain you host . you can create a SRV record.

So that you can get the autodiscover settings from your primary domain .

And Outlook 2007 . 2010 , 2013 can understand it . so that your Outlook can be configured automatically .

Lets see how to create a SRV record for example.

 

Create a SRV Record for Every Tenant to use the Auto discover Service

Choose Name – _autodiscover._tcp

Type – SRV

Priority – 1

Weight – 0

Port – 443

Host offering this service – mail.careexchange.in

(Host offering this service is my Exchange Server)

In a Practical Scenario , Lets see how to do it on a DNS provider interface .

Lets say Testcareexchange.biz is my tenant (1 of my customer)

image

 

For users like web catalyst, you can go to Advanced records and add this way . So that SRV record will work

image

Example

_autodiscover._tcp.testcareexchange.biz. 1800 IN SRV 1 0 443 mail.careexchange.in.

Wait for DNS propagation for 2 to 4 hours .

 

To Verify the auto discover setting succeeded properly .

You can use Below Microsoft website .

http://testexchangeconnectivity.com/

 

 

Hope this information is Useful.

Still there are other methods like autodiscover redirect methonds , we will see it in future posts.

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Azure365pro.com. Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Implementing DKIM in IronPort

Lets see how to Implement DKIM Signing using IronPort. You need to enable signing for …

9 comments

  1. Sebastien Ollier

    Thank you for your interesting article.

  2. I do have a question concerning which DNS the entries are made to. When you made the SRV records are you making them on your external DNS provider because you own the domain also for the testcareerexchange.biz … For a tenant who manages their own DNS would they make the entry on their DNS hosting provider…. Typically they would have DNS with their hosted website etc. so they would have a DNS entry for their mail.

    • Satheshwaran Manoharan

      We are a hosting provider we have our name servers . if customer choose our Name servers. SRV records are available in our DNS.

      if customer has their own name servers. they should create on their own .

  3. Excellent articles. Your guidance has been perfect.
    Can you please advise though why I receive a certificate error when a tenant account connects via Outlook 2010 externally.
    UCC SSL has the following
    owa.domain.com
    autodiscover.domain.com
    dag-2013.internal.domain.com

    Test accounts using the email address user@domain.com can open Outlook perfectly.
    A tenant with the address user@tenant.com can connect fine via OWA.
    When the tenant connects via external Outlook, it connects but throws up an error –
    autodiscover.tenant.com – the name on the security certificate is invalid or does not match the name of the site.

    I followed your guide and created an SRV record for autodiscover to point to the hosting domain.
    _autodiscover_tcp.tenant.com –
    address – autodiscover.domain.com

    So the Exchange RCA works perfectly with no errors – Testing Outlook Connectivity and Outlook Autodiscover.
    Any idea what I missed that would have the RCA test ok but Outlook fails.

    Remember, I can get Outlook to work perfectly for the testing accounts in the hosting domain.
    Hope you can reply soon.

    Terry

  4. In regards to the issue above with autodiscover. This have been resolved by removing the record I created for autodiscover.tenant.com. The article never mentions to create that record, and only says to create the SRV record. Having the extra record ‘confused’ the autodiscover process/
    So make sure you only add the SRV record, then Multi Tenant works perfectly.
    Once again guys… thanks for a an awesome guide.

  5. Can anyone confirm wether autodiscover SRV method is supported or not, on Apple IOS?

  6. Hi,

    we have a single mail server domain.com configure with Exchange 2013 CAS & Mailbox. Recently we configured tenant tenant.in. Created autodiscover SRV record in tenant.in pointing to domain.com. After this configuration Outlook 2013 was not taking the username password for tenant.in and giving credential pop up. After a day domain.com also giving the credential pop ups and not authenticating even after putting the password. When tried with owa it gets the password and working ok. What can be the issue?

    Shyam

Leave a Reply

Your email address will not be published.