Lets say you are hosting many domains in one Exchange Server .
Your Server has a SSL cert .
With these below entries for example .
Mail.Careexchange.in
autodiscover.careexchange.in
—
Now for every domain you host . you cannot keep adding their entries in your SSL . that’s not going to benefit you . the simplest method is using the SRV record method .
like for the every domain you host . you can create a SRV record.
So that you can get the autodiscover settings from your primary domain .
And Outlook 2007 . 2010 , 2013 can understand it . so that your Outlook can be configured automatically .
Lets see how to create a SRV record for example.
Create a SRV Record for Every Tenant to use the Auto discover Service
Choose Name – _autodiscover._tcp
Type – SRV
Priority – 1
Weight – 0
Port – 443
Host offering this service – mail.careexchange.in
(Host offering this service is my Exchange Server)
In a Practical Scenario , Lets see how to do it on a DNS provider interface .
Lets say Testcareexchange.biz is my tenant (1 of my customer)
For users like web catalyst, you can go to Advanced records and add this way . So that SRV record will work
Example
_autodiscover._tcp.testcareexchange.biz. 1800 IN SRV 1 0 443 mail.careexchange.in.
—
Wait for DNS propagation for 2 to 4 hours .
To Verify the auto discover setting succeeded properly .
You can use Below Microsoft website .
http://testexchangeconnectivity.com/
–
Hope this information is Useful.
Still there are other methods like autodiscover redirect methonds , we will see it in future posts.
Test
Thank you for your interesting article.
I do have a question concerning which DNS the entries are made to. When you made the SRV records are you making them on your external DNS provider because you own the domain also for the testcareerexchange.biz … For a tenant who manages their own DNS would they make the entry on their DNS hosting provider…. Typically they would have DNS with their hosted website etc. so they would have a DNS entry for their mail.
We are a hosting provider we have our name servers . if customer choose our Name servers. SRV records are available in our DNS.
if customer has their own name servers. they should create on their own .
Excellent articles. Your guidance has been perfect.
Can you please advise though why I receive a certificate error when a tenant account connects via Outlook 2010 externally.
UCC SSL has the following
owa.domain.com
autodiscover.domain.com
dag-2013.internal.domain.com
Test accounts using the email address user@domain.com can open Outlook perfectly.
A tenant with the address user@tenant.com can connect fine via OWA.
When the tenant connects via external Outlook, it connects but throws up an error –
autodiscover.tenant.com – the name on the security certificate is invalid or does not match the name of the site.
I followed your guide and created an SRV record for autodiscover to point to the hosting domain.
_autodiscover_tcp.tenant.com –
address – autodiscover.domain.com
So the Exchange RCA works perfectly with no errors – Testing Outlook Connectivity and Outlook Autodiscover.
Any idea what I missed that would have the RCA test ok but Outlook fails.
Remember, I can get Outlook to work perfectly for the testing accounts in the hosting domain.
Hope you can reply soon.
Terry
In regards to the issue above with autodiscover. This have been resolved by removing the record I created for autodiscover.tenant.com. The article never mentions to create that record, and only says to create the SRV record. Having the extra record ‘confused’ the autodiscover process/
So make sure you only add the SRV record, then Multi Tenant works perfectly.
Once again guys… thanks for a an awesome guide.
Can anyone confirm wether autodiscover SRV method is supported or not, on Apple IOS?
It doesn’t work on Apple Ios default email app – But you can try on Outlook App . it may work
Hi,
we have a single mail server domain.com configure with Exchange 2013 CAS & Mailbox. Recently we configured tenant tenant.in. Created autodiscover SRV record in tenant.in pointing to domain.com. After this configuration Outlook 2013 was not taking the username password for tenant.in and giving credential pop up. After a day domain.com also giving the credential pop ups and not authenticating even after putting the password. When tried with owa it gets the password and working ok. What can be the issue?
Shyam