Wednesday , August 21 2019

How to Create Autodiscoverredirect record for Multi Tenant Scenario in Exchange 2013

Lets say you are hosting many domains in one Exchange Server (Multi-Tenant) .

SSL cert has been Configured, With these below entries for example .

Mail.Careexchange.in

autodiscover.careexchange.in

In Simple Words – Using AutoDiscover with large numbers of accepted domains

image

Now for every domain you host . you cannot keep adding their entries in your SSL . that’s not going to benefit you . the recommended method is using the Autodiscoverredirect method .

like for the every domain you host . you can create a CNAME record.

autodiscover.DomainA.com CNAME to autodiscoverredirect.careexchange.in

So that you can get the autodiscover settings from your primary domain .

And Outlook 2007 . 2010 , 2013 can understand it . so that your Outlook can be configured automatically .

Click “Add Website”

image

“Type Autodiscoverredirect”

Create a Folder “AutodiscoverRedirect” in the below location

“C:\inetpub”

image 

Now In that website – Add Http redirect URL

As Primarydomain (Hosterdomain)  https://mail.careexchange.in/autodiscover

Click on Apply

 

image

Add the Additional IP on the NIC . so that the IP listens .

Lets see how to create a CNAME record for example.

Create a CNAME Record for Every Tenant to use the Primary Auto discover Service

Lets say you host DomainA,DomainB,DomainC

In Domain A public DNS

autodiscover.DomainA.com CNAME to autodiscoverredirect.careexchange.in

In Domain B public DNS

autodiscover.DomainB.com CNAME to autodiscoverredirect.careexchange.in

In Domain C public DNS

autodiscover.DomainC.com CNAME to autodiscoverredirect.careexchange.in

Wait for DNS propagation for 2 to 4 hours .

To Verify the auto discover setting succeeded properly .

You can use Below Microsoft website .

http://testexchangeconnectivity.com/

Hope this information is Useful.

Still there are other methods like SRV methods , which doesn’t require a additional public IP

But few active sync phones doesn’t support SRV method . E.g Iphone.

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Azure365pro.com. Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Save Public IPs using F5 LTM Policies

F5 has different modules and one of them is LTM – Local Traffic Manager . ...

30 comments

  1. Good One

  2. Thanks
    always good to remember
    the only downside of this approach is that prompt from outlook when you do redirect…

  3. For Exchange multi-tenancy, the software is same as one we use for on premise installation or is it the different one?

  4. We have setup autodiscover redirection properly (I guessed) by:

    Creating a CNAME from
    AliasName: autodiscover.tenant-domain.com TO
    PrimaryName: autodiscoverredirection.hostname.com.

    Then doing a re-direction to https autodiscover service.

    All seems to be working properly, however, when I open Outlook, it still shows the pop out saying “autodiscover.tenant-domain.com – The name of the security certificate is invalid or does not match the name of the site”.

    The autodiscover redirection is indeed working properly, that’s why the autodiscover is working, however it is still trying to match autodiscover.tenant-domain.com to the certitifcate instead of matching the re-directed url, which is autodiscover.hostname.com.

    Could anyone advise what is wrong? Or anyone who knows how to correct it can contact me? 🙂

  5. Thanks For Your Reply . I tried with Outlook 2010 Also , Same Error Msg 🙁 .. I also tried Test-OutlookConnectivity on my exchange server it gives a waston dump error . Please Help

  6. This does not work!

  7. Hello Satheshwaran,

    I have the same problem, only I don’t even get that far. I simply can’t get use it for other domains then our own (which works fully on autodiscover).

    I’ve got the redirection and everything is working fine. the testconenctivity fails because ‘the name autodiscover.farmer.eu does not match anything in the valid SSL-certificate autodiscover.ourcompany.nl’

    the redirect works, that I know for a fact, but the certificate doesn’t ‘see it’ I have the feeling.

    • Pushapraj Singh Bhamra

      hi i have my autodiscover setup correctly but it takes about 5 minutes to discover settings, local and external on outlook 2013. before using websitepanel to setup a multi tenant i had it hosed on our network for just our company and autodiscover local and external was quick. please advise any thing i can do/test to figure out whats the delay?

  8. To be equipped to utilize a PCTV card, your Personal computer
    must possess a USB port and will desire to not be significantly less than Pentium II, with a purposeful CD Rom drive.
    Immediately return your HDTV towards the manufacturer whether
    or not this has problem in its power. Insignia ps4 LED TVs are slicker and has thinner panels
    than that of the LCDs and they consume less electricity power
    too.

    If you’ve researched Samsung TVs then you probably have heard concerning the
    clear motion rate (CMR). By connecting your PC for your HDTV you may enjoy both Television and computer activities on the same time.

  9. handy and mobile discount

    An impressive share! I’ve just forwarded this onto a friend who has been doing a little research on this.
    And he actually bought me dinner because I discovered it
    for him… lol. So let me reword this…. Thank YOU for the
    meal!! But yeah, thanks for spending the time to discuss
    this topic here on your web page.

  10. bán ??u nghe nh?c

    I couldn’t resist commenting. Well written!

  11. thuê máy photocopy t?i hà n?i

    It’s something so new that viewers learn information that can be used in a different way.
    You can even scan documents and use inexpensive software to convert the ‘picture” of the words into digital text. Also go with your gut if something is feeling a bit funny at the interview don’t hesitant to end the conversation.

  12. Hey there! I’ve been following your weblog for some time now and finally got the bravery to
    go ahead and give you a shout out from New Caney Texas!
    Just wanted to tell you keep up the excellent job!

  13. Think of plugins like a compressor, an equalizer and a reverb.

    You’d be amazed (or maybe you wouldn’t) at how many home enthusiasts launch themselves body and soul into mixing their tracks, enthusiastically but
    with no real sense of direction. Virtual – DJ, also known as VDJ,
    is the hottest AUDIO and VIDEO mixing software for use by mobile and club DJs.

  14. Vinhome Khánh H?i

    I have learn several good stuff here. Definitely price bookmarking
    for revisiting. I wonder how so much effort you set to make this
    sort of fantastic informative site.

  15. This info is worth everyone’s attention. When can I find
    out more?

  16. Helpful information. Fortunate me I discovered your web site by accident, and I am surprised why this twist of fate did not took place earlier!
    I bookmarked it.

  17. Remarkable things here. I am very glad to peer your post.
    Thanks a lot and I am having a look ahead to touch you.
    Will you please drop me a e-mail?

  18. hi
    great article.thanks. would you be more specific about “Add the Additional IP on the NIC . so that the IP listens .”?
    you mean I have another Ip in the range of IP which is already set on my NIC? why?

  19. its looks fine but only with autodiscover service …. How we can configure multiple namspace/URL’s (in case of multiple accepted domains)for other exchange services e.i outlook anywhere,EWS,RPC/http, Mapi/http, active sync etc. (or we do not need to configure namespace for other all secondary accepted domains)

    For example;
    my primary domain = ExchangeSite.com
    Other Accepted Domains are ; abc.com , xvz.com and bca.com

    i will configure all exchange services virtual directories with my primary domain ; i.e
    mail.ExchangeSite.com/OWA
    mail.ExchangeSite.com/Ecp
    mail.ExchangeSite.com/Mapi…//
    mail.ExchangeSite.com/ActiveSync….//
    etc etc

    My question is ;
    As outlook access multiple services/URL’s to access or connect with exchange server.

    During Outlook configuration using autodiscover All other Accepted domain users (Secondary) will be access to exchange services using primary domain URLS (ExchangeSite.com)?

  20. Satheshwaran,

    If you are using a NAT do you need 2 separate public IP addresses, or can you just forward the port 80 traffic to the other IP address that has been added to the exchange server.

    24.55.58.98/443 –>192.168.1.100 = Exchange
    24.55.58.98/80 –>192.168.1.101 = Autodiscover

    Thanks

    • Satheshwaran Manoharan

      That should work as well. but i recommend to use two. cause HTTP Mapi also works on 80 . may conflict and create issues.

Leave a Reply

Your email address will not be published.