Before you can connect to Exchange Online PowerShell, you need to install the Exchange Online…
Autodiscover URL in Exchange Hybrid
Frustration about the autodiscover URL when you migrate to Office 365/Microsoft 365. Where do you need to point your autodiscover URL to in an Exchange Hybrid configuration? Do you need to point the autodiscover record to the Exchange on-premises or Exchange Online? In this article, we discuss when and how to configure autodiscover in Exchange Hybrid deployment.
Table of contents
Introduction
In the previous articles, we already did write about the autodiscover URL. So it’s good to go through these articles and understand how to set up autodiscover URL in Exchange Server.
- Find autodiscover URL in Exchange with PowerShell
- Configure autodiscover URL in Exchange with PowerShell
Autodiscover URL in Exchange Hybrid deployment
In the table below, you can see where to point your autodiscover URL to in an Exchange Hybrid deployment.
Mailbox location | Point autodiscover URL to Exchange on-premises | Point autodiscover URL to Exchange Online |
---|---|---|
All mailboxes on-premises | ✓ | – |
All mailboxes in cloud | – | ✓* |
Mailboxes on-premises and in cloud | ✓ | – |
*After migrating all the mailboxes to Exchange Online, and everything works as expected, you can point the autodiscover URL to Exchange Online. That’s when you want to null the autodiscover internal URL in the Exchange on-premises server. You have to do that with Exchange Management Shell (PowerShell). Also, remove the internal DNS entries which point to the autodiscover URL. More on that down below.
Point autodiscover URL to Exchange on-premises
Do you have mailboxes in Exchange on-premises only or both the mailboxes on-premises and in the cloud? Point the autodiscover URL to the Exchange on-premises server. Exchange on-premises will automatically direct clients to autodiscover for Exchange Online.
Most of the time, you will not have to edit anything because it’s already set. However, if it’s not set up correctly, configure the autodiscover internal URL, public DNS autodiscover, and internal DNS autodiscover entries.
Autodiscover internal URL
Run Exchange Management Shell. Use the Get-ClientAccessServer cmdlet to check the autodiscover internal URL. In our example, there are two Exchange Servers in the organization.
[PS] C:\>Get-ClientAccessServer | Select Identity, AutoDiscoverServiceInternalUri, AutoDiscoverSiteScope | Format-List
Identity : EX01-2016
AutoDiscoverServiceInternalUri : https://autodiscover.exoip.com/Autodiscover/Autodiscover.xml
AutoDiscoverSiteScope : {Default-First-Site-Name}
Identity : EX02-2016
AutoDiscoverServiceInternalUri : https://autodiscover.exoip.com/Autodiscover/Autodiscover.xml
AutoDiscoverSiteScope : {Default-First-Site-Name}
Public DNS autodiscover
Configure the autodiscover CNAME record in Public DNS. Point the autodiscover record to mail.exoip.com.
Record Type | TTL | DNS Name | Priority | Value |
---|---|---|---|---|
CNAME | 300 | autodiscover | mail.exoip.com. |
After 5 to 10 minutes, check the record with the MxToolbox CNAME lookup. Verify that the DNS record is published correctly.
Internal DNS autodiscover
Suppose you use Round-robin DNS. Add two CNAME or A records in the internal DNS server for autodiscover.exoip.com. Pointing to both the Exchange Servers EX01-2016 and EX02-2016. Assuming both Exchange Servers are the Client Access Servers (CAS).
If you use a Load Balancer, create a VIP on the load balancer. Pointing to both the Exchange Servers EX01-2016 and EX02-2016. Assuming both Exchange Servers are the Client Access Servers (CAS). Add a CNAME or A record in the internal DNS server for autodiscover.exoip.com. Pointing to the load balancer.
In our example, we have a Kemp load balancer with internal IP 192.168.1.54.
On an internal machine, ping the autodiscover DNS record. Ensure you get a reply from the load balancer or Exchange Server.
C:\>ping autodiscover.exoip.com
Pinging autodiscover.exoip.com [192.168.1.54] with 32 bytes of data:
Reply from 192.168.1.54: bytes=32 time<1ms TTL=64
Reply from 192.168.1.54: bytes=32 time<1ms TTL=64
Reply from 192.168.1.54: bytes=32 time<1ms TTL=64
Reply from 192.168.1.54: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.1.54:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Point autodiscover URL to Exchange Online
Do you have all the mailboxes moved to the cloud? First, point the autodiscover URL to Exchange Online. After that, null the internal autodiscover URL on the Exchange on-premises server. As of last, remove the internal DNS autodiscover entries.
Autodiscover internal URL
Run Exchange Management Shell. Use the Get-ClientAccessServer cmdlet to check the autodiscover internal URL. In our example, there are two Exchange Servers in the organization.
[PS] C:\>Get-ClientAccessServer | Select Identity, AutoDiscoverServiceInternalUri, AutoDiscoverSiteScope | Format-List
Identity : EX01-2016
AutoDiscoverServiceInternalUri : https://autodiscover.exoip.com/Autodiscover/Autodiscover.xml
AutoDiscoverSiteScope : {Default-First-Site-Name}
Identity : EX02-2016
AutoDiscoverServiceInternalUri : https://autodiscover.exoip.com/Autodiscover/Autodiscover.xml
AutoDiscoverSiteScope : {Default-First-Site-Name}
Use the AutoDiscoverServiceInternalUri parameter to null the autodiscover internal URL. In our example, we will run the command against both Exchange Servers.
[PS] C:\>Set-ClientAccessServer -Identity EX01-2016 -AutoDiscoverServiceInternalUri $null
[PS] C:\>Set-ClientAccessServer -Identity EX02-2016 -AutoDiscoverServiceInternalUri $null
Verify that the autodiscover internal URL is nulled.
[PS] C:\>Get-ClientAccessServer | Select Identity, AutoDiscoverServiceInternalUri, AutoDiscoverSiteScope | Format-List
Identity : EX01-2016
AutoDiscoverServiceInternalUri :
AutoDiscoverSiteScope : {Default-First-Site-Name}
Identity : EX02-2016
AutoDiscoverServiceInternalUri :
AutoDiscoverSiteScope : {Default-First-Site-Name}
Restart the Internet Information Services (IIS).
[PS] C:\>iisreset
Public DNS autodiscover
Configure the autodiscover CNAME record in Public DNS. Point the autodiscover record to autodiscover.outlook.com. This is the default autodiscover record for Exchange Online.
Record Type | TTL | DNS Name | Priority | Value |
---|---|---|---|---|
CNAME | 300 | autodiscover | autodiscover.outlook.com. |
After 5 to 10 minutes, check the record with the MxToolbox CNAME lookup. Verify that the DNS record is published correctly.
Internal DNS autodiscover
Remove the autodiscover DNS entries in the internal DNS.
On an internal machine, ping the autodiscover DNS record. Ensure you get a reply from an external IP address and not the internal load balancer or Exchange Server. That’s because it will reach outlook.autodiscover.com.
C:\>ping autodiscover.exoip.com
Pinging autod.ms-acdc-autod.office.com [40.101.80.184] with 32 bytes of data:
Reply from 40.101.80.184: bytes=32 time=9ms TTL=242
Reply from 40.101.80.184: bytes=32 time=10ms TTL=242
Reply from 40.101.80.184: bytes=32 time=15ms TTL=242
Reply from 40.101.80.184: bytes=32 time=13ms TTL=242
Ping statistics for 40.101.80.184:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 15ms, Average = 11ms
That’s it!
Read more: Configure Internal and External URL in Exchange Server »
Conclusion
You learned when and how to set up autodiscover URL in Exchange Hybrid deployment. Make sure that you point the autodiscover URL to the Exchange on-premises server as long as you have mailboxes located on-premises. If all mailboxes are in the cloud, autodiscover can be pointed to Exchange Online.
Did you enjoy this article? You may also like Find IP addresses using Exchange SMTP relay. Don’t forget to follow us and share this article.
What to do when you want it to be able to find mailbox both in Online and Exchange On-prem? Btw, for us the autodiscovery varies, for our On Prem accounts, it looks on prem, for our migrated cloud users, it looks on the cloud, however we want to make it so that autodiscovery looks both on prem and on cloud for the migrated mailbox
Keep your autodiscover URL pointing to the Exchange on-premises server if you have 1 or more mailboxes running in Exchange Server on-premises.
The Outlook client makes an autodiscover request to Exchange Server on-premises and detects whether the mailbox is on-premises or Exchange Online. Based on that, it will connect to Exchange Server (if the mailbox is on-premises), or a new autodiscover request will be initiated to Exchange Online (if the mailbox is in the cloud).
Thank you for all your efforts with your Blogs. Helpful in the weekends when no one wants to be at work, so it’s hard to get help. But your Blogs have saved me more than once. So easy to follow and grasp. “If This is your setup do This. If That is your setup do That”. Awesome work. I can’t honestly thank you enough so once again – Thank you
Like always, your blog is an amazing resource!
Will there be any Outlook client connectivity issues after pointing auto discover to 365, does the client need to be restarted to apply changes?
Dear Mr. Ali
Thank you so much for nice tutorial. I have a question if i have few users are in On-premise and few in O365. how to point 2 autodiscover records.
If you have mailboxes on-premises and in the cloud, you must point the autodiscover URL to the Exchange Server on-premises. So there is only 1 autodiscover.
Read the article carefully as it is explained in details.
WOW. Ali awesome explanation. keep going on
Ali, you are way above all these MVPs. Microsoft should create a new award that’s called ‘MVP of all MVPs’ and award it to you.
Absolute a legend. Please keep on going.
you rock!
Hallo and thanks for the great post
I configure Autodiscover the same way as you recommended.
However, what exactly is the problem or disadvantage if the Autodiscover record points to EO and I still have a few admin- or service mailboxes OnPrem (all shared- and user mailboxes are in the cloud)?
Thank you for your help
Hi Marc,
If you don’t configure the admin mailboxes or service mailboxes in Outlook, it’s OK to point the autodiscover record to EXO.
Configuring on-premises mailboxes in Outlook will not work when you point the autodiscover record to EXO. Also, autodiscover automatically loads all mailboxes for which the user has full access permissions. Therefore, if the autodiscover does not point to the right environment, it will not load the assigned mailboxes and show many errors.
Pointing autodiscover to EX or EXO is essential for an optimal working Exchange environment.
Thank you for this article, very helpful!
Thank you for this. Very, very helpful.
Ali
Your articles are the best in the world. Always well written with your experience. Microsoft has too many pages of documentation and I am picking up more and more where Microsoft is contradicting themselves.
They also do not blatantly mention certain things – you have to read between the lines.
But your articles are spot on. You are helping many admins in other countries -greetings from South Africa.
God bless !!!
Hello,
can I have question please?
We have Exchange Hybrid set up. We have dozens of mailboxes in the Cloud, the rest in On-premise. We have encountered a problem where we are logging in from the internal network and users are prompted to enter their login credentials (the ADFS login page will appear as we use ADFS). We have set it up according to the instructions, autodiscover.domain.com points to local Exchange servers, but while trying to go to outlook.office.com, can this be somehow prevented and tell Outlook to use only SCP? I tried the registries: ExcludeExplicitO365Endpoint, DisableAutodiscoverV2Service, but without success. 🙁
Thank you for your help