skip to Main Content

Configure Internal and External URL in Exchange

After installing Exchange Server and configuring internal DNS, what’s next? The next step is to configure Internal and External URL in Exchange Server. Configuring the URLs can be done with Exchange Admin Center (EAC) or with PowerShell. Well, almost all parts can be configured with EAC, because one part (AutoDiscover) needs to be configured with PowerShell. In this article, you will learn how to configure URLs in Exchange Server.

Information Internal and External URL in Exchange

Important: Read the article Exchange namespace design and planning before you go further.

We have an internal domain named exoip.local and external domain In our example, we will configure the namespace This way, we can buy a third-party certificate for Exchange Server. We will configure the internal and external URLs with the same name. Almost all the URLs will have in the configuration. That’s because the AutoDiscover URL will be different.

ServiceInternal and External URL
Exchange Control Panel
Exchange Web Services
Exchange ActiveSync
Offline Address Book
Outlook Web Access

Do you like to know how the current Exchange URLs are configured? Read the article Find Exchange Server URLs with PowerShell.

An architecture view of the Exchange namespace is shown below in the topology.

Exchange Server Internal and External URL architecture

Configure internal and External URL in Exchange with PowerShell

Sign in to Exchange Server. Run Exchange Management Shell as administrator. Set the virtual directory for every component and verify it after. If you like to set the URLs on all the Exchange Servers, remove -Server EX01-2016 from each command.

In our example, we like to configure URLs on this particular Exchange Server, this is why we will use the -Server parameter.

Configure URL for Autodiscover.

[PS] C:\>Get-ClientAccessServer -Identity EX01-2016 | Set-ClientAccessServer -AutoDiscoverServiceInternalUri

[PS] C:\>Get-ClientAccessService -Identity EX01-2016 | Format-List Identity, AutoDiscoverServiceInternalUri

Identity                       : EX01-2016
AutoDiscoverServiceInternalUri :

Configure URL for Exchange Control Panel (ECP).

[PS] C:\>Get-EcpVirtualDirectory -Server EX01-2016 | Set-EcpVirtualDirectory -ExternalUrl -InternalUrl

[PS] C:\>Get-EcpVirtualDirectory -Server EX01-2016 | Format-List InternalUrl, ExternalUrl

InternalUrl :
ExternalUrl :

Configure URL for Exchange Web Services (EWS).

[PS] C:\>Get-WebServicesVirtualDirectory -Server EX01-2016 | Set-WebServicesVirtualDirectory -ExternalUrl -InternalUrl

[PS] C:\>Get-WebServicesVirtualDirectory -Server EX01-2016 | Format-List InternalUrl, ExternalUrl

InternalUrl :
ExternalUrl :

Configure URL for MAPI.

[PS] C:\>Get-MapiVirtualDirectory -Server EX01-2016 | Set-MapiVirtualDirectory -ExternalUrl -InternalUrl

[PS] C:\>Get-MapiVirtualDirectory -Server EX01-2016 | Format-List InternalUrl, ExternalUrl

InternalUrl :
ExternalUrl :

Configure URL for ActiveSync.

[PS] C:\>Get-ActiveSyncVirtualDirectory -Server EX01-2016 | Set-ActiveSyncVirtualDirectory -ExternalUrl -InternalUrl

[PS] C:\>Get-ActiveSyncVirtualDirectory -Server EX01-2016 | Format-List InternalUrl, ExternalUrl

InternalUrl :
ExternalUrl :

Configure URL for Offline Address Book (OAB).

[PS] C:\>Get-OabVirtualDirectory -Server EX01-2016 | Set-OabVirtualDirectory -ExternalUrl -InternalUrl

[PS] C:\>Get-OabVirtualDirectory -Server EX01-2016 | Format-List InternalUrl, ExternalUrl

InternalUrl :
ExternalUrl :

Configure URL for Outlook Web Access (OWA).

[PS] C:\>Get-OwaVirtualDirectory -Server EX01-2016 | Set-OwaVirtualDirectory -ExternalUrl -InternalUrl
WARNING: You've changed the InternalURL or ExternalURL for the OWA virtual directory. Please make the same change for the ECP virtual directory in the same website.

[PS] C:\>Get-OwaVirtualDirectory -Server EX01-2016 | Format-List InternalUrl, ExternalUrl

InternalUrl :
ExternalUrl :

Configure URL for PowerShell.

[PS] C:\>Get-PowerShellVirtualDirectory -Server EX01-2016 | Set-PowerShellVirtualDirectory -ExternalUrl -InternalUrl

[PS] C:\>Get-PowerShellVirtualDirectory -Server EX01-2016 | Format-List InternalUrl, ExternalUrl

InternalUrl :
ExternalUrl :

Configure URL for Outlook Anywhere.

[PS] C:\>Get-OutlookAnywhere -Server EX01-2016 | Set-OutlookAnywhere -ExternalHostname -InternalHostname -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM

[PS] C:\>Get-OutlookAnywhere -Server EX01-2016 | Format-List ExternalHostname, InternalHostname

ExternalHostname :
InternalHostname :

Configuring Internal and External URL in Exchange Server completed successfully.

Configure Exchange Server URLs with PowerShell script

A faster way to set all the internal and external URLs is with the Set-ExchangeURLs.ps1 PowerShell script. Save the script on the Exchange Server C:\scripts folder. If you don’t have a scripts folder, create one.

Ensure that the file is unblocked to prevent any errors when running the script. Read more in the article Not digitally signed error when running PowerShell script.

Another option is to copy and paste the below code into Notepad. Give it the name Set-ExchangeURLs.ps1 and place it in the C:\scripts folder.

Change line 1, 2, 3.

$subdomain = "mail" #enter subdomain
$domain = "" #enter domain
$servername = "EX01-2016" #enter server name

Get-ClientAccessServer -Identity $servername | Set-ClientAccessServer -AutoDiscoverServiceInternalUri "https://autodiscover.$domain/Autodiscover/Autodiscover.xml"
Get-EcpVirtualDirectory -Server $servername | Set-EcpVirtualDirectory -ExternalUrl "https://$subdomain.$domain/ecp" -InternalUrl "https://$subdomain.$domain/ecp"
Get-WebServicesVirtualDirectory -Server $servername | Set-WebServicesVirtualDirectory -ExternalUrl "https://$subdomain.$domain/EWS/Exchange.asmx" -InternalUrl "https://$subdomain.$domain/EWS/Exchange.asmx"
Get-MapiVirtualDirectory -Server $servername | Set-MapiVirtualDirectory -ExternalUrl "https://$subdomain.$domain/mapi" -InternalUrl "https://$subdomain.$domain/mapi"
Get-ActiveSyncVirtualDirectory -Server $servername | Set-ActiveSyncVirtualDirectory -ExternalUrl "https://$subdomain.$domain/Microsoft-Server-ActiveSync" -InternalUrl "https://$subdomain.$domain/Microsoft-Server-ActiveSync"
Get-OabVirtualDirectory -Server $servername | Set-OabVirtualDirectory -ExternalUrl "https://$subdomain.$domain/OAB" -InternalUrl "https://$subdomain.$domain/OAB"
Get-OwaVirtualDirectory -Server $servername | Set-OwaVirtualDirectory -ExternalUrl "https://$subdomain.$domain/owa" -InternalUrl "https://$subdomain.$domain/owa"
Get-PowerShellVirtualDirectory -Server $servername | Set-PowerShellVirtualDirectory -ExternalUrl "https://$subdomain.$domain/powershell" -InternalUrl "https://$subdomain.$domain/powershell"
Get-OutlookAnywhere -Server $servername | Set-OutlookAnywhere -ExternalHostname "$subdomain.$domain" -InternalHostname "$subdomain.$domain" -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM

Run Exchange Management Shell as administrator. Next, change the path to the scripts folder and run the PowerShell script to configure the internal and external Exchange URLs.

PS C:\> cd c:\scripts
PS C:\scripts> .\Set-ExchangeURLs.ps1

That’s it!


You learned how to configure Internal and External URL in Exchange Server. Go through the services in the list and set the URL for each service. A faster way is to run the Set-ExchangeURLs.ps1 PowerShell script. Always verify that the URL is set correctly.

Did you enjoy this article? You may also like Recreate virtual directories in Exchange Server. Don’t forget to follow us and share this article.



ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

This Post Has 20 Comments

  1. Slightly off topic – Can we have two CAS roles in a single AD site both configured with different URLs, lets say and The idea is to use one of them dedicated to setup EX hybrid use.


      1. Will it be an issue if the use case is is not published and only is published to internet/EXO.

  2. Hello, thanks for the article, it is very helpful!

    I have a question regarding Internal and External URL and 3rd party wildcard cert. I have a issue with Security Alert every time I open Outlook.
    I get” The name on the security certificate is invalid or does not match the name of the site.”
    How I understand it’s all about those Internal and External URL, for example:
    Internal URL:

    External URL:
    I understand that wildcard covers only for *, not for *
    My question is, can I safely change this, for example in a way that I change Internal URL to, which will lead to internal dns name change to, or this will break the server itself, as this is how it’s configured during install ?

      1. I did, and it was a success.
        Yet, I still have some Microsoft Outlook popup, with autodiscover asking to allow the website to configure server settings, which points to old internal configuration.
        It states that this specific account was redirected to this website for settings.
        Is this thing related?

  3. Ali, your blogs are pretty good. I’ve been able to find many solutions from your blogs. Really appreciate that you are sharing. I have a question and I was hoping you could put me in the right direction. Exch2010 and Deployed Exch2016, following your instructions from your blog. However, when I create new test mailboxes, the profile gets created in Outlook Desktop client App, however they get disconnected and they would not reconnect to the Exch2016 Server. Any advise is greatly appreciated! Thank you in advance!

  4. hello

    i have question about the powershell part, on some recommandation, they dont set the powershell to the common name, but all other you mention.

    is something to check with the powershell url?
    or there are some cases you dont set them equal to LB url ?


  5. Hello Ali, thanks for the detailed article.
    I was searching through Autodiscover powershell commands, found out there are switches for externalUri as well.

    The result for “Get-ClientAccessService -Identity EX01-2016 | Format-List Identity, AutoDiscoverServiceExternalUri” would show as empty.
    Any thoughts on this?
    Thanks in advance

    1. There is no AutoDiscoverServiceExternalUri property in Exchange Server 2016/2019.

      Only the below properties are shown when you run the cmdlet “Get-ClientAccessService | fl”:

      – AutoDiscoverServiceCN
      – AutoDiscoverServiceClassName
      – AutoDiscoverServiceInternalUri
      – AutoDiscoverServiceGuid

  6. Thanks Ali, great article.

    You seem to ignore the “Exchange Back End” site. It usually binds to 81 and 444, where 444 binds to a certificate. It needs a valid certificate. You skipped it on purpose?

  7. Hi, thanks for the info. i have a question… what if i delete the exthernal URL from Virtual Directory in ECP?? I need to restrict OWA access Only Outside my Organizacion.

  8. Hello,

    Thanks for your great article it’s very helpfulness for me.

    I have question ; could we use different urls for owa as such
    And to create A-record for this new FQDN

Leave a Reply

Your email address will not be published. Required fields are marked *