Exchange 2013 Autodiscover priority set

In the environment four exchange server 2013. two in the server firm zone and another two is in the DMZ zone. In AD two autodiscover record are in server firm. no pointing for DMZ zone server. but in outlook by default audiscover connect to dmz zone server.
but i want to change the autodiscover priority. how can i configure that outlook autodiscover request not go to the dmz zone server. 
Please suggest.

Hi ,
In addition to the david's suggestions ,please have a look in to the below points .
From you description i came to know you are having mbx and cas roles installed on four boxes.
Let me give you my suggestions .
whenever you install an client access server there will be an scp record created automatically for each servers in active directory.So in you case there will be four scp records .
please set the autodiscover internal uri for all the four cas servers like below and at the same time you should have to have the autodiscover name in san certificate .
https://autodiscover.yourdomain.local/Autodiscover/Autodiscover.xml
Go to dns in active directory .There you can find a zone name called yourdomain.local .
On that you should have to create a host A record for autodiscover like below 
autodiscover.yourdomain.local - cas server 1 ip address (i.e. the server in lan network )
autodiscover.yourdomain.local - cas server 2 ip address (i.e. the server in lan network )
Don't create a host A record for server3 and server 4 which is in dmz network .
So when ever a client query for an autodiscover service it will get resolved in to two ip address (i.e server 1 & server 2 ) .Finally there would be no chance for the client to communicate the cas servers in DMZ zone .
Note : In some cases you internal domain and external domain will not be same .For that you should have to use the split dns .
Say for instance you internal domain would be domain.local and you external domain would be domain.com
On such cases you should have to create a new zone for domain.com .On that create Host A record for autodicover service (i.e.only for the cas servers in lan network)
Same time please clear me why you have placed two of your exchange server in dmz zone ?
Please reply me if you have any queries .
Regards
S.Nithyanandham
Thanks S.Nithyanandham

Similar Messages

  • Exchange 2013 autodiscover not working from Externally

    Hi 
    i have exchange 2010 sp3(2Mb, 2hub/cas). I installed exchange 2013 servers(2MB, 2CAS). For coexistence i generated new certifcate with new cas from third party. I installed that certificate in that cas and assigned all services. i changed all my virtual
    directories service url. I didnt import the new certificate to exchange 2010 cas server and i didnt change url to legacy link.But still iam able to check exchange 2010 user mailbox owa, activesync and autodiscover without any certificate error. 
    If i try to browse owa, its going to 2013 server, if user is exchange 2010 user and its redirecting to exchange 2010 owa with same link.
    But i dont know how above things is working without importing to new certificate...
    Main problem is i am not able to configure exchange 2013 users outlookanywhere, Autodiscover from externally...
    So in tmg i pointed the outlook anywhere ip address new cas server, now both exchange 2010 and exchange 2013 users while OA from external, its keep on asking password... Not accepting it...
    Please help me to fix this issue..

    Hi ,
    On TMG please have the outlook anywhere rule like below and check the status.
    Step
    1 :
    On the TMG rule - >authentication delegation ---> select the option "no delegation users can authenticate directly"
    Step
    2 :
    on the users tab in the TMG rule - just add "all users" group on that rule.
    By having the above settings we have avoided the issues in your environment.
    Note : Based on the above setting's , Each and everyone in exchange will have a access to the outlook anywhere from external world , because there would not be having any restriction on the TMG rules.
    Please have a look in to the below link , it will give you some ideas which is related to TMG
    http://blogs.technet.com/b/exchange/archive/2012/11/21/publishing-exchange-server-2013-using-tmg.aspx
    Thanks & Regards S.Nithyanandham

  • Exchange 2013 Autodiscover Android IOS not working

    Hello,
    I configured exchange 2013 in my organization. Android, thunderbird and IOS not working with autodiscover.
    Windows Phone example Lumia worked with autodiscover correctly.
    All needed DNS entry and certificate are uploaded to Exchange.
    Test on https://testconnectivity.microsoft.com/  ended successfuly.
    Can Android and IOS supported autodiscover.
    BR/Lukas

    Yes i try  https://fqdn/Microsoft-Server-ActiveSync instead
    I have White page nothing else.
    IOS, Android work after manualy configured.   Windows Phone work with autodiscover wonderfully
    Ok we added public IP address to our CAS Server. Now from Internet i can login to /OWA or /ECP.
    What next to do? Change autodiscover.domain.com Record A to point NAT IP address CAS server?
    BR/Lukas

  • Exchange 2013 OWA: Cannot set auto reply in shared mailbox

    We use Exchange 2013 and Outlook 2010. We have 3 users tha connect to a shared mailbox. We would like to have an auto-reply on this mailbox but cannot set it with the OWA. We get the following error:
    Client Information
    User Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.3; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; InfoPath.3)
    CPU Class: x86
    Platform: Win32
    System Language: nl-NL
    User Language: nl-NL
    CookieEnabled: true
    Exception Details
    Date: Fri Jul 11 11:31:40 UTC+0200 2014
    Message: Kan de eigenschap _events van een niet-gedefinieerde verwijzing of een verwijzing naar een lege waarde niet ophalen
    Url:
    https://owa.'domainname'.nl/ecp/15.0.712.22/scripts/microsoftajax.js
    Line: 5
    Call Stack
    Dump Event
     errorMessage = Kan de eigenschap _events van een niet-gedefinieerde verwijzing of een verwijzing naar een lege waarde niet ophalen
     errorUrl =
    https://owa.'domainname'.nl/ecp/15.0.712.22/scripts/microsoftajax.js
     errorLine = 5
     errorCharacter = 57312
     errorCode = 0
     actionURL =
     altKey = false
     altLeft = false
     behaviorCookie = 0
     behaviorPart = 0
     bookmarks = null
     boundElements = [object HTMLCollection]
     button = 0
     buttonID = 0
     cancelBubble = false
     clientX = 1187
     clientY = 72
     contentOverflow = false
     ctrlKey = false
     ctrlLeft = false
     data =
     dataFld =
     dataTransfer = null
     fromElement = null
     keyCode = 0
     nextPage =
     offsetX = 0
     offsetY = 0
     origin =
     propertyName =
     qualifier =
     reason = 0
     recordset = null
     repeat = false
     returnValue = true
     screenX = 2373
     screenY = 343
     shiftKey = false
     shiftLeft = false
     source = null
     srcElement = null
     srcFilter = null
     srcUrn =
     toElement = null
     type = error
     url =
     wheelDelta = 0
     x = 0
     y = 0
     getAttribute =
    function getAttribute() {
        [native code]
     removeAttribute =
    function removeAttribute() {
        [native code]
     setAttribute =
    function setAttribute() {
        [native code]
    Detailed Call Stack

    Hi,
    Error information is quite important. In order to solve your issue effectively, please take your time to describe the error in English for my research.
    Best regards,
    Amy Wang
    TechNet Community Support

  • Exchange 2013: how to set up multiple domain for OWA and ECP

    Exchange 2013 on Windows 2012R2
    Currently we have set this up using the guide below:
    http://mouzzamh.wordpress.com/2013/02/04/accessing-owa-from-multiple-domain-url/
    We can access OWA and ECP using the internal IP address/owa or ECP but when we use the URL it fails.
    We gave it an external IP address as well just to check if it will externally since the external DNS are pointing to the correct records: same issue it only works on IP address/owa or /ecp
    We were able to follow the guide from start to finish including the certs..
    The only difference on the guide and our exchange IIS environment for the new website is when he mentioned "Under IIS Settings / ISAPI and CGI Restrictions" we only have "ISAPI filters"...." ISAPI and CGI Restrictions" is only
    applicable to the default and backend website..
    Also, when the guide points to the path, should it be the new website path?
    Or maybe to avoid confusion, can anyone guide me on how to do it or any other guide that helped you if ever you had the same issue as mine?
    Thanks.

    Hi,
    Please run the following to check your OWA virtual directories for all web sites:
    Get-OWAVirtualDirectory | FL Identity,*URL*,path
    Personal suggestion, please consider to deploy another new CAS server. Then we can configure different OWA URLs in different servers. And pointed mail.domain.com and webmail.domain.com to two CAS servers respectively.
    Regards,
    Winnie Liang
    TechNet Community Support

  • Exchange 2013 autodiscover prompt

    Hi,
    Over the weekend i installed SP1 on our exchange 2013 DAG. Now users are getting an authentication prompt when opening outlook. This didn't happen prior to SP1.
    When testing email auto configuration in outlook it prompts for auth, typing in my creds it goes through ok.
    It looks like it getting a 401 
    I'm not sure what has changed but its very frustrating.
    Any Ideas?

    Please check the server settings on exchange... Update might change the the settings back to Basic. Roll back to NTLM to see what happens..
    UMESH DEUJA MCP,MCTS,MCSA,CCNA

  • Exchange 2013 autodiscover finds external & internal SSL certificate causing autodiscover to fail

    <p>Hi:</p><p>I'm currently working on a windows 2012 server, with exchange 2013, lets say our internal domain is "cars.com" and ALSO the case for&nbsp;our external domain. We have purchased an SSL wildcard positive certificate
    *.cars.com so that we could configure Outlook Anywhere, we have created the needed DNS records at godaddy and our internal server, OWA, ECP it all works if you go to&nbsp; <a href="https://bird.cars.com/owa">https://bird.cars.com/owa</a>
    because we have a DNS record for bird in godaddy and out local server, so all of that is working like a pro ! here comes the tricky part, our website is registered in godaddy but hosted by someone else a company called poetic systems; when we test the connection
    with the remote connectivity analyzer website we get a very peculiar error that says SSL certificate not valid, now it provides the name of the certificate it found and is not ours, we found that the hosting company is listening in port 443, therefore, it
    is pulling their self signed certificate also, does anyone have a fix for this, I have done this same setup before for other companies and this is the first time a situation like this happens. I REALLY NEED HELP !!!!!</p>

    Hi,
    According to your description, there is a certificate error when you test Outlook Anywhere connection by ExRCA.
    If I misunderstand your meaning, please feel free to let me know.
    And to understand more about the issue, I’d like to confirm the following information:
    What’s detail error page?
    Check the Outlook Anywhere configuration: get-outlookanywhere |fl
    Check the certificate : get-exchangecertificate |fl
    If you have any question, please feel free to let me know.
    Thanks,
    Angela Shi
    TechNet Community Support

  • Exchange 2013 Autodiscover and Webservices virtual directories with wrong address

    Hey people,
    I have 3 2013 Servers
    Server 1 CAS
    Server 2 & 3 MBX
    having a bit of trouble here - everything was working fine after migration (about 6months ago), and now mac users can't access e-mail.
     If I try to access EWS page (https://webmail.domain.co.ao/EWS/exchange.asmx) , i get
    Service
    You have created a service.
    To test this service, you will need to create a client and use it to call the service. You can do this using the svcutil.exe tool from the command line with the following syntax:
    svcutil.exe https://SERVER2.domain.int:444/EWS/Services.wsdl
    If I try to access the autodiscover webpage, i get
    <?xml version="1.0" encoding="UTF-8"?>
    -<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">-<Response>-<Error Id="1286627925" Time="17:58:59.7730521"><ErrorCode>600</ErrorCode><Message>Invalid Request</Message><DebugData/></Error></Response></Autodiscover>
    When testing outlook web services, i get the following error
    [PS] C:\Windows\system32>Test-OutlookWebServices
    Source ServiceEndpoint Scenario Result Latency
    (MS)
    SERVER2.domain.int webmail.domain.co.ao Autodiscover: Outlook Provider Failure 64
    SERVER2.domain.int Exchange Web Services Skipped 0
    SERVER2.domain.int Availability Service Skipped 0
    SERVER2.domain.int Offline Address Book Skipped 0
    if i run
    [PS] C:\Windows\system32>Get-AutodiscoverVirtualDirectory | fl
    Creating a new session for implicit remoting of "Get-AutodiscoverVirtualDirectory" command...
    RunspaceId : 9f23dad1-7806-42a6-8545-89b66847a359
    Name : Autodiscover (Default Web Site)
    InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
    ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated, WSSecurity, OAuth}
    LiveIdNegotiateAuthentication : False
    WSSecurityAuthentication : True
    LiveIdBasicAuthentication : False
    BasicAuthentication : True
    DigestAuthentication : False
    WindowsAuthentication : True
    OAuthAuthentication : True
    AdfsAuthentication : False
    MetabasePath : IIS://SERVER1.domain.int/W3SVC/1/ROOT/Autodiscover
    Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\Autodiscover
    ExtendedProtectionTokenChecking : None
    ExtendedProtectionFlags : {}
    ExtendedProtectionSPNList : {}
    AdminDisplayVersion : Version 15.0 (Build 775.38)
    Server : SERVER1
    InternalUrl : https://webmail.domain.co.ao/autodiscover/autodiscover.xml
    ExternalUrl : https://webmail.domain.co.ao/autodiscover/autodiscover.xml
    AdminDisplayName :
    ExchangeVersion : 0.10 (14.0.100.0)
    DistinguishedName : CN=Autodiscover (Default Web
    Site),CN=HTTP,CN=Protocols,CN=SERVER1A,CN=Servers,CN=Exchange Administrative
    Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=DOMAIN,CN=Microsoft
    Exchange,CN=Services,CN=Configuration,DC=domain,DC=int
    Identity : SERVERONE\Autodiscover (Default Web Site)
    Guid : fbed978f-7442-46ac-bb3c-53d9d7995507
    ObjectCategory : domain.int/Configuration/Schema/ms-Exch-Auto-Discover-Virtual-Directory
    ObjectClass : {top, msExchVirtualDirectory, msExchAutoDiscoverVirtualDirectory}
    WhenChanged : 12/19/2013 10:30:26 AM
    WhenCreated : 12/19/2013 10:30:26 AM
    WhenChangedUTC : 12/19/2013 9:30:26 AM
    WhenCreatedUTC : 12/19/2013 9:30:26 AM
    OrganizationId :
    OriginatingServer : DC2.domain.int
    IsValid : True
    ObjectState : Changed
    and run
    [PS] C:\Windows\system32>Get-WebServicesVirtualDirectory | fl
    RunspaceId : 9f23dad1-7806-42a6-8545-89b66847a359
    CertificateAuthentication :
    InternalNLBBypassUrl :
    GzipLevel : High
    MRSProxyEnabled : False
    Name : EWS (Default Web Site)
    InternalAuthenticationMethods : {Basic, Digest}
    ExternalAuthenticationMethods : {Basic, Digest}
    LiveIdNegotiateAuthentication :
    WSSecurityAuthentication : False
    LiveIdBasicAuthentication : False
    BasicAuthentication : True
    DigestAuthentication : True
    WindowsAuthentication : False
    OAuthAuthentication : False
    AdfsAuthentication : False
    MetabasePath : IIS://SERVER1.domain.int/W3SVC/1/ROOT/EWS
    Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\EWS
    ExtendedProtectionTokenChecking : None
    ExtendedProtectionFlags : {}
    ExtendedProtectionSPNList : {}
    AdminDisplayVersion : Version 15.0 (Build 775.38)
    Server : SERVER1
    InternalUrl : https://webmail.domain.co.ao/EWS/exchange.asmx
    ExternalUrl : https://webmail.domain.co.ao/EWS/exchange.asmx
    AdminDisplayName :
    ExchangeVersion : 0.10 (14.0.100.0)
    DistinguishedName : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=SERVRE1,CN=Servers,CN=Exchange
    Administrative Group (FYDIBOHF23SPDLT),CN=Administrative
    Groups,CN=DOMAINL,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domainl,DC=int
    Identity : SERVER1\EWS (Default Web Site)
    Guid : cbdd447b-54f8-4bba-9834-6c28b807711e
    ObjectCategory : domain.int/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
    ObjectClass : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
    WhenChanged : 12/19/2013 9:31:11 AM
    WhenCreated : 12/19/2013 9:31:11 AM
    WhenChangedUTC : 12/19/2013 8:31:11 AM
    WhenCreatedUTC : 12/19/2013 8:31:11 AM
    OrganizationId :
    OriginatingServer : DC2.domain.int
    IsValid : True
    ObjectState : Changed
    Summarizing:
    webmail.domain.co.ao maps to server1
    Autodiscover and exchange web services point out to server1 (CAS), but when openning the respective webpages, the result is an error.
    I have already deleted and recreated the autodiscover and EWS virtual directories but with no success.
    Help anyone?
    Many thanks,
    Andrey

    Hi Andrey,
    Exchange Web Service in Exchange server configuration is working for all users in your Exchange environment, not just for one specific user. If you want to double make sure the EWS service in client side, we can directly access the EWS URL in IE of your
    Windows machine, and see whether a proper XML file is returned. If so, then we can safely ignore the web service test result.
    As for automatic signature application, do you mean
    Add a signature automatically to every message? Please try to remove the signature and reset it again to check whether the issue persists.
    Thanks,
    Winnie Liang
    TechNet Community Support

  • Autodiscover after deploying Exchange 2013 CAS in a Exchange 2007 organization

    I am deploying Exchange 2013 CAS in a Exchange 2007 organization. Will all the clients be directed to the Exchange 2013 CAS servers for autodiscover. Will there be any issue with outlook clients connecting to their mailbox servers in Exchange 2007

    All clients should be pointed to the Exchange 2013 CAS for the autodiscover service. This means:
    A. For local clients
    You need to modify the autodiscover Internal URI on the Exchange 2007 server and point it to Exchange 2013. For example, if you are using split-brain DNS on the Local Network and mail.yourdomain.com is resolved to Exchange 2013 local IP, the Exchange 2007
    Autodiscover Internal URI should be "https://mail.yourdomain.com/Autodiscover/Autodiscover.xml" 
    Exactly the same way, you should modify the Exchange 2013 Autodiscover Internal URI and use the same address "https://mail.yourdomain.com/Autodiscover/Autodiscover.xml"
    B. For remote clients - all clients will hit the Exchange 2013 CAS first (ex. mail.yourdomain.com)
    If the user's mailbox is on Exchange 2007 server, the correct XML will be generated and provided, and the user will be proxied for Outlook Anywhere/ActiveSync and redirected for OWA/WebServices
    If the user's mailbox is on Exchange 2013 server, the correct XML will be generated and provided
    Bottom line - based on the location of the user's mailbox, Exchange 2013 will generate and provide the correct XML file (there is not proxying involved in providing the Autodiscover info).

  • Outlook Anywhere settings in a Exchange 2013 coexistence scenario with Exchange 2007

    I have exchange 2013 and 2007 set up in a coexist environment.  At the moment, the few mailboxes I am testing on Exchange 2013 are getting multiple pop ups in outlook and cannot connect to items like Public Folders on 2007.  I found an article
    that told me to change the authentication method from Negotiate to NTLM and that broke some of my Lync 2013 compatibility issues on users on exchange 2007 (ie conversation history and they got outlook integration errors.)  I would like someone to confirm
    if the change I am about to make from doing research will help me in my situation.
    Current Setup:
    Exchange 2007 OA CAS Settings
    ExternalClientAuthenticationMethod : Basic
    InternalClientAuthenticationMethod: NTLM
    IISAuthenticationMethods : {Basic, Ntlm}
    Exchange 2013 OA CAS Settings
    ExternalClientAuthenticationMethod : Negotiate
    InternalClientAuthenticationMethod: Negotiate
    IISAuthenticationMethods : {Basic, Ntlm, Negotiate}
    New Settings I am considering based on research:
    Exchange 2007 OA CAS Settings
    ExternalClientAuthenticationMethod : Basic
    InternalClientAuthenticationMethod: Basic
    IISAuthenticationMethods : {NTLM}
    Exchange 2013 OA CAS Settings
    ExternalClientAuthenticationMethod : Basic
    InternalClientAuthenticationMethod: Basic
    IISAuthenticationMethods : {Basic}
    Will this work and eliminate my popups?

    Hi,
    The following TechNet article indicates that:
    “In order to support access for Outlook Anywhere clients whose mailboxes are on legacy versions of Exchange, you will need to make some changes to your environment which are documented in the steps within the
    Exchange Deployment Assistant. Specifically,
    you will need to enable Outlook Anywhere on your legacy Client Access servers and enable NTLM in addition to basic authentication for the IIS Authentication Method.”
    Client Connectivity in an Exchange 2013 Coexistence Environment
    http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
    As for the Autodiscover service, please make sure the Autodiscover.domain.com is pointed to your Exchange 2013 in Internal and External DNS. For more detailed information about Exchange 2013 coexistence with Exchange 2007, please refer to:
    http://blogs.technet.com/b/meamcs/archive/2013/07/25/part-3-step-by-step-exchange-2007-to-2013-migration.aspx
    Regards,
    Winnie Liang
    TechNet Community Support

  • "The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook" in Exchange 2013

    In Exchange 2013, Outlook finds a new connection point made up of the user’s mailbox GUID + @ + the domain portion of the user’s primary SMTP address. This change makes
    it much less likely that users will see the dreaded message “Your administrator has made a change to your mailbox.”
    http://technet.microsoft.com/en-us/library/dd298114(v=exchg.150).aspx
    Although the error message in the topic has been already improved a lot in Exchange 2013, the users may still encounter them in some specific scenarios. We have collected them and let’s discuss them in this thread.
    Symptom
    =======================================
    Consider the following scenario:
    Exchange 2013 was installed for a migration from Exchange 2007/2010.
    The legacy Exchange server is removed after successful migration.
    Exchange 2013 may be updated to Exchange 2013 SP1.
    Some users were being randomly prompted with a popup in their outlook client with the following message when connecting with Exchange 2013 server:
    “The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook”
    Cause
    =======================================
    The issue may be caused due to Public Folders.
    The msExchHomePublicMDB attribute on Exchange 2013 databases was set to deleted legacy public folder object.
    Solution
    =======================================
    Removed the Public Folder from all the Exchange
    2013 Databases. To do it, we can use ADSIedit.msc and remove the arrtibute - msExchHomePublicMDB from all the Databases:
    1. Open ADSIEdit.
    2. Connect to the Configuration container.3.
    Expand Configuration, expand CN=Configuration,DC=Domain,DC=com.4. Expand CN=Services -> CN=Microsoft Exchange -> CN=Domain -> CN=Administrative Groups -> CN=Exchange
    Administrative Group -> CN=Databases.5. In the right hand pane you will see a list of databases.6.
    Right-click the listed database object -> Properties.7. Check whether the msExchHomePublicMDB value is set to an unavailable value. If you see reference to the old database,
    please clear the value.8. Click OK.9. Check the rest of the databases to make sure
    that they are not populated in the same way.
    References:
    https://social.technet.microsoft.com/Forums/en-US/2f736bdd-1c00-4a22-97a5-95faeadf1495/exchange-2013-sp1-users-randomly-prompted-with-the-microsoft-exchange-administrator-has-made-a?forum=exchange2010
    https://social.technet.microsoft.com/Forums/lync/en-US/7a7b3cf8-8761-421c-9d55-6c84e05531c0/the-administrator-has-made-a-change?forum=exchangesvrclients
    https://social.technet.microsoft.com/Forums/en-US/0d71c843-b662-493c-ab6e-30708929ef18/2013-sp1-problem-the-microsoft-exchange-administrator-has-made-a-change-that-requires-you-quit-and?forum=exchangesvrdeploy
    Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

    This one? http://support.microsoft.com/kb/2934750

  • Internal outlook client connectivity in exchange 2010 when coexist with exchange 2013

    Hi all ,
    on my side i would like to clarify few queries.
    Say for instance i am coexisting exchange 2010 with exchange 2013 .Unfortunately if all of my exchange 2013 servers goes down .
    Q1 .On that time will the internal outlook users having their mailboxes on exchange 2010 can be able to connect mailboxes without any issues ? In case if they face any issues what kind of issues will they be? Because why i am asking is we should have pointed
    the autodiscover service to exchange 2013 during coexistence.
    When an user closes and reopens the outlook after whole exchange 2013 environment failure ,outlook will first query the autodiscover service for the profile changes to get it updated on users outlook profile.In such case autodiscover service will not be
    reachable and i wanted to know will that affects the internal client connectivity for outlook users having their mailboxes on exchange 2010.
    Q2. Apart from outlook internal users connectivity ,what kind of exchange services(i.e owa,active sync,pop,external OA and imap) will get affected when whole exchange 2013 environment goes down during coexistence ?
    I have read the below mentioned statement on this awesome blog but still i wanted to clarify with you all on my scenario.
    http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx<o:p></o:p>
    Internal Outlook Connectivity
    For internal Outlook clients using RPC/TCP connectivity whose mailboxes exist on Exchange 2010, they will still connect to the Exchange 2010 RPC Client Access array endpoint.
    For internal Outlook clients using RPC/TCP connectivity whose mailboxes exist on Exchange 2007, they will still connect directly to the Exchange 2007 Mailbox server instance hosting the mailbox.
    Please share me your suggestions and that would help me a lot .
    Regards
    S.Nithyanandham

    Hi Winnie Liang ,
    Thanks a lot for your reply.
    Scenario  1 : for internal outlook connectivity 
    We have below settings for exchange 2010 autodiscover.
    mail.domain.com - will be the namespace for internal autodiscover URI for all the exchange 2010 cas serves
    We are going to have below settings for exchange 2013 autodiscover.
    mail.domain.com - will be the namespace for internal autodiscover URI for all the exchange 2013 cas serves
    During coexistence mail.domain.com will be pointed to exchange 2013 cas servers . I mean to say if we try to resolve the mail.domain.com it will get resolved in to the exchange 2013 cas servers.
    So on such case if anything happened wrong to the new environment or else if entire environment goes down .Do we face any issues while outlook users connect to existing mailboxes in exchange 2010 ?
    Because why i am asking is ,on the below mentioned article i have read all the autodiscover request will go via exchange 2013 cas servers during coexistence.That means all the existing mailboxes in exchange 2010 will also have to query exchange 2013 cas
    servers for autodiscover request.During the whole exchange 2013 environemnt failure whenever the user tries to close and open outlook .Outlook will first queries the autodiscover service for any changes happened on that particular mailbox and it will try to
    get it updated on user profile.
    http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
    Would it be possible to make the exchange 2010 mailbox users to query only the scp points which belongs to the exchange 2010 cas servers for autodiscover request ?
    Scenario 2: For exchange services
    mail.domain.com - will be the namespace for all the exchange 2010 services (i.e owa,activesync,external outlook anywhere,pop,imap)
    mail.domain.com - will be the namespace for all the exchange 2013 services (i.e owa,activesync,external outlook anywhere,pop,imap)
    What about the above services will it get affected during whole exchange 2013 environment failure ?
    Note : We are not facing this issue , i hope everything goes well in my environment while doing coexistence i am just asking this question on my own interest?
    Regards
    S.Nithyanandham
    Thanks S.Nithyanandham

  • Best practices for buying a digital certificate for Exchange 2013

    Good dayfriends,
    Could you indicateme which are the bestpractices when buying
    a public digital certificatefor use onExchangeServer 2013.
    I'd be interested in knowing your opinion about
    using wildcardor SAN certificates.
    Likewise what are the best recommendations
    to include names and why they should or
    should not include the internal FQDN
    of my servers.
    Currently I have an infrastructure that has two
    MailBox servers,two CAS servers and an EDGE
    2010 server, but I'm planning update it to Exchange 2013.
    I searched what are the best
    practices according to Microsoft but
    have found little information.
    I would appreciate
    if you can post links like
    Microsoft KBs and other technical documents that
    discuss the above mentioned.
    Thanking your
    invaluable support.
    Greetings.

    Hi,
    Personal suggestion, we can use two namespaces for your Exchange 2013:
    Autodiscover.domain.com (Used for autodiscover service)
    Mail.domain.com (used for all Exchange services external and internal URLs)
    Please pointed mail.domain.com and autodiscover.domain.com to your internet facing CAS 2013.
    For more information about Digital Certificates and SSL in Exchange 2013, please refer to the
    Digital Certificates Best Practices part in the following technet article:
    http://technet.microsoft.com/en-us/library/dd351044%28v=exchg.141%29.aspx?lc=1033
    Additionally, here are some other scenarios about certificate planning in Exchange 2013:
    http://blogs.technet.com/b/exchange/archive/2014/03/19/certificate-planning-in-exchange-2013.aspx
    Regards,
    Winnie Liang
    TechNet Community Support

  • Exchange 2013 user cann't access exchange 2013 public folder

    Hi, during the coexistence exchange 2007 and exchange 2013, outlook is unable to access public folder of exchange 2007 from exchange 2013, I've install CU2 for exchange 2013 and also set authentication to Ntlm, but also failed. please help to look into this
    problem, thanks.
    belows are information about outlook anywhere in our exchange.
    exchange 2007:(primary site)shmail04,shmail05,shmail06; (DR site)drpmail05,drpmail06
    exchange 2013:(primary site)shcas01,shcas02; (DR site)wxcas01
    Identity                           : SHCAS01\Rpc (Default Web Site)
    InternalHostname                   : infor.tdw.com
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : True
    ExternalHostname                   : infor.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}
    Identity                           : SHCAS02\Rpc (Default Web Site)
    InternalHostname                   : infor.tdw.com
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : True
    ExternalHostname                   : infor.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}
    Identity                           : WXCAS01\Rpc (Default Web Site)
    InternalHostname                   : infor.tdw.com
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : True
    ExternalHostname                   : infor.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}
    Identity                           : SHMAIL04\Rpc (Default Web Site)
    InternalHostname                   :
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : False
    ExternalHostname                   : legacy.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}
    Identity                           : SHMAIL05\Rpc (Default Web Site)
    InternalHostname                   :
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : False
    ExternalHostname                   : legacy.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}
    Identity                           : SHMAIL06\Rpc (Default Web Site)
    InternalHostname                   :
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : False
    ExternalHostname                   : legacy.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}
    Identity                           : DRPMAIL05\Rpc (Default Web Site)
    InternalHostname                   :
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : False
    ExternalHostname                   : legacy.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}
    Identity                           : DRPMAIL06\Rpc (Default Web Site)
    InternalHostname                   :
    InternalClientAuthenticationMethod : Ntlm
    InternalClientsRequireSsl          : False
    ExternalHostname                   : legacy.tdw.com
    ExternalClientAuthenticationMethod : Ntlm
    ExternalClientsRequireSsl          : True
    IISAuthenticationMethods           : {Ntlm}

    Hi,
    I have found an article said that we need to set the external host name the same. See more details in the following link:
    http://blogs.technet.com/b/mspfe/archive/2013/10/21/upgrading-to-on-premises-exchange-server-2013.aspx
    To allow your Exchange 2013 Client Access server to redirect connections to your Exchange 2007 servers, you must enable and configure
    Outlook Anywhere on all of the Exchange 2007 servers in your organization. If some Exchange 2007 servers in your organization are already configured to use Outlook Anywhere, their configuration must also be updated to support Exchange 2013.
    The following configuration is set on each Exchange 2007 server:
    The Outlook Anywhere external URL is set to the external hostname of the Exchange 2013 server.
    Sent By
    Silver

  • Exchange 2013 SPAM filter- can wildcards be used for partial word matching?

    We have migrated to Exchange 2013 and have set up the Anti-Spam and Anti-Malware features.  One thing I am trying to figure out is how to setup a wildcard filter for partial words.  For example, I have Viagra listed but it doesn't catch something
    like USviagra.  How would I set a filter for catching anything that ahs the word Viagra buried in it?
    Thanks.

    I have also seem a large increase in spam since upgrading to Exchange 2013.The malware engines are enabled and content filtering is turned on but everyone is getting about 20 emails a day from the Pfizer eStore. ForeFront used to block it all.
    Also images are blocked in standard emails but in these Viagra emails the images all show!
    The title is always a bit different too and it is spelt with extra i's. Surely this shouldn't be too much and defeat the content filter!
    Robin
    Robin Wilson

Maybe you are looking for