How to Setup RDS custom property when internal and external domain name space is different

Hi All
I am setting up RDS for customer
My internal domain name is domain.local and my external domain is domain.com
I came across below PowerShell cmdlets on some blogs because my internal and external name space are different
Set-RDSessionCollectionConfiguration –CollectionName QuickSessionCollection -CustomRdpProperty “use redirection server name:i:1 `n alternate full address:s:remote.domain.com”
In above command, remote.domain.com points to which host?
Is it pointing to RD Session Broker
OR
Pointing to RD Session Host servers
I am not sure what above command will do exactly ?
Any help will be highly appreciated
Thanks Best Regards Mahesh

Hi,
It all depends who is accessing the RDS Solution.
If you have a large BYOD or large number of external users, it would be better to use a public certificate.
Have a look at the following script which will simplyfy the configuration of the RDSH hosts with certificates.
http://ryanmangansitblog.com/2014/05/20/rds-2012-rdsh-certificate-deployment-script/
You can use a custom RDP property to hide the Session host names.
Have a look at the following article on configuring certificates:
http://ryanmangansitblog.com/2013/03/10/configuring-rds-2012-certificates-and-sso/
Ryan Mangan | Ryanmangansitblog.wordpress.com | Help keep the forums tidy, if this has helped please mark it as an answer

Similar Messages

  • Same internal and external domain names - AGAIN!

    Hi all-
    Like many of you, I am confronting the problem of having the same FQDN for both my Active Directory domain and Internet domain.  For the sake of discussion, let's call the domain rlh.com.
    I need to access an externally-hosted website on the rlh.com domain.  The site is coded exclusively to use rlh.com and NOT
    www.rlh.com.  Therefore, the old trick of adding a static www A record on my internal DNS server will not work.
    It looks like another option is to install IIS on my DC and then configure some type of forwarding to the external site.  While this might work, frankly, I don't want IIS on my DC.  It's a DC, not a web server.
    Yet a third option, correct me if I'm wrong, looks to be using some type of "split DNS."  Though I have not read the particulars (yet) of this solution, I am suspicious of it causing DNS inefficiencies.
    All of these solutions look to me to be workarounds.  I am preparing to install a new DC (upgrading from 2003 to 2008 R2) and want to FIX the problem, not work around it.  That said, it looks like I have two options:
    1.  Rename my existing 2003 AD domain using rendom
    2.  Install the new 2008 R2 DC with the new domain name, setup domain trust between the old and new domains, and then use ADMT.
    Can someone please comment on my logic here?  Does anyone have experience with both of the two options?  Is one less painful than the other?
    As I preparatory step, I have migrated from my onsite Exchange 2003 server to Office 365.  Exchange is no longer present in my organization, though some slight "remnants" may remain in Active Directory.  Other than Exchange, I have a
    Hyper-V host, 2 SQL Servers, and 3 RDS servers present in my environment.
    Thanks.

    I realized this was answered, but I would like to add the following comprehensive blog on this subject.
    Can't Access Website with Same Name (Split Zone or no Split Brain)
    Published by Ace Fekay, MCT, MVP DS on Sep 4, 2009 at 12:11 AM  1278  0
    Note - In an AD same name as the external name (split zone) scenario, if you don't want to use WWW in front of URL, such as to access it by
    http://domain.com, then scroll down to "So you don't want to use WWW in front of the domain name"
    http://blogs.msmvps.com/acefekay/2009/09/03/split-zone-or-no-split-zone-can-t-access-internal-website-with-external-name/
    Ace Fekay
    MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

  • CRM2015 IFD Internal and External Domains

    I am trying to setup CRM2015 with IFD. My internal domain is xr.local and external domain name is somethingelse.com. When going through the directions and searching through the forums I see similar questions regarding with no real information on the possibility.
    Am I able to set this up to support 2 different domains and where might I find some guidance to do so?
    Thanks...
    GY

    Hi David,
    Yes. the above setup should "do the trick" as the servers you put with blank DNS entry should be excluded in the NRPT table.
    You can confirm this by running at the client: netsh name show polocy
    at command line and see something like:
    Settings for da.domain.com
    Certification authority                 :
    DNSSEC (Validation)                     : disabled
    DNSSEC (IPsec)                          : disabled
    DirectAccess (DNS Servers)              :
    DirectAccess (IPsec)                    : disabled
    DirectAccess (Proxy Settings)           : Use default browser settings
    Settings for .domain.com
    Certification authority                 :
    DNSSEC (Validation)                     : disabled
    DNSSEC (IPsec)                          : disabled
    DirectAccess (DNS Servers)              : 1234:1234:1234:3333::1
    DirectAccess (IPsec)                    : disabled
    DirectAccess (Proxy Settings)           : Bypass proxy
    So in this scenario the .domain.com is using the DA while the specific entry (da.domain.com) is set as exclude and have emptry DNS ...
    Hope this helps,
    Ophir.

  • Lync Implementation with different internal and external domain sync

    Hello Experts,
    Having Windows 2012r2 with Lync 2013 frontend and Edge 2012 server on Win2012. Internal domain name is test.local and Internet domain name is : tgroup.com. Internally all the clients are able to sync with frontend
    server using [email protected] or [email protected] Internal CA and External Digicert works fine. But only problem is with external clients who want to communicate through edge server. 
    Edge server has 3 LAN ip address (nat with public IP), 10.10.10.2, 10.10.10.3, 10.10.10.4 and another Internal network interface which has ip 10.10.20.3
    which uses that to communicate with front-end. 
    How to achieve this ?  We dont have reverse proxy configured and we have only two servers. 
    Regards, Ganesh, MCTS, MCP, ITILV2 This posting is provided with no warranties and confers no rights. Please remember to click Mark as Answer and Vote as Helpful on posts that help you. This can be beneficial to other community members reading the thread.

    The reverse proxy is used to publish URL's like the meet and dialin url, the address book url and the lync mobile client (smart phones and tablets) urls. This doesn't impact the external desktop user access as thats via the edge server. There is more to
    it than that but for the sake of keeping this simple lets stick to that for now.
    As far as SIP domains go. Think of your Lync users as having a SIP address similar to email addresses. You wouldn't have a user with an internal email address but with a different external email address. In fact best practice is to have the Lync SIP address
    match the email address.
    My reccomendation is to use the ttgoup.com as a sip domain and not the test.local
    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
    Lync Sorted blog

  • Exchange 2013 DNS for internal and external domain

    Hi All,
    I have been assigned a task to implement Microsoft Exchange Server 2013. I need some help in setting up DNS namespaces and design a strategy to have same internal and external names. Let me share some details here.
    We have an Active Directory domain myinternaldomain.net, and we have a public domain
    mypublicdomain.com and we have setup email policy to have
    mypublicdomain.com as the SMTP domain for all the users. We have created another DNS zone in Active directory integrated DNS and created a records for
    mail.mypublicdomain.com and autodiscover.mypublicdomain.com which will point to CAS NLB IP. We have 2 CAS servers and 2 MBX servers, we have configured DAG for MBX High availability and planning to implement WNLB for CAS as
    hardware LB is out of scope due to budget constrains.
    We want to have same URLs for OWA, Autodiscover, ECP and other services from internal network as well as from public network. Users should not be bothered to remember two URLs, using one from internal and other from public networks. I also want to confirm
    that with this setup in place do i need to have myinternaldomain.net and server names in SAN certificate?
    Thanks

    Hi Sccmnb,
    You can easily achieve this using split DNS.
    Internal DNS hostname "mail.mypublicdomain.com" will be pointing to your internal CAS NLB IP and the external public DNS hostname"mail.mypublicdomain.com" will be pointing to the Network device or
    Reverse proxy server IP.
    Depending upon users access location(internal\external) the IPs would vary and they should be able to access the website with same name.
    The names that you would require on the certificate(Use EAC or powershell to raise the request) for client connectivity would be
    SN= mail.mypublicdomain.com
    SAN= autodiscover.mypublicdomain.com
    You don't need to have the active directory domain name present in the certificate.
    Additional  to this you need to update the AutodiscoverURI for all servers and OWA,ECP,Autodiscover Virtual Directories InternalURL and ExternalURL fields with appropiate public names.
    Some additional Info:
    *Internal vs. External Namespaces
    Since the release of Exchange 2007, the recommendation is to deploy a split-brain DNS infrastructure for the Internet-based client namespaces. A split-brain DNS infrastructure enables different IP addresses to be returned for a given namespace
    based on where the client resides – if the client is within the internal network, the IP address of the internal load balancer is returned; if the client is external, the IP address of the external gateway/firewall is returned.
    This approach simplifies the end-user experience – users only have to know a single namespace (e.g., mail.contoso.com) to access their data, regardless of where they are connecting. A split-brain DNS infrastructure, also simplifies the configuration of Client
    Access server virtual directories, as the InternalURL and ExternalURL values within the environment can be the same value.
    *Managing Certificates in Exchange Server 2013 (Part 2)
    *Nice step by step article
    Designing a simple namespace for Exchange 2013
    Regards,
    Satyajit
    Please“Vote As Helpful”
    if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

  • HT204053 How to setup multiple Apple devices sharing Icloud and app store but still have different apple id for each?

    Our family now has 7 devices, Ipad, Ipad mini, itouch. I am not sure if I am setting them up correctly to share Icloud and app's but to each have there own device name and apple id for mail, messageing and facetime.

    Thekidiuse2b wrote:
    Our family now has 7 devices, Ipad, Ipad mini, itouch. I am not sure if I am setting them up correctly to share Icloud and app's but to each have there own device name and apple id for mail, messageing and facetime.
    As randers4 says, use separate AppleIDs for iCloud and iMessage accounts.  You cannot "share iCloud" and have separate mail, messaging and facetime.  To get those, you need to use separate AppleIDs to each create your own iCloud account and your own iMessage account.
    You can share apps and other purchased content by having a common AppleID used in the iTunes and App store.

  • Internal and external domain problem

    Host: oserver. sbsrv. local (internal address)
    Version: 10.1.2.0.2
    Installation Type: Portal and Wireless
    I have installed the oracle portal and works well in the internal network.
    The problem:
    When I try to access from public domain (www.mycompany.com) i get the welcome page from application server (fine) ,but if I press the link (log on to Oracle Application Server Portal) it redirects me to the internal address (http://oserver.sbsrv.local/portal/page?_pageid=0,1&_dad=portal&_schema=PORTAL)
    I edit httpd.conf (Apache) and i change the line from ServerName oserver.sbsrv.local to ServerName www.mycompany.com and i get something like, that : ??????: ??? ???? ?????? ? ???? ????????????? ??????? ??? ?? ???? ??????
    Question:
    How can I map the internal domain: oserver. sbsrv. local (IP 192.168. xx. xx) with public domain www. mycompany. com (IP 62. x. x. x) ?
    thanks.
    Message was edited by:
    user543368

    I did this 3 or 4 years ago and set up the Web-Cache to act as a reverse proxy. There is a paper on Metalink that explains how to set it up but I do not have the Doc ID.
    Also check out the White Paper that illustrates a different method. "Expose your Intranet Portal to the
    Outside World in a Secured Manner
    (aka. A Secured Inside/Outside Portal)" see http://www.oracle.com/technology/products/ias/portal/pdf/admin_security_1014_secured_inside_outside.pdf
    BG...

  • Using internal and external host names

    I am trying to configure portal to work with machines in the internal network and outside world. Is there a way to do it?
    Dolf-Jan
    null

    Dolf-Jan,
    To add additional aliases that the portal and login server will recognize, add the new alias as a new Partner Application on the login server, and then use the 3 parameters that it generates (site id, site token, encryption key) - to invoke the ssodatax script, located in the ORACLE_HOME/portal30/admin/plsql directory (if you're using the Early Adopter Release, replace "portal30" with "webdb30"). ssodatax is used to add multiple aliases on the portal side. Another script, ssodatan, is used to add a single alias for a new installation:
    ssodatan = sso data for New installation
    ssodatax = sso data for eXisting installation
    Run ssodatax with no parameters to see the calling syntax.
    To administer the login server, click on "Login Server Administration" under the "Administer" tab of the Portal administrator's home page.
    You will also need to configure the apache listener properties ServerName and NameVirtualHost for both hostnames.
    Regards,
    Jerry

  • Setup internal and external DNS namespaces best practice

    Is external name space (e.g. companydomain.com) and internal name space (e.g. corp.companydomain.com or companydomain.local) able to run on the same DNS server (using Microsoft Windows DNS servers)?
    MS said it is highly recommended to use a subdomain to handle internal name space - say corp.companydomain.com if the external namespace is companydomain.com.  How shall this be setup?  Shall I create my ADDS domain as corp.companydomain.com directly
    or companydomain.com then create a subdomain corp?
    Thanks in advanced.
    William Lee
    Honf Kong

    Is external name space (e.g. companydomain.com) and internal name space (e.g. corp.companydomain.com or companydomain.local)
    able to run on the same DNS server (using Microsoft Windows DNS servers)?
    Yes, it is technically feasible. You can have both of them running on the same DNS server(s). Just only your public DNS zone can be published for external resolution.
    MS said it is highly recommended to use a subdomain to handle internal name space - say corp.companydomain.com
    if the external namespace is companydomain.com.  How shall this be setup?  Shall I create my ADDS domain as corp.companydomain.com directly or companydomain.com then create a subdomain corp?
    What is recommended is to avoid having a split-DNS setup (You internal and external DNS names are the same). This is because it introduces extra complexity and confusion when managing it.
    My own recommendation is to use .local for internal zone and .com for external one.
    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Get Active Directory User Last Logon
    Create an Active Directory test domain similar to the production one
    Management of test accounts in an Active Directory production domain - Part I
    Management of test accounts in an Active Directory production domain - Part II
    Management of test accounts in an Active Directory production domain - Part III
    Reset Active Directory user password

  • Same usernames, internal vs. external domains, conflict when usingWebAccess

    Currently running GW 8.0.2hp2 on NetWare 6.5sp8.
    We have a single domain and single post office, and a single WebAccess
    and single GWIA gateway. We about 25 external domains setup to allow
    using external users' e-mail addresses our in internal corporate address
    books and distribution lists following the procedure outlined here:
    http://www.novell.com/documentation/...a/a2zvyc4.html
    The problem is that one of my internal users in our corporate domain/PO
    has the same userid as a user in one of the external domain/PO's. So,
    for example, their e-mail addresses are:
    [email protected]
    [email protected]
    Everything works except that my internal user cannot use GW WebAccess.
    Trying to login to WebAccess results in the following error:
    "Please login again. You may have typed your name or password
    incorrectly. Remember that your user name must be unique."
    If I either change my internal user's GroupWise userid, or if I delete
    or rename the external user's userid, then my internal user can login
    into WebAccess without a problem. So this does appear to be due to
    non-unique username's. The WebAccess is seeing the internal and
    external user names, and not allowing my internal user to login.
    Is there a work around for this since the users are in separate domains
    and PO's, or do I need to just rename my internal user's account? I
    have no control over the external user's e-mail address, so I can't
    rename their userid.
    Is there a way to keep the "default WebAcess" gateway from looking at
    external domain's for user account authentication? I have tried setting
    up a class of service in the WebAccess gateway to deny access to the
    external domain, and that hasn't worked either.
    Thanks,
    -Greg
    former e-mail for posting:
    [email protected]

    I knew I should have looked a little longer.
    http://www.novell.com/support/kb/doc.php?id=7006447
    Thanks,
    -Greg
    On 1/7/2013 12:38 PM, Greg N. wrote:
    > Currently running GW 8.0.2hp2 on NetWare 6.5sp8.
    >
    > We have a single domain and single post office, and a single WebAccess
    > and single GWIA gateway. We about 25 external domains setup to allow
    > using external users' e-mail addresses our in internal corporate address
    > books and distribution lists following the procedure outlined here:
    >
    > http://www.novell.com/documentation/...a/a2zvyc4.html
    >
    >
    > The problem is that one of my internal users in our corporate domain/PO
    > has the same userid as a user in one of the external domain/PO's. So,
    > for example, their e-mail addresses are:
    >
    > [email protected]
    > [email protected]
    >
    > Everything works except that my internal user cannot use GW WebAccess.
    > Trying to login to WebAccess results in the following error:
    >
    > "Please login again. You may have typed your name or password
    > incorrectly. Remember that your user name must be unique."
    >
    > If I either change my internal user's GroupWise userid, or if I delete
    > or rename the external user's userid, then my internal user can login
    > into WebAccess without a problem. So this does appear to be due to
    > non-unique username's. The WebAccess is seeing the internal and
    > external user names, and not allowing my internal user to login.
    >
    > Is there a work around for this since the users are in separate domains
    > and PO's, or do I need to just rename my internal user's account? I
    > have no control over the external user's e-mail address, so I can't
    > rename their userid.
    >
    > Is there a way to keep the "default WebAcess" gateway from looking at
    > external domain's for user account authentication? I have tried setting
    > up a class of service in the WebAccess gateway to deny access to the
    > external domain, and that hasn't worked either.
    >
    > Thanks,
    > -Greg
    >
    former e-mail for posting:
    [email protected]

  • How to Make my Macbook Pro's internal HDD external, when I get a SSD?

    Hey, I know there are other posts on what enclosure you can use and if it's a possibility, but I haven't seen any that tell me how I get OS X on the SSD without a disc? Can I download the installer on a flash drive somehow? Also, I am wondering if this really is a good idea, using my Macbook Pro's HDD for a backup HDD, instead of buying one? I have no use for it anyway, if and when I get a new SSD. BTW, the HDD is the upgraded factory 500gb 7200rpm. Also, do you think it's smarter to have a bigger backup drive than internal drive? In other words, I would like to get a 1TB Samsung 850 Pro SSD, and my current HDD is only 500GB.... I am a musician and need a lot of storage for musical purposes. I use Final Cut Pro, Logic Pro X, Ableton Live 9, Office, and Photoshop.... My Macbook Pro is a Late 2011 Macbook Pro 15.4' 2.2ghz quad core i7 8gb RAM. Oh yeah and a mother thing is, I think I should get an enclosure that has a thunderbolt port with usb, what are your thoughts?

    How to Make my Macbook Pro's internal HDD external, when I get a SSD?
    Get an externel enclosure at the same time.
    You can order from OWC
    http://eshop.macsales.com/shop/hard-drives/2.5-Notebook/
    Put the SSD in the externel enclosure and use something like Carbon Copy Cloner,  to clone the internal drive and all it content to the SSD.  Then swap them out.
    Always good to have more than one backup.

  • Single URL for internal and external CRM access when using IFD

    Hello,
    At one of our client site I have setup IFD on CRM 2011. This IFD is behind TMG. My client is a big corporation therefore all CRM components including CRM, ADFS and SQL are on separate servers.
    I have configured IFD using single url https://orgname.contoso.com Their IT staff wants to know why can't they use single URL for internal and external access where internal users are nto prompted for authentication
    when logging on to the CRM server. I know you can do URL re-write in ADFS but they want to know the reason "why internal users can't use the same IFD URL and don't get prompted for their credentials". Text below is from their IT staff.

    There are several approaches to your question.  You need to set up both an internal and an external relying party trust. If you use the external URL, it will always direct you to the signin page, if you use the internal URL, it will resolve you single
    sign on.
    I've configured IFD for CRM multiple times, and this is how it works. CRM looks at the URL. If you use the external URL (org.domain.com), it will prompt for credentials. So what you are asking for, a single URL that works single sign on internally and prompts
    externally really isn't possible.
    What I recommend is:
    1. make the external URL available internally
    2. Configure all outlook clients against the external URL, that way you won't have to reconfigure when someone goes internal to external
    3. Have users who are primarily internal use the internal URL for the web client, which will resolve single sign on
    4. Have users who are primarily external use the external URL for the web client
    For #1, since you only need to enter the credentials when you first configure CRM, it is in all effects single sign on.
    One thing I haven't tried that may work is using IIS redirect internally to redirect the external URL to the internal URL. There is also a powershell script in the IFD guide that you can use to make the outlook client switch between the internal and external
    URL's, but nothing that will give you a single URL that works as the internal relying party trust when internal and the external relying party trust when you are external.

  • How to setup oracle database to archivelog mode and auto delete ?

    Oracle 11g R2
    - How to setup database to archive log mode and have oracle only save 24 hours of archive logs
    and delete the rest. So at any given time I will have only 24 hours of archive log and not more.
    So only 1 day of archive logs.
    - Let me know the database parameters I need to setup to accomplish this.
    - I don't want to use the RMAN
    - I am not setting up the database to archive log mode for recovery purpose. I am setting up archive log mode
    so we can use the log miner tool to dig up achives to see log activity for any performance & tuning.
    Edited by: johnpau2013 on May 9, 2012 6:09 PM

    johnpau2013 wrote:
    Thanks everyone for there responses.
    I need to rephrase and explain everyone as what I wanted to do exactly. This might help everyone understand and suggest me.
    We have oracle database 11g r2. Its a test database. Nothing is critical. We use EXPDP utility to backup the entire database every night. Which is enough for us to recover incase something happens. Even if we loose some data. That's fine.
    We are testing our web application on this oracle test database for performance & tuning.
    One thing we have noticed is that the redo logs are switching very frequently. 50MB each log file and there are 5 logs. each log switches every 40 seconds. So we wanted to see what is getting written in this redo logs. We wanted to use the LOG MINER tool in OEM to read the logs. It needed our database to be setup in archive log mode. So the log miner can read the archive logs and show us the sql's within the archive logs.
    Now when we setup the archive log mode on our database. By default the archive logs destination was set to flash recovery area ( may be oracle default archive log location is flash recovery area folder).
    We have setup the db_recovery_file_dest_size to 100GB. Now within 2 days we have filled up the flash recovery area folder. Database was frozen. Then we realized that its because oracle couldn't write archive logs. Because it reached the 100GB. Then we physically deleted files in the flash recovery area folder. Thinking it would help us start the frozen oracle database. But it didn't . The we realized that we are doing something wrong. As Oracle does not know that at OS level we deleted the files. Then temporarily we changed the db_recovery_file_dest_size to 130GB and were able to start the oracle database. Later we turned OFF the archive log mode.
    Being a rookie DBA we would have not read something properly.
    Finally:
    We wanted to know how to always keep only 1 day of archive logs (only for our performance tuning ) and not more than that. All we need this 1 day of archive logs is to use the log miner to read them. Backup is NOT our priority here. Only be able to read the archive logs from LOG MINER is PRIORITY.
    Correct me if I am wrong.Okay, so its making much more sense now, thanks for explaining your requirement.
    Database won't honor anything that you would do over the o/s without telling it. Your deletion of the archive log from the o/s location is NOT updated in the control file of the database and that's why, even when you had deleted the entire 100GB , from the db perspective, the space was still marked as used. This is the same which would happen even if you would increase the space from 100gb to whatever size as well. To delete the space, you would need to update the database's control file and that you can do from RMAN using its two commands , crosscheck backup following with deleted expired backup . The first command would find that which database backup files are NOT on the o/s which are shown in the control file and would mark all of them as expired. The second command would simply delete those expired files. This would update the control file and you would have your 100gb or whatever space, given back to you.
    To keep the archive logs of just one day, set up that Retention Policy for RMAN to either number of copies using the Redundancy option(default and set to 1) or Recovery Window. I believe for you Redundancy would be a suitable choice but you can have a read and play around with it. Setting it up would mark the files as Obsoleted and finally, you can write a small RMAN script to delete those obsoleted files.
    Now, what I don't understand is that why you want to keep on generating the archive logs just for the log miner? If you would have generated them once and figure out the reason for extensive redo generation(did you try increasing the redo log file size, 50mb seems to be smallish) , I don't think that there is any reason to keep on generating the archive logs still .
    And last part, for your question asked about that whether we can use RMAN to put the db in the archive log and is it a backup tool, yes and yes.
    HTH
    Aman....

  • TEM How to diffrentiate b/w internal and external events

    Hi experts,
            How do i distinguish b/w internal and external events ? When i try to create an event always by default it shows as internal in the top right above planned and firmly booked radio buttons. How do i create an external event which is held outside the company ?
    please help...
    Thanks & regards,
    Pavan

    Hi Pavan,
    If you create a business event with resources, it is automatically considered an "internal" event -as you cannot plan resources OUTSIDE of your company-.
    If you create a business event w/o resources, than system gives you the option of internal/external selection.
    Regards,
    Dilek

  • How to configure AD on windows 2012 server for Exchange 2013 internal and external email flow

    Dear Experts,
    I have to configure exchange 2013 on Windows server 2012 STD. Company has registered Static IP addresses and can get the MX record pointing to any of this Static IP.  
    The registered domain name is e.g.  contoso.com. 
    a. What should I use as domain name on AD? contoso.com or contoso.local
    b. Is it recommended to have two different servers  for AD and Exchange?
    c. What should be my connector settings for mail flow?
    d. how can I set 2 email servers in company for load balancing?

    Hi,
    a, I suggest use contoso.com as domain name. It is convenient to add urls into our certificate for internal and external mail flow.
    b, Recommended that installing AD
    and Exchange Server on two separate
    Servers. If Exchange Server downed unfortunately, it can prevent AD server from crushing at the same time.
    c, Found some articles for your reference:
    Configure Mail Flow and Client Access
    http://technet.microsoft.com/en-us/library/jj218640(v=exchg.150).aspx
    Configuring Outbound Mail Flow in Exchange Server 2013
    http://exchangeserverpro.com/configuring-outbound-mail-flow-in-exchange-server-2013/
    d, Load Balancing
    http://technet.microsoft.com/en-us/library/jj898588(v=exchg.150).aspx
    Hope it is helpful
    Thanks
    Mavis
    Mavis Huang
    TechNet Community Support

Maybe you are looking for