Multi-domain Autodiscover with a shared name spaces


We had a situation where we needed to get autodiscover to go to a totally different url from the root domain, AND not modify the DNS records for the Root domain where the primary SMTP domain exists.

I want to STRESS that these solutions are for very specific cases and not for the purpose of replacing the primary AutoDutodiscover mechanisms.

 

Details of the environment:

  • Exchange 2010 Domain for child company = Parent.child.com (not a typo)
  • Exchange 2007 Domain for parent company = parent.com
  • smtp email address for all clients = user@parent.com
  • all mail is sent to parent.com and then if not resolved on parent.com and if unresolved forwarded to parent.child.com
  • Mail Flow works fine
  • Issue is with AutoD connecting to parent.com and unable to get parent.child.com AutoDiscover urls.

2 Solutions

  1. If it’s a 2007\2010 server you can use a contact with the child domain as the target
  2. Use a local autodiscover.xml file (highlighted values indicate values that may need changing)

Outlook 2007 checks for a Local Autodiscover file based on a registry setting. You can check by using the following information:

    1. Open regedit, and browse to(or use one of the reg files below):
      • Outlook 2007 Key: HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Autodiscover
      • Outlook 2010 Key: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Autodiscover
    2. Add the Dword: PreferLocalXML
      • Value = 1
    3. Add the STRING: parent.com
      • Value: %programfiles%\Microsoft Office\Office\parent.xml

image

    1. MODIFY the xml below with your servern names and URLS
    2. Save the text below as %programfiles%\Microsoft Office\Office\parent.xml

 

****************************************Copy Below  and save as parent.xml************************************************************

<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
  <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
    <Account>
      <AccountType>email</AccountType>
      <Action>settings</Action>
      <Protocol>
        <Type>EXCH</Type>
        <Server>internalhost.Parent.child.com</Server>
        <ServerDN>/o=Parent/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=ExServer</ServerDN>
        <ServerVersion>720280FE</ServerVersion>
        <MdbDN>/o=Parent/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=ExServer/cn=Microsoft Private MDB</MdbDN>
        <PublicFolderServer>internalhost.Parent.child.com</PublicFolderServer>
        <AD>internalhost.amer.Parent.child.com</AD>
        <ASUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</ASUrl>
        <EwsUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</EwsUrl>
        <OOFUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</OOFUrl>
        <UMUrl>https://mail.Parent.child.com/UnifiedMessaging/Service.asmx</UMUrl>
        <OABUrl>https://mail.parent.com/oab</OABUrl>
      </Protocol>
      <Protocol>
        <Type>EXPR</Type>
        <Server>mail.Parent.child.com</Server>
        <SSL>On</SSL>
        <AuthPackage>Basic</AuthPackage>
        <OABUrl>Public Folder</OABUrl>
      </Protocol>
      <Protocol>
        <Type>WEB</Type>
        <External>
          <OWAUrl AuthenticationMethod="Fba">https://mail.Parent.child.com/owa</OWAUrl>
          <OWAUrl AuthenticationMethod="Fba">https://mymail.Parent.child.com/owa</OWAUrl>
        </External>
        <Internal>
          <OWAUrl AuthenticationMethod="Basic, Fba">https://internalhost.Parent.child.com/owa</OWAUrl>
          <Protocol>
            <Type>EXCH</Type>
            <ASUrl>https://mail.Parent.child.com/EWS/Exchange.asmx</ASUrl>
          </Protocol>
        </Internal>
      </Protocol>
    </Account>
  </Response>
</Autodiscover>

**************************************************************************** Copy above******************************************************

 

****Outlook 2010 Autodiscover.Reg********************************************************************************************

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]
"PreferLocalXML"=dword:00000001
"parent.com"="%programfiles%\\Microsoft Office\\Office\\parent.xml"

***************************************************************************************************************************

 

****Outlook 2007 Autodiscover.Reg********************************************************************************************

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"PreferLocalXML"=dword:00000001
"parent.com"="%programfiles%\\Microsoft Office\\Office\\parent.xml"

***************************************************************************************************************************

 

 

Reference locations

http://technet.microsoft.com/en-us/library/cc837949(office.12).aspx

http://www.exchange-genie.com/2007/07/exchange-2007-autodiscover-service-part-1/

http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx

4 thoughts on “Multi-domain Autodiscover with a shared name spaces

  1. I have the same issue as well. Does that mean that there are no exact ways other than sending the xml and the registry key to those external users to make it work?

  2. We’re in a similar situation, and we’ve been trying to implement the simplest solution (solution 1) since contacts are already in place. However, autodiscover fails because the credentials of our users in the child domain aren’t accepted in the parent domain (no trust), so at the point where the autodiscover service should simply redirect to the other mailaddress, we get a 401 access denied error. Anybody know of a way to force Autodiscover (on 2010) to accept anonymous access (as this seems to be the problem)?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s