In Part2 we requested and installed the wildcard certificate on the first server – exch1.testcompany.com. In Part3 we’ll pace through the setting up a new Autodiscover site and configuring various virtual directories.
Notice that Autodiscover.TestCompany.com must use the same wildcard certificate – TestCompany-WildCard. We also need to add the new A-record to DNS.
Next, enable Directory Browsing and set authentication methods:
Then create the autodiscover virtual directory in EMS
New-AutodiscoverVirtualDirectory -WebSiteName “Autodiscover.TestCompany.com” -WindowsAuthentication $true
and configure Client Access Server:
Set-ClientAccessServer -Identity Exch1 -AutoDiscoverServiceInternalUri https://Autodiscover.TestCompany/Autodiscover/Autodiscover.xml
The easiest way to configure external hostnames is to use the wizard:
As I decided to use the same external and internal hostnames for Exchange services I must either manually enter ‘mail.testcompany.com’ instead of “exch1.testcompany.com” in EAC or type the corresponding commands in EMS for each virtual directory, for example:
After configuring virtual directories let’s set up Outlook Anywhere (servers – Exch1/Properties) and reset IIS.
Now we can test connection to Exchange server using Outlook 2013 SP1 internally and externally.
1) I run Outlook 2013SP1 on a client computer in the TestCompany.com domain.
If we right-click the Outlook system tray icon while holding Ctrl key we can check the connection by clicking “Connection status”.
2) Before I run Outlook in other domain to simulate external connection I need to install my internal CA’s (from the TestCompany.com domain) root certificate to the client computer in that domain, otherwise Outlook will complain on untrusted certificate.
After installing this certificate to the “Trusted Root Certification Authorities” certificate store I can run Outlook to test connection externally.
Look! We’ve got a certificate error in spite of installing root CA’s certificate – why? As we can see this certificate arrived from DC.TestCompany.com, NOT from the Autodiscover.TestCompany.com – this is because Outlook first tries to connect to https:/domain.com and only after that to https://autodiscover.domain.com. Upon completion of the first connection attempt to a https://domain.com Outlook realises it is NOT an autodiscover site (as we used autodiscover.testcompany.com when setting up autodiscover) and makes another connection to autodiscover.testcompany.com, – we’ll check it a bit later.
Again, hold CTRL and right-click Outlook system tray icon, but this time let’s click “Test E-Mail Autoconfiguration”, enter e-mail address, password and run the test.
The Log tab will show what sites and with what results Autodiscover service were using while connecting to TestCompany.com domain.
In Part3 of the series of articles on deploying Exchange 2013SP1 we configured Exchange-specific virtual directories, set up and tested autodiscover service. In Part4 we’ll continue to fine-tune the server by configuring the most important settings.