Configure Autodiscover Redirection for the Multi-Tenant Organization

Symptoms (Issue):AutoDiscover redirection permits the tenant organizations to connect to the hosting organization by using a single instance of AutoDiscover. AutoDiscover redirection also permits all of the tenants to use the same SSL certificate.In order to use AutoDiscover features with hosted e-mail domains, you must set up and configure a site that will function as a redirector to the main Exchange AutoDiscover Web site. For each hosted e-mail domain that you offer, an alias (CNAME) will be setup in DNS to refer AutoDiscover capabilities to this AutoDiscover Redirection Web site. This AutoDiscover Redirection Web site will re-direct the users to the main Exchange AutoDiscover Web site which will then provide the correct information to Outlook clients.Resolution

Configure AutoDiscover redirection: Setup the AutoDiscover redirect site Configure the Client Access servers to handle AutoDiscover requests Setup the DNS record for the tenant organization.

Prerequisites:

Have a server running Internet Information Services (IIS), the Client Access Server and the Domain Controller can't be the same server.

Or to have other IP on same server Client server on below scenario I have only one server with below rules:

Exchange server (Mailbox, Access, Hub, OWA).

Auto Discover Redirect rule.

Setup the AutoDiscover redirect siteo On the server that will be running IIS and the Autodiscover redirect, install the

HTTP Redirection module.o Create a virtual website for Autodiscover redirection.

On the Server that is running IIS manager, open the IIS manager. In the console tree, expand the server. Right-click on Sites, and then click Add Web Site. In the Site name field, type AutodiscoverRedirection. Select a Physical path to the virtual website. For example D:\

Autodiscover Redirection. In the binding section, complete the following options

Type: httpIP address: Type or select the explicit IP Address to the redirection server.

Click OK.o Create a virtual directory for Autodiscover redirection.

In the console tree, right-click on the AutodiscoverRedirection website, and then select Add Virtual Directory.

In the Add Virtual Directory dialog box, complete the following options:Alias: AutodiscoverPhysical path: Select the physical path to the virtual directory. This should be a sub folder of the Autodiscover Redirection virtual website that you created in the previous step. For example D:\Autodiscover Redirection\Autodiscover.

Click OK.

o Configure HTTP Redirection for Autodiscover. In the console tree, click on the Autodiscover virtual directory. In the

results pane double-click on HTTP Redirect.

Click the Redirect requests to this destination checkbox. Type the autodiscover redirection address. For example,

https://mail.contoso.com/autodiscover. This address will match the ExternalURL that you will use in configuring Client Access servers to handle the Autodiscover requests.

Configure the Client Access servers to handle AutoDiscover requestso Enable Outlook Anywhere by using the Enable-OutlookAnywhere cmdlet.

You must set the following options: DefaultAuthenticationMethod: Basic ExternalHostName: The ExternalHostName specifies the host name

that users outside of the organization will connect to Outlook Anywhere. For example, mail.contoso.com.

SSLOffloading: $false

This example enables the server Server01 for Outlook Anywhere. The external host name is set to mail.contoso.com, Basic authentication is used, and SSL offloading is set to $false.

Enable-OutlookAnywhere -Server Server01 -ExternalHostname mail.contoso.com -DefaultAuthenticationMethod:Basic -SSLOffloading $False

o Configure the AutoDiscover Virtual Directory by using the Set-AutoDiscoverVirtualDirectory cmdlet. You must set the following options:

BasicAuthenication: $true InternalURL: The url that is used to connect to the virtual directory

from outside the organization. Use /autodiscover at the end of the URL to specify the autodiscover virtual directory.

ExternalURL: The url that is used to connect to the virtual directory from inside the organization. Use /autodiscover at the end of the URL to specify the autodiscover virtual directory.

This example sets the InternalURL and ExternalURL of the default autodiscover virtual directory to https://mail.contoso.com/autodiscover with basic authentication enabled.

Set-AutodiscoverVirtualDirectory -Identity 'autodiscover (default Web site)' -ExternalURL 'https://mail.contoso.com/autodiscover' -InternalURL 'https://mail.contoso.com/autodiscover' -

BasicAuthentication $true

o Set the OAB Virtual Directory by using the Set-OABVirtualDirectory cmdlet. You must set the following options:

RequireSSL: $true InternalURL: The InternalURL specifies the URL that is used to

connect to the virtual directory from inside of the organization. Use /OAB at the end of the URL to specify the OAB virtual directory.

ExternalURL: The ExternalURL specifies the URL that is used to connect to the virtual directory from outside of the organization. Use /OAB at the end of the URL to specify the OAB virtual directory.

BasicAuthentication: $true

This example sets the default OAB virtual directory that resides on Server01 to require SSL, and sets the internal URL and external URL to https://www.contoso.com/OAB. It also sets the authentication method to basic authentication.

Set-OABVirtualDirectory -Identity "Server1\OAB (Default Web Site)" -ExternalUrl "https://www.contoso.com/OAB" InternalURL-BasicAuthentication $true -RequireSSL $true

Set the Web Services Virtual Directory by using the Set-WebServicesVirtualDirectory cmdlet. You must set the following settings:

o ExternalURL: The ExternalURL specifies the URL that is used to connect to the virtual directory from outside of the organization. Use /EWS/Exchange.asmx at the end of the URL to specify the web services virtual directory.

o InternalURL: The InternalURL specifies the URL that is used to connect to the virtual directory from inside of the organization. Use /EWS/Exchange.asmx at the end of the URL to specify the web services virtual directory.

o BasicAuthentication: $true

This example sets the authentication method to Basic authentication for the virtual directory EWS on the server SERVER01. This example also sets the external and internal URLs for this virtual directory to https://www.contoso.com/EWS/Exchange.asmx.

Set-WebServicesVirtualDirectory -Identity "SERVER01\EWS(default Web site)"-BasicAuthentication $true -ExternalUrl https://www.contoso.com/EWS/exchange.asmx -InternalUrl https://www.contoso.com/EWS/exchange.asmx

More Information