MSExchangeGuru.com

Learn Exchange the Guru way !!!

 

Exchange Cloud/Hosted: Suppress Autodiscover Popup

Well this is not something new but recently I was configuring this for one of my customer so I would like to share the steps here.

So this customer of mine has a private cloud so they have multiple smtp domains. This has been normal until we started using autodiscover url as SCP.

Now every domain’s outlook search for autodiscover.domain.org which can be pointed to the CAS servers. But this needs to have outlook user will get a popup saying autodiscover.domain.org is not present in certificate. And no one like this popup so We configured the following to suppress this.

To explain if we are using 2 smtp domains as mentioned below

Hosted Services provider:    MSExchangeGuru.com

Hosted customer domain:     GO5LLC.com

So customer’s outlook is trying to reach “Autodiscover.GO5LLC.com” and giving the certificate pop up.

  1. Create the following folders in all the CAS servers

    C:\inetpub\Autodiscoverredirect


    C:\inetpub\Autodiscoverredirect\Autodiscover


  2. Add a 2nd NIC card with the same network
  3. Create a new public IP Natting with this new IP.
  4. Create new website in the IIS with the following details

    Open IIS Manager MMC

    -Select Sites then right click and select “Add Web Site”


    -Fill the fields like this and click ok

    Site name: AutoDiscoverRedirect

    Physical Path: C:\inetpub\Autodiscoverredirect

    IP address: Select the 2nd NIC IP address


  5. Configure HTTP Redirect to the main autodiscover.domain.com url which is hosted providers’ domain.

    -Open IIS and Expand AutoDiscoverRedirect website then click on Autodiscover.

    -Double click on HTTP Redirect


    -Check the checkbox “Redirect requests to this destination”

    -Add the url “https://Autodiscover.domain.com/Autodiscover” and click ok.

        Example: https://Autodiscover.MSExchangeGuru.com/Autodiscover


  6. Make sure to do it on all CAS servers.
  7. Now time to configure DNS Which should have following records.
  • Cname record

    Autudiscover.GO5LLC.com    AutoDiscoverRedirect.MSExchangeGuru.com

  • Host Record

    AutoDiscoverRedirect.MSExchangeGuru.com    Public IP pointed to the 2nd NIC

    AutoDiscover.MSExchangeGuru.com        Public IP Pointed to the 1st NIC which is the IP of the default Autodiscover IIS VDir.

    8. This is the similar configuration as Microsoft Office 365 except Microsoft

 

    9. We can test it using https://testconnectivity.microsoft.com.

suppress autod popup1

 

 

 

 

 

 

 

 10. I am still trying to figure out how Microsoft is blocking port 443 and redirecting together. I will update the block once I will figure this out. I think Port 443 is blocked and port 80 is open for the AutoDiscoverRedirect IP. I have to ask network team to do it to get the same results  

We Blocked port 443 for the Public IP which is resolving to AutoDiscoverRedirect.MSExchangeGuru.com but allowed port 80. This is the most important step. This is suppressing the popup. After this popup stopped.

suppress autod popup2

Now you might get this popup which is expected warning.

Popup

There are 2 options. Either check the checkbox “Don’t ask me about this website again” then click allow. Then it will not come again.

Or

Configure registry for all users as mentioned in the Microsoft KB here. https://support.microsoft.com/en-us/kb/2480582


Summary:

So you need the following to configure it.

2 Public IP – 1 with port 443 and other with port 80

2 Internal IP – 443 nat to Autodiscover and port 80 nat to AutoDiscoverRedirect

Public DNS – AutoDiscover host record map to the IP with port 443 and AutoDiscoverRedirect host record map to the IP with port 80

We will create the new website with the name AutoDiscoverRedirect on port 80.

 

 


This is not hard configuration and does not require any IISreset, service or server restart.

 

Prabhat Nigam

Microsoft MVP | Exchange Server

Team@MSExchangeGuru

7 Responses to “Exchange Cloud/Hosted: Suppress Autodiscover Popup”

  1. Roy Levy Says:

    Hi dear Prabhat , great article .
    I’m using TMG Http redirect as well in my cloud with almost 100 sub domains with no problems .
    god bless u

    cheers
    Roy

  2. M Says:

    When you use ah WAF to publish the redirect virtual directory, you can just open port 80.

    Remider:
    Autodiscover redirections generate another popup that user ask if they trust the redirekt url. This redirect url can also be pre settup as trusted url through the hkcu\software\office\ver\oulook\autodiscover regestry.

    Regards

  3. Prabhat Nigam Says:

    Thank you for sharing your experience.
    Actually there is no popup coming in my outlook 2016. So anyone getting popup should upgrade to Office 2016. 🙂

  4. Prabhat Nigam Says:

    TMG has gone so you need to find this solution for your upgrade.
    This is the only option or you rely on any 3rd party.

  5. Weekly IT Newsletter – December 14-18, 2015 | Just a Lync Guy Says:

    […] · Exchange Cloud/Hosted: Suppress Autodiscover Popup […]

  6. NeWay Technologies – Weekly Newsletter #178 – December 18, 2015 | NeWay Says:

    […] · Exchange Cloud/Hosted: Suppress Autodiscover Popup […]

  7. NeWay Technologies – Weekly Newsletter #178 – December 17, 2015 | NeWay Says:

    […] · Exchange Cloud/Hosted: Suppress Autodiscover Popup […]

Leave a Reply

Categories

Archives

MSExchangeGuru.com