Autodiscovery

Exchange Server 2007 Availability and Autodiscover Service

The availability service only works with client computers that are members of the domain, or else it can’t get the location of the autodiscovery stuff without Active Directory. The alternative to looking it up in AD is to create a website on an Exchange Server 2007 box called https://autodiscover.ecs.soton.ac.uk/Autodiscover. Note the requirement for https and not just http. It won’t work unless you have an SSL cert set up properly.

So create a new website with its own IP address (a necessity for a SSL site), called autodiscover.ecs.soton.ac.uk.
Create a new Autodiscover web service in it with this:
new-autodiscovervirtualdirectory -BasicAuthentication $true -DigestAuthentication $false -ExternalUrl https://autodiscover.ecs.soton.ac.uk/Autodiscover -InternalUrl
https://autodiscover.ecs.soton.ac.uk/Autodiscover -Path "C:\Program Files\Microsoft\Exchange Server\ClientAccess\Autodiscover" -WebSiteName autodiscover -WindowsAuthentication $true
That command takes quite a few seconds to run.

You can then compare the output of the original with the new one
Get-AutodiscoveryVirtualDirectory -Identity “EXCH” | fl

You might as well tick the “require secure channel (SSL)” box in the website properties / Directory Security / Secure Communications / Edit dialog, as Outlook will only use it over https anyway.

Once the SSL cert is in place, you can switch the new site ‘on’ with
Set-AutodiscoverVirtualDirectory -Identity “EXCHANGE3\Autodiscover (autodiscover)” -BasicAuthentication $true -DigestAuthentication $false -WindowsAuthentication $true -ExternalUrl
https://autodiscover.ecs.soton.ac.uk/Autodiscover -InternalUrl https://autodiscover.ecs.soton.ac.uk/Autodiscover
The format of the -Identity parameter is server-name\url-section (web-site-name).

It may then be worth re-testing the autodiscover functionality in Outlook 2007, from a PC that is not a member of the domain. Outlook logging goes into the %TEMP% directory (Start / Run... / %TEMP%). To enable it in Outlook 2007, go to Tools / Options / Other / Advanced / Enable logging (troubleshooting). The logs go into a file with a strange name (but I think it ends in .log) and a directory name something like olkas with up-to-the-minute log information files in it. You can search by modification date under %TEMP% if all else fails. Ctrl-click on the Outlook 2007 icon in the alerts toolbar (right end of task bar) and choose “Test Email configuration”. That should let you try everything out. Plus do it for real by creating a New Meeting Request and add hg or hcd or wh or hos to it and show the Schedule Assistant as that will attempt to get the Free/Busy information for them from the Exchange 2007 server.

This does indeed all now work. Free+Busy from Outlook 2007 clients that are not members of the domain works just fine, as does auto-configuration of new users in Outlook (any version).
Comments