Overview The Autodiscover service for Microsoft Exchange Server 2007 provides automatic profile configuration for Microsoft Office Outlook 2007 clients that are connected to your Exchange messaging environment. When you install the Client Access server (CAS) role on a computer running Exchange 2007, a new virtual directory is created under the Default Web Site in Internet Information Services (IIS). In the Active Directory a Service Connection Point (SCP) object is created that allows all domain-connected clients running Outlook 2007 to query the Active Directory and configure the Outlook profile automatically. Many organizations have complex topologies with multiple forests where the Exchange is running in a resource forest and an accounts forest which contains the user accounts for the organization. In the multiple trusted forest scenario, the user accounts and Microsoft Exchange are deployed in multiple forests. Exchange 2007 features such as the Availability service and Unified Messaging rely on the Autodiscover service to access user accounts across forests. In this scenario, the Autodiscover service must be available to users across multiple trusted forests. The intention of this post is not to explain how Autodiscover works, how to implement it for multiple forests, or troubleshoot every scenario. It is a brief, practical list of tips for use during the deployment and covers some common examples and methods to resolve issues. For more details how Exchange 2007 Autodiscover works and deployment considerations, see the white paper: Exchange 2007 Autodiscover Service and Deployment Considerations for the Autodiscover Service
CN=Fourthcoffee.com,CN=Microsoft Exchange Autodiscover,CN=Services,CN=Configuration,DC=Nwtraders,DC=com7. Review Keywords and ServiceBindingInformationService attributes in the Service Connection Point (SCP) object on the Accounts forest (Nwtraders.com).
Netdom trust trusted_domain_name /domain: trusting_domain_name /verify The trust between nwtraders.com and fourthcoffee.com has been successfully verified The command completed successfully.3. Verify that the Master Account has full access to the Linked Mailbox as well as the smtp address using the cmdlets Get-Mailbox and Get-MailboxPermission. See How to Create a Linked Mailbox.
Get-Mailbox <mailbox_user> | fl PrimarySmtpAddress : Char@fourthcoffee.com RecipientType : UserMailbox RecipientTypeDetails : LinkedMailbox IsLinked : True LinkedMasterAccount : NWTRADERS\Char Get-Mailboxpermission <mailbox_user> | fl AccessRights : {FullAccess, ExternalAccount} InheritanceType : All User : NWTRADERS\Char Identity : Fourthcoffee.com/Users/Char4. To review Keywords and ServiceBindingInformationService attributes in the Service Connection Point (SCP) object for each Exchange 2007 Client Access server, you can use the ldifde.exe command, Adsiedit.msc or Get-ClientAccessServer cmdlet.
Ldifde.exe –f scp.txt –d "CN=<cas_server>,CN=Autodiscover,CN=Protocols,CN=<cas_server>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=vandyr136711org,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=Fourthcoffee,DC=com" Get-ClientAccessServer | fl *Auto* AutoDiscoverServiceCN : CAS_SERVER AutoDiscoverServiceClassName : ms-Exchange-AutoDiscover-Service AutoDiscoverServiceInternalUri : https://cas_server.fourthcoffee.com/Autodisc over/Autodiscover.xml AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e7a48b19596 AutoDiscoverSiteScope : {Default-First-Site-Name}Note: Keywords and ServiceBindingInformation 5. Review the Exchange certificate on the Client Access server using the command Get-ExchangeCertificate and verify the following attributes: CertificateDomain, Services, Status, IsSelfSigned, Issuer and Subject. For more details see: Autodiscover and Certificates
Get-ExchangeCertificates | fl CertificateDomains : {mail.fourthcoffee.com, TX136711-MS1, TX136711-MS1.fourthcoffee.com, Fourthcoffee.com, autodiscover.Fourthcoffee.com } HasPrivateKey : True IsSelfSigned : False Issuer : CN=Fourthcoffee, DC=Fourthcoffee, DC=com Services : IMAP, POP, IIS Status : Valid Subject : CN=mail.fourthcoffee.com6. To review Keywords and ServiceBindingInformationService attributes in the Service Connection Point (SCP) object on the Accounts forest, you can use the ldifde.exe command, Adsiedit.msc.
Ldifde –f scp_account.txt –d "CN=Fourthcoffee.com,CN=Microsoft Exchange Autodiscover,CN=Services,CN=Configuration,DC=Nwtraders,DC=com" dn:CN=Fourthcoffee.com,CN=MicrosoftExchange Autodiscover,CN=Services,CN=Configuration,DC=Nwtraders,DC=com distinguishedName: CN=Fourthcoffee.com,CN=Microsoft Exchange Autodiscover,CN=Services,CN=Configuration,DC=Nwtraders,DC=com keywords: Domain=Nwtraders.com keywords: Domain=Fourthcoffee.com keywords: 67661D7F-8FC4-4fa7-BFAC-E1D7794C1F68 serviceBindingInformation: LDAP://Fourthcoffee.com7. Every time you created a new authoritative Accepted domain under Organization Configuration – Hub Transport – Accepted Domains tab you have to run the Export-AutodiscoverConfig cmdlet On an Exchange 2007 Client Access server in the source forest, run the following command to retrieve the credentials that you will use to run the Export-AutodiscoverConfig cmdlet:
$a = Get-Credential Export-AutoDiscoverConfig -DomainController <FQDN> –TargetForestDomainController <String> -TargetForestCredential $a -MultipleExchangeDeployments $trueRelated reading: White Paper: Exchange 2007 Autodiscover Service http://technet.microsoft.com/en-us/library/bb332063.aspx#HowtoConfigureExchangeServices How to Configure the Autodiscover Service for Multiple Forests http://technet.microsoft.com/en-us/library/aa996849(EXCHG.80).aspx How to Configure the Autodiscover Service to Use Site Affinity http://technet.microsoft.com/en-us/library/aa998575(EXCHG.80).aspx How to Configure the Autodiscover Service for Cross Forest Moves http://technet.microsoft.com/en-us/library/bb201665(EXCHG.80).aspx How to Deploy Exchange 2007 in an Exchange Resource Forest Topology http://technet.microsoft.com/en-us/library/aa998031.aspx Understanding Recipients http://technet.microsoft.com/en-us/library/bb201680(EXCHG.80).aspx How to Create a Linked Mailbox http://technet.microsoft.com/en-us/library/bb123524(EXCHG.80).aspx How to Convert a Mailbox to a Linked Mailbox http://technet.microsoft.com/en-us/library/bb201694.aspx Autodiscover and Certificates http://technet.microsoft.com/en-us/library/bb332063.aspx#ADAndCertificates - Vandy Rodrigues
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.