SOLVED

Autodiscover configuration in full hybrid

%3CLINGO-SUB%20id%3D%22lingo-sub-1555585%22%20slang%3D%22en-US%22%3EAutodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1555585%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3CBR%20%2F%3EI%20have%20a%20question%20regarding%20the%20configuration%20of%20the%20autodiscover%20service.%3CBR%20%2F%3EMy%20infrastructure%20is%20full%20hybrid%20with%20a%202016%20exchange%20server%20on%20premise.%3CBR%20%2F%3EI%20have%20already%20moved%20the%20mail%20flow%20to%20o365%20by%20changing%20the%20mx%20record%20and%20moving%20all%20the%20mailboxes%3CBR%20%2F%3EThe%20on%20premise%20server%20is%20used%20as%20an%20smtp%20relay%20for%20internal%20and%20external%20emails.%3CBR%20%2F%3ECurrently%20my%20dns%20record%2C%20both%20on%20public%20and%20private%20dns%2C%20for%20autodiscovery%20points%20to%20the%20exchange%20on%20premise%20server.%3CBR%20%2F%3EReading%20the%20microsoft%20article%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fdecommission-on-premises-exchange%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fdecommission-on-premises-exchange%3C%2FA%3E%20I%20am%20in%20scenario%203.%3CBR%20%2F%3EThe%20article%20says%20If%20you%20were%20to%20even%20start%20the%20process%20by%20pointing%20the%20Autodiscover%20Records%20to%20Exchange%20Online%2C%20you%20would%20immediately%20break%20some%20features%20like%20hybrid%20public%20folder%20access.%3CBR%20%2F%3EI%20don't%20use%20public%20folder%20but%20I%20only%20use%20the%20on%20premise%20server%20as%20smtp%20relay.%3CBR%20%2F%3ESo%20I%20can't%20point%20the%20autodiscover%20to%20the%20microsoft%20records%20autodiscover.outlook.com%3F%3CBR%20%2F%3EIf%20I%20don't%20move%20my%20autodiscover%20record%20to%20autodiscover.outlook.com%20the%20exchange%20server%20on%20premise%20should%20be%20unavailable%20what%20happens%3F%3C%2FP%3E%3CP%3EOutlook%20clients%20will%20not%20be%20able%20to%20connect%20to%20o365%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1555585%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EHybrid%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOn-Premises%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1555708%22%20slang%3D%22en-US%22%3ERe%3A%20Autodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1555708%22%20slang%3D%22en-US%22%3Eif%20you%20still%20have%20mailboxes%20on-prem%20then%20keep%20it%20pointing%20to%20on-prem%20else%20you%20can%20point%20it%20to%20O365.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1555809%22%20slang%3D%22en-US%22%3ERe%3A%20Autodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1555809%22%20slang%3D%22en-US%22%3E%3CP%3EI%20don't%20have%20any%20mailboxes%20on%20premises.%3CBR%20%2F%3EThe%20on%20premise%20server%20has%20a%20connector%20that%20allows%20the%20relay%20of%20the%20email%20in%20an%20unauthenticated%20way%20because%20an%20old%20application%20must%20send%20email%20to%20the%20internet.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1556089%22%20slang%3D%22en-US%22%3ERe%3A%20Autodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1556089%22%20slang%3D%22en-US%22%3Eyou%20can%20point%20your%20autodiscover%20to%20O365%20then%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1556276%22%20slang%3D%22en-US%22%3ERe%3A%20Autodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1556276%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F333418%22%20target%3D%22_blank%22%3E%40DeepakRandhawa%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20reply.%3CBR%20%2F%3ESince%20the%20article%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fdecommission-on-premises-exchange%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fdecommission-on-premises-exchange%3C%2FA%3E%20scenario%203%20says%3A%3CBR%20%2F%3EWe%20recommend%20against%20removing%20Exchange%20and%20the%20hybrid%20configuration%20at%20this%20point.%20If%20you%20were%20to%20even%20start%20the%20process%20by%20pointing%20the%20Autodiscover%20Records%20to%20Exchange%20Online%2C%20you%20would%20immediately%20break%20some%20features%20like%20hybrid%20public%20folder%20access.%20You%20could%20change%20the%20MX%20record%20to%20point%20to%20Exchange%20Online%20Protection%20if%20it%20is%20not%20already%2C%20you%20could%20even%20remove%20some%20of%20the%20on-premises%20Exchange%20servers.%20However%2C%20you%20would%20need%20to%20keep%20enough%20in%20place%20to%20handle%20the%20remaining%20hybrid%20functions.%20Usually%2C%20this%20would%20lead%20to%20a%20very%20small%20on-premises%20footprint.%3CBR%20%2F%3EAre%20you%20sure%20it%20can%20make%20the%20autodiscover%20service%20point%20on%20O365%3F%3CBR%20%2F%3EIf%20the%20answer%20is%20yes%20on%20the%20server%20on%20premise%20I%20have%20to%20type%20the%20command%20Get-ClientAccessService%20%7C%20Set-ClientAccessService%20-AutoDiscoverServiceInternalUri%20%24%20Null%3F%3CBR%20%2F%3EAlso%20do%20I%20have%20to%20point%20the%20dns%20record%2C%20both%20for%20internal%20and%20public%20dns%2C%20to%20autodiscover.outlook.com%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1556362%22%20slang%3D%22en-US%22%3ERe%3A%20Autodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1556362%22%20slang%3D%22en-US%22%3EYes%2C%20you%20can%20point%20it%20to%20O365%20without%20causing%20any%20issues%20to%20your%20environment.%3CBR%20%2F%3EBelow%20cmdlet%20will%20change%20the%20SCP%20entry%20to%20null%20so%20that%20your%20outlook%20does%20not%20query%20AD%20for%20mailbox%20info%3CBR%20%2F%3EGet-ClientAccessService%20%7C%20Set-ClientAccessService%20-AutoDiscoverServiceInternalUri%20%24%20Null%3CBR%20%2F%3EAnd%20yes%20you%20need%20to%20point%20your%20dns%20to%20autodiscover.outlook.com%20for%20both%20internal%20and%20external.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1556585%22%20slang%3D%22en-US%22%3ERe%3A%20Autodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1556585%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F333418%22%20target%3D%22_blank%22%3E%40DeepakRandhawa%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20reply%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2051948%22%20slang%3D%22en-US%22%3ERe%3A%20Autodiscover%20configuration%20in%20full%20hybrid%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2051948%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F333418%22%20target%3D%22_blank%22%3E%40DeepakRandhawa%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHello%20dear%2C%3C%2FP%3E%3CP%3EI%20have%20a%20question%20related%20to%20similar%20case%2C%20I%20have%20migrated%20all%20users%20from%20Exchange%202010%20to%20Exchange%202016%2C%20we%20still%20have%20both%20Exchange%20servers%20but%20users%20mailboxes%20are%20on%20the%202016%2C%20we%20have%20two%20issues%20I%20think%20both%20are%20related%20to%20the%20autodiscover%2C%20whenever%20a%20user%20create%20a%20new%20meeting%20and%20add%20attendees%20from%20the%20same%20company%20(domain)%20they%20cannot%20see%20the%20free%2Fbusy%20time%20and%20the%20same%20if%20they%20add%20a%20Calendar%20of%20meeting%20room%20(resource)%20it%20shows%20no%20connection%20at%20the%20top%20of%20the%20Calendar%20of%20that%20meeting%20in%20their%20Outlook!%3C%2FP%3E%3CP%3EI%20have%20read%20many%20articles%20and%20most%20of%20them%20they%20say%20that%20%22%3CSPAN%3EAfter%20the%20mailbox%20move%20is%20complete%2C%20Exchange%20Server%202013%20or%20Exchange%20Server%202016%20continues%20to%20proxy%20the%20EWS%20request%20to%20Exchange%20Server%202010.%20Exchange%20Server%202010%20responds%20with%20a%20302%20redirect%20back%20to%20Exchange%20Server%202013%20or%20Exchange%20Server%202016%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EWhat%20settings%2Ftuning%20do%20I%20need%20to%20fix%20on%202016%20so%20we%20overcome%20this%20issue%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThanks.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EMuawya%20Ali%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Contributor

Hello,
I have a question regarding the configuration of the autodiscover service.
My infrastructure is full hybrid with a 2016 exchange server on premise.
I have already moved the mail flow to o365 by changing the mx record and moving all the mailboxes
The on premise server is used as an smtp relay for internal and external emails.
Currently my dns record, both on public and private dns, for autodiscovery points to the exchange on premise server.
Reading the microsoft article https://docs.microsoft.com/en-us/exchange/decommission-on-premises-exchange I am in scenario 3.
The article says If you were to even start the process by pointing the Autodiscover Records to Exchange Online, you would immediately break some features like hybrid public folder access.
I don't use public folder but I only use the on premise server as smtp relay.
So I can't point the autodiscover to the microsoft records autodiscover.outlook.com?
If I don't move my autodiscover record to autodiscover.outlook.com the exchange server on premise should be unavailable what happens?

Outlook clients will not be able to connect to o365?

 

Thank you

 

Regards

7 Replies
if you still have mailboxes on-prem then keep it pointing to on-prem else you can point it to O365.

I don't have any mailboxes on premises.
The on premise server has a connector that allows the relay of the email in an unauthenticated way because an old application must send email to the internet.

 

 

you can point your autodiscover to O365 then

@DeepakRandhawa 

 

Thanks for the reply.
Since the article https://docs.microsoft.com/en-us/exchange/decommission-on-premises-exchange scenario 3 says:
We recommend against removing Exchange and the hybrid configuration at this point. If you were to even start the process by pointing the Autodiscover Records to Exchange Online, you would immediately break some features like hybrid public folder access. You could change the MX record to point to Exchange Online Protection if it is not already, you could even remove some of the on-premises Exchange servers. However, you would need to keep enough in place to handle the remaining hybrid functions. Usually, this would lead to a very small on-premises footprint.
Are you sure it can make the autodiscover service point on O365?
If the answer is yes on the server on premise I have to type the command Get-ClientAccessService | Set-ClientAccessService -AutoDiscoverServiceInternalUri $ Null?
Also do I have to point the dns record, both for internal and public dns, to autodiscover.outlook.com?

 

Thank you

 

Regards

best response confirmed by pazzoide76 (Contributor)
Solution
Yes, you can point it to O365 without causing any issues to your environment.
Below cmdlet will change the SCP entry to null so that your outlook does not query AD for mailbox info
Get-ClientAccessService | Set-ClientAccessService -AutoDiscoverServiceInternalUri $ Null
And yes you need to point your dns to autodiscover.outlook.com for both internal and external.

@DeepakRandhawa 

Thanks for the reply

@DeepakRandhawa 

Hello dear,

I have a question related to similar case, I have migrated all users from Exchange 2010 to Exchange 2016, we still have both Exchange servers but users mailboxes are on the 2016, we have two issues I think both are related to the autodiscover, whenever a user create a new meeting and add attendees from the same company (domain) they cannot see the free/busy time and the same if they add a Calendar of meeting room (resource) it shows no connection at the top of the Calendar of that meeting in their Outlook!

I have read many articles and most of them they say that "After the mailbox move is complete, Exchange Server 2013 or Exchange Server 2016 continues to proxy the EWS request to Exchange Server 2010. Exchange Server 2010 responds with a 302 redirect back to Exchange Server 2013 or Exchange Server 2016"

What settings/tuning do I need to fix on 2016 so we overcome this issue?

Thanks.

Muawya Ali