Autodiscover: Difference between revisions
(Created page with "{{BC|Community Sandbox}} __FORCETOC__ <div class="col-md-12 ibox-content"> =Autodiscover for Outlook, Exchange Activesync and Exchange Web Services= {{KB|{{Unsupported}}|{{ZCS...") |
m (Jorge de la Cruz Mingo moved page AutoDiscover to Autodiscover) |
(No difference)
|
Revision as of 16:03, 4 August 2015
Autodiscover for Outlook, Exchange Activesync and Exchange Web Services
Autodiscover uses the Network Edition features, EAS and EWS, Exchange Activesync and Exchange Web Services, that allows any Mail Client that supports Autodiscover to configure the appropriate Server settings for Communication so you don’t have to input all the configuration manually. It’s very useful for IT Administrators and for all Users. Autodiscover also uses SSL certificates, and Microsoft since a few years ago has started recommending the use of Public domain names for Active Directory domains, to avoid the use of non-public TLD like domain.local.
How does Autodiscovery work?
Outlook or the Mail App, has a few ways to look for domain information when configuring itself based on the users email address.
- The first one is post to https://example.com/Autodiscover/Autodiscover.xml
- Second one is post to https://autodiscover.example.com/Autodiscover/Autodiscover.xml
- Third one will be the same that the previous one but in HTTP http://autodiscover.example.com/Autodiscover/Autodiscover.xml
- Fourth one, Autodiscover uses the DNS SRV lookup and will get the autodiscover.tcp.example.com that will reply to "mail.example.com".
Example using just the DNS SRV record in Zimbra
Lets say I want to set up Outlook as john@example.com, but my site does not have the required Autodiscovery XML files set up. I enter that email address in Outlook, now Outlook do the following things to get its information:
- Autodiscover posts to https://example.com/Autodiscover/Autodiscover.xml. This fails.
- Autodiscover posts to https://autodiscover.example.com/Autodiscover/Autodiscover.xml. This fails.
- Autodiscover performs the following redirect check: GET http://autodiscover.example.com/Autodiscover/Autodiscover.xml. This fails.
- Autodiscover uses DNS SRV lookup for autodiscover.tcp.example.com, and then "mail.example.com" is returned.
- Outlook asks permission from the user to continue with Autodiscover to post to https://mail.example.com/autodiscover/autodiscover.xml.
- Autodiscover's POST request is successfully posted to https://mail.example.com/autodiscover/autodiscover.xml.
Creating the proper DNS entries
To set the proper DNS, you should have 2 different DNS entries.
- The first one is an CNAME DNS entry pointing to the proper Zimbra FQDN, in this example autodiscover.zimbra.io to zimbra86.zimbra.io. Please be aware that the SSL Certificate needs to have the autodiscover.zimbra.io inside using a Wildcard Certificate or a SAN for the record, in other case Autodiscover will fail in this step:
- The second DNS record that we need to have is the SRV one, with the Zimbra FQDN, the service, the protocol, the priority, the weight, the port and the hostname. For example, using Bind you will need to add a DNS entry like the next one:
Note: You can play with the priority and weight of the DNS record for an Autodiscovery HA based in DNS.
Check the Autodiscover using the DNS
You can check if you have the proper DNS configuration using the regular DNS tools provided by your Operating System. This doesn't needs necessary means that your Autodiscover works in the Zimbra server, but at least you can see if you have properly configured your DNS Server.
In Microsoft Windows
You can test it in Microsoft Windows using nslookup, open a CMD and introduce the next command to test your Autodiscover DNS record:
nslookup -q=srv _autodiscover._tcp.example.com
In Linux/OS X
You can test it in Linux or OS X using dig, open a terminal/console and introduce the next command to test your Autodiscover DNS record:
dig _autodiscover._tcp.zimbra.io SRV
Check the Autodiscover using the Official Online Microsoft Tool
Microsoft have an Online tool where we can test the Autodiscovery, if needed, please go to https://testconnectivity.microsoft.com/ Then you will see the next Windows, select the option called Microsoft Office Outlook Connectivity Tests > Outlook Autodiscover
In the next Window, use an account that can do Login into your Zimbra server to test properly the Autodiscover. Note: Please use a test account that you can delete later, or one that you will change the password after do this test. Important note: In my first test using the Test Connectivity from Microsoft I've received an error because I didn't enabled the EWS funcionality to the account that I want to test. Enabling the EWS Feature in the COS did the trick to work.
After a few seconds you will be able to see the results, in this case everything seems to be OK:
If we click Expand All, we can see the steps that Autodiscover tried to work, as it's explained before, the only step that works here is the DNS one because:
- First, in example.com I don't have the Zimbra Server, I have my regular Website.
- Second, because autodiscover.example.com doesn't have the proper SSL certificate as I have a SSL certificate that cover mail.example.com for example.
- Third, finally the DNS record is valid and Outlook can use this method to get the configuration.
Configure the Mail Clients
Now that you have your Autodiscover properly configured you can follow the next Articles to configure your Mail clients:
- Windows Mail app using EAS (Exchange ActiveSync) in Windows 8, 8.1 and Windows 10
- Outlook 2016 for Mac and EWS Setup
- Outlook 2013 using EAS (Exchange ActiveSync)
- Outlook 2011 For Mac And EWS Setup With Screenshots
Identified Support/Known Issues
Known issues include the following bugs:
- Bug 85262 - Admin: Add Appendix to Admin Guide which documents the various autodiscovery settings