0

I'm about to tune our autodiscover-config. For our main-domain it works perfectly. Now I'm about to add support for multiple domains.

In this article Jaap Wesselius describes how to add an additional virtual directory with an http-redirection to our main-domain-autodiscover-virtual-directory. He uses a 2nd IP-address for this but didn't mention why he is using a 2nd IP-address.

My question is: couldn't I just create a new virtual-directory in the default web site with the same IP for the redirect? What's the problem with it?

wullxz
  • 1,073
  • 2
  • 16
  • 29

1 Answers1

0

The reason has to do with the SSL certificate. It is unlikely that you want to purchase an SSL cert for all "autodiscover." SMTP domains you host. Using a second IP address gives you the ability to create a separate website that does not use SSL.

So your second autodiscover url would be:

The autodiscover.xml would then be set to redirect to:

This way you only need an SSL cert for autodiscover.mainsmtpdomain.com.

When searching for the autodiscover service a client will follow the following in this setup scenario for your Second SMTP domain:

  1. Tries https://domain2.com/autodiscover/autodiscover.xml (Fails)
  2. Tries https://autodiscover.domain2.com/autodiscover/autodiscover.xml (Fails)
  3. Tries http://autodiscover.domain2.com/autodiscover/autodiscover.xml (succeeds)

If the third option were to fail it would go on to look for SRV records (_autodiscover._tcp.mainsmtp.com)

You can not add a new virtual directory to the CAS default website to accomplish this. This is because you would then have two "autodiscover" virtual directories in the same site.

You could create a new site on the CAS and use the above outlined steps to accomplish this. However, this also would require you to set the default website to use a specific IP and add an additional IP to your CAS NIC for the new site. See the Autodiscover Whitepaper: Scenario 4

HostBits
  • 11,796
  • 1
  • 25
  • 39
  • I understood that I need this to forward to my ssl-autodiscover-site from my maindomain (because http-forwarding is not available with ssl). That's ok. But can't I just create a http virtual directory in my default web site which redirects to my maindomain-autodiscover? (I think I misunderstood IIS ;)) – wullxz Apr 20 '11 at 16:35
  • See Edits above – HostBits Apr 20 '11 at 16:53
  • Ok thanks. I think I got it now. I'm used to apache-virtual-directorys, which can look at the subdomain that has been used and 'route' the use to a specific real directory... But it is possible to let a normal (linux) web-server do the redirection-work (it holds the same maindomain)? – wullxz Apr 20 '11 at 17:00
  • I'd imagine you would be able to, although I have not done this. The client is going to be looking for the directory structure of /autodiscover/autodiscover.xml. So as long as it can find the autodiscover.xml file and the file properly redirects, it should work. – HostBits Apr 20 '11 at 17:03