Disabling AD Autodiscover while migrating to Office 365
I'm in the middle of migrating from Exchange 2007 to Office 365. I can autodiscover to the Office 365 service successfully in every instance except when I'm on a PC joined to the AD domain and the domain is accessible. I have added a registry
key on my test PC that keeps it from using the AD SCP to autodiscover but it still gets my Exchange server mailbox instead of the Office 365 mailbox even without using SCP.
If I remove the PC from the domain, it works both locally and remotely so I know all my other settings are okay, it's only giving me this issue when it's a domain member and is running local to the AD domain. Tried a laptop, joined it to the domain,
took it home and let it autoconfigure, worked great. Same laptop, when local to the domain, tries to autoconfigure using the local Exchange server settings.
I'd like to give my users back their Outlook (rather than OWA) after I migrate them. How do I prevent my locally deployed, AD-joined computers from getting autodiscover info from my local Exchange CAS server while I complete my migration to Office
365?
August 18th, 2011 3:29pm
Hiya,
In a shared-domain environment, it should be possible to use AutoDiscover redirection to avoid this issue. I've only used this in Live@EDU (which uses pretty much the same setup, on outlook.com) but in this scenario, the Office 365 domain is located on a
sub-domain of the primary domain and mail routed through Exchange on-premise to Office 365 - e.g. Primary domain contoso.com and Office 365 primary domain office365.contoso.com, with Office 365 also having contoso.com as an accepted domain.
With that setup, after migrating a Mailbox it should be possible to change the user to an On-premise Mail User instead of a Mailbox and set the ExternalEmailAddress (targetAddress) to the configured user@office365.contoso.com address. The on-premises AutoDiscover
service should then redirect to the autodiscover-s.outlook.com address to further lookup the Office 365 settings.
SteveSteve Goodman
Check out my Blog for more Exchange info or find me on
Twitter
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2011 4:56pm
You likely have thse two registry settings:
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"domain.com"="c:\\auto\\autodiscover.xml"
"PreferLocalXML"=dword:00000001
With HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover
for Outlook 2010
You must make this solution more robust by adding these registry entries:
"ExcludeScpLookup"=dword:00000001
"ExcludeHttpsAutodiscoverDomain"=dword:00000001
"ExcludeHttpsRootDomain"=dword:00000001
"ExcludeSrvLookup"=dword:00000001
"ExcludeHttpRedirect"=dword:00000000
"ExcludeSrvRecord"=dword:00000001
The only lookup type that will be used now, is HTTP Redirect to the XML file. If this fails, there'll be no Autodiscover.
This is an excerpt from my documentation after having implemented this solution twice with different forests, not Office 365.
For more information see here:
Potential Autodiscover Issue During E-Mail Coexistence
http://social.technet.microsoft.com/Forums/en-US/onlineservicesmigrationandcoexistence/thread/d6c69c69-6524-493b-a0c6-21c79e146ce7/
Outlook 2007 unexpectedly connects to an on-premise Exchange Server 2007 server mailbox instead of an Exchange Online server mailbox
http://support.microsoft.com/kb/956297/en-usMCTS: Messaging | MCSE: S+M
August 18th, 2011 4:56pm
Hiya,
In a shared-domain environment, it should be possible to use AutoDiscover redirection to avoid this issue. I've only used this in Live@EDU (which uses pretty much the same setup, on outlook.com) but in this scenario, the Office 365 domain is located on a
sub-domain of the primary domain and mail routed through Exchange on-premise to Office 365 - e.g. Primary domain contoso.com and Office 365 primary domain office365.contoso.com, with Office 365 also having contoso.com as an accepted domain.
With that setup, after migrating a Mailbox it should be possible to change the user to an On-premise Mail User instead of a Mailbox and set the ExternalEmailAddress (targetAddress) to the configured user@office365.contoso.com address. The on-premises AutoDiscover
service should then redirect to the autodiscover-s.outlook.com address to further lookup the Office 365 settings.
SteveSteve Goodman
Check out my Blog for more Exchange info or find me on
Twitter
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2011 4:56pm
You likely have thse two registry settings:
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"domain.com"="c:\\auto\\autodiscover.xml"
"PreferLocalXML"=dword:00000001
With HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover
for Outlook 2010
You must make this solution more robust by adding these registry entries:
"ExcludeScpLookup"=dword:00000001
"ExcludeHttpsAutodiscoverDomain"=dword:00000001
"ExcludeHttpsRootDomain"=dword:00000001
"ExcludeSrvLookup"=dword:00000001
"ExcludeHttpRedirect"=dword:00000000
"ExcludeSrvRecord"=dword:00000001
The only lookup type that will be used now, is HTTP Redirect to the XML file. If this fails, there'll be no Autodiscover.
This is an excerpt from my documentation after having implemented this solution twice with different forests, not Office 365.
For more information see here:
Potential Autodiscover Issue During E-Mail Coexistence
http://social.technet.microsoft.com/Forums/en-US/onlineservicesmigrationandcoexistence/thread/d6c69c69-6524-493b-a0c6-21c79e146ce7/
Outlook 2007 unexpectedly connects to an on-premise Exchange Server 2007 server mailbox instead of an Exchange Online server mailbox
http://support.microsoft.com/kb/956297/en-usMCTS: Messaging | MCSE: S+M
August 18th, 2011 4:56pm
Here are the keys I'm currently using:
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeScpLookup"=dword:00000001
"PreferLocalXML"=dword:00000001
"ExcludeHttpRedirect"=dword:00000000
"ExcludeHttpsAutodiscoverDomain"=dword:00000001
"ExcludeHttpsRootDomain"=dword:00000001
"ExcludeSrvRecord"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover\RedirectServers]
"autodiscover-s.outlook.com"=hex(0):
"autodiscover.outlook.com"=hex(0):
Still finds my Exchange 2007 CAS.
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2011 5:14pm
Here are the keys I'm currently using:
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeScpLookup"=dword:00000001
"PreferLocalXML"=dword:00000001
"ExcludeHttpRedirect"=dword:00000000
"ExcludeHttpsAutodiscoverDomain"=dword:00000001
"ExcludeHttpsRootDomain"=dword:00000001
"ExcludeSrvRecord"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover\RedirectServers]
"autodiscover-s.outlook.com"=hex(0):
"autodiscover.outlook.com"=hex(0):
Still finds my Exchange 2007 CAS.
August 18th, 2011 5:14pm
You do not have this value:
ExcludeSrvLookup"=dword:00000001
You are using a different method of redirecting. Ty adding the value above. Could you then do an Autodiscover test with Outlook. The log tab
will tell what is going on.
Figure 4: The results of testing the Autodiscover options in Outlook 2010
http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/exchange-autodiscover.htmlMCTS: Messaging | MCSE: S+M
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2011 5:42pm
You do not have this value:
ExcludeSrvLookup"=dword:00000001
You are using a different method of redirecting. Ty adding the value above. Could you then do an Autodiscover test with Outlook. The log tab
will tell what is going on.
Figure 4: The results of testing the Autodiscover options in Outlook 2010
http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/exchange-autodiscover.htmlMCTS: Messaging | MCSE: S+M
August 18th, 2011 5:42pm
I figured out the manual settings for Outlook. This will suffice until I can take down my CAS.
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2011 7:57pm
I also tried the manual settings for Outlook. At first this works great but the proxy-settings for exchange change after a while to the settings of the Exchange at the company.
Can you please give some details how you did the settings in the outlook? I now there is a way to disable the autodiscovery in Outlook though registry settings, but if possible I would like to keep that untouchted.
August 24th, 2011 9:44am
I also tried the manual settings for Outlook. At first this works great but the proxy-settings for exchange change after a while to the settings of the Exchange at the company.
Can you please give some details how you did the settings in the outlook? I now there is a way to disable the autodiscovery in Outlook though registry settings, but if possible I would like to keep that untouchted.
Free Windows Admin Tool Kit Click here and download it now
August 24th, 2011 9:44am
Here is the instruction sheet I gave to my team to set up all our users. I haven't seen any difficulty with the proxy settings so far but it's only been 6 days since we began using these settings.
August 24th, 2011 11:08am
Here is the instruction sheet I gave to my team to set up all our users. I haven't seen any difficulty with the proxy settings so far but it's only been 6 days since we began using these settings.
Free Windows Admin Tool Kit Click here and download it now
August 24th, 2011 11:08am
Thanks for your reply.
I didn't change any registry setting for outlook to disable autodiscovery, maybe this is the problem?
August 26th, 2011 6:06am
Thanks for your reply.
I didn't change any registry setting for outlook to disable autodiscovery, maybe this is the problem?
Free Windows Admin Tool Kit Click here and download it now
August 26th, 2011 6:06am
I only changed registry settings on one computer, the rest haven't been touched. Are you able to operate properly when not joined to the domain? That's where I'd start, that way you can check that your DNS settings are all properly set.
August 26th, 2011 10:10am
I only changed registry settings on one computer, the rest haven't been touched. Are you able to operate properly when not joined to the domain? That's where I'd start, that way you can check that your DNS settings are all properly set.
Free Windows Admin Tool Kit Click here and download it now
August 26th, 2011 10:10am
Thanks for the replies!
The solution was to change to domain on the Exchange Server (for SBS using the "connect to internet wizard (or something)).
After that I still had those Autodiscover problems, but it seems like when I deleted all the official SMTP emailaddresses from the account it started working :)
All accounts are now on Office365, en the Exchange On-Premises is disabled.
September 8th, 2011 4:31pm
Thanks for the replies!
The solution was to change to domain on the Exchange Server (for SBS using the "connect to internet wizard (or something)).
After that I still had those Autodiscover problems, but it seems like when I deleted all the official SMTP emailaddresses from the account it started working :)
All accounts are now on Office365, en the Exchange On-Premises is disabled.
Free Windows Admin Tool Kit Click here and download it now
September 8th, 2011 4:31pm
Hi Guys,
I am having the same problem as "rsparkman999" above.
I disabled the mailbox on local exchange(2010) server and let outlook autodiscover and it worked like a dream. But as soon as AD Sync takes place it removes the Alias address and changes the primary email address from the mailbox in office 365.
e.g before disabling "test" mailbox from local exchange server the email address is "test@companydomain.net" (on office 365) and after disabling "test" mailbox and running AD Sync tool, the
email address for "test" mailbox in office 365 changed to "test@contoso.onmicrosoft.com". And than autodiscover cannot find email address "test@companydomain.net"
.
(Before disabling the mailbox on local exchange server)I can configure outlook manually to connect to office 365 mailbox, but if i close outlook and re-open again it again changes the profile settings to local exchange server, so every morning i have to
jump on each PC to manually configure again.
The target address with in Attribute list(AD) is set to "
test@contoso.onmicrosoft.com ". Not sure if that needs changing ?
Please help.
Thanks
October 21st, 2011 5:15am
Hello Everyone i've got solution now :)
Don't need to remove or disable mailbox on-premises exchange server. I removed two attributes from the AD "homeMDB" and homeMTA", just clear these attributes with in user's properties. And outlook autodiscovers the office 365 mailbox just like a dream.
Hope that helps.
Regards
Free Windows Admin Tool Kit Click here and download it now
October 24th, 2011 10:22am
Hello Haseeb Dar,
where to remove these attributes? Could you explain this?
Regards
October 31st, 2011 5:34am
Hi,
I ran into the same problem. I came up with a work around but I’m not sure this is the correct approach.
First, with Outlook 2010 already installed I had to run the Set up and configure your Office desktop apps from Office 365. I’m not sure of all the configuration changes this makes but I know after you install it that it will allow
you to change the username field when trying to authenticate to Office 365 (will get back to that in a minute)
Second, from my domain joined computer where outlook was connected to my on premise exchange 2007 server mailbox, I setup a new outlook account, either from the control panel mail icon, or from within outlook (both worked) Note; doing from within your already
existing configured outlook allowed me to migrate my email from on-premise to office 365.
From Control Panel/Mail , I created profile name “Office 365”
In the next window it then auto discovered my on premise exchange mailbox email address
username@mycompany.ca (which in my case is the same as the office 365 email address
username@mycompany.ca )
I replaced the email address with the secondary domain email address that Microsoft office 365 created
username@mycompany.onmicrosoft.com. I did not put in password at this point and clicked next. It then searched for mailbox, a windows security mail application windows will pop up.
This is where I then replace username
username@mycompany.onmicrosoft.com with
username@mycompany.ca and put in my office 365 account password.
As mentioned above when I said I would get back to that in a minute, if you don’t run the
Set up and configure your Office desktop apps from Office 365. You will not have the option to replace the username from the windows security mail application windows.
It finishes configuration and you’re now connected.
Worth mentioning though that I’m still having some funky mail delivery issues with on-premise users with my imported “contacts” in outlook. The contacts work from office 365 web apps, but not from outlook. If I type the address everything
is fine, but using contacts or replying to on-premise users is giving me some grief. It’s a contact issue but I’m still unable to resolve it.
Free Windows Admin Tool Kit Click here and download it now
November 3rd, 2011 8:20am
Hi,
I ran into the same problem. I came up with a work around but I’m not sure this is the correct approach.
First, with Outlook 2010 already installed I had to run the Set up and configure your Office desktop apps from Office 365. I’m not sure of all the configuration changes this makes but I know after you install it that it will allow
you to change the username field when trying to authenticate to Office 365 (will get back to that in a minute)
Second, from my domain joined computer where outlook was connected to my on premise exchange 2007 server mailbox, I setup a new outlook account, either from the control panel mail icon, or from within outlook (both worked) Note; doing from within your already
existing configured outlook allowed me to migrate my email from on-premise to office 365.
From Control Panel/Mail , I created profile name “Office 365”
In the next window it then auto discovered my on premise exchange mailbox email address
username@mycompany.ca (which in my case is the same as the office 365 email address
username@mycompany.ca )
I replaced the email address with the secondary domain email address that Microsoft office 365 created
username@mycompany.onmicrosoft.com. I did not put in password at this point and clicked next. It then searched for mailbox, a windows security mail application windows will pop up.
This is where I then replace username
username@mycompany.onmicrosoft.com with
username@mycompany.ca and put in my office 365 account password.
As mentioned above when I said I would get back to that in a minute, if you don’t run the
Set up and configure your Office desktop apps from Office 365. You will not have the option to replace the username from the windows security mail application windows.
It finishes configuration and you’re now connected.
Worth mentioning though that I’m still having some funky mail delivery issues with on-premise users with my imported “contacts” in outlook. The contacts work from office 365 web apps, but not from outlook. If I type the address everything
is fine, but using contacts or replying to on-premise users is giving me some grief. It’s a contact issue but I’m still unable to resolve it.
November 3rd, 2011 8:20am
This fixed it for us! Thanks!!!!!
Free Windows Admin Tool Kit Click here and download it now
March 28th, 2012 11:38am
This fixed it for us! Thanks!!!!!
March 28th, 2012 11:38am
you will have to open ADSI edit (adsiedit.msc?). I am optimistic about your solution Haseeb. I have a cutover this weekend and hope to test autodiscover prior to decommissioning the old email server.
Free Windows Admin Tool Kit Click here and download it now
March 29th, 2012 6:50pm
you will have to open ADSI edit (adsiedit.msc?). I am optimistic about your solution Haseeb. I have a cutover this weekend and hope to test autodiscover prior to decommissioning the old email server.
March 29th, 2012 6:50pm
anonmon/haseeb, any issues worth noting with this approach? I have just done it to one of my accounts and it seems to be working well.
Free Windows Admin Tool Kit Click here and download it now
July 15th, 2012 7:10pm
One issue I would note with clearing the homeMDB and homeMTA attributes is that it will prevent you from getting back into exchange after you create the cloud profile (if you need to do that).
For me, I go into adsiedit.msc, navigate to the user and copy the homeMDB and homeMTA attributes to a text file.
Then I clear the homeMDB and homeMTA attributes. Then I set up a new profile and it will autodiscover outlook.com.
Then I paste the homeMDB and homeMTA attributes back in for the user so their original exchange profile will work as well.
I did this way so that the user could migrate their own email over by using the import/export feature in Outlook 2007/2010 because I could only get IMAP migration to work and that wouldn't bring over Calendar or task info.
July 20th, 2012 1:42pm
You could also set the "mail" AD attribute, to be the <user>@<domain>.onmicrosoft.com address (matching the value of the
"targetAddress" attribute). Autodiscover will return values valid for the cloud mailbox, based on the
"mail" attribute.
Free Windows Admin Tool Kit Click here and download it now
August 14th, 2012 10:55pm