Wednesday 27 May 2015

Microsoft Exchange Autodiscover Process Flow

I think the actual process of how the autodiscover process is often overlooked - simply because "it just works", by adding an A or CNAME such as autodiscover.domain.com and pointing it to our mailbox server the process is done.

Although a client - whether it be an activesync device or an Outlook client firstly looks for the autodiscover configuration in the following order:

- Firstly tries POST request to: https://domain.com/Autodiscover/Autodiscover.xml
- If fails tries POST request to: https://autodiscover.domain.com/Autodiscover/Autodiscover.xml
- If fails tries GET request (to check for a redirect): http://autodiscover.domain.com/Autodiscover/Autodiscover.xml
- If fails tries a DNS SRV lookup on: autodiscover.tcp.example.org which returns mail.domain.com
- Proceeds by sending POST to: https://mail.domain.com/autodiscover/autodiscover.xml
- POST Request is successful.

Benifits of using a SRV record instead of an A or CNAME record are that you do not have to have a dedicated IP / SSL certficate for the autodiscover subdomain - but on the other hand using a SAN certifcate should mitigate this problem in the first place.

0 comments:

Post a Comment