Exchange Server 2007 introduced a new feature called Autodiscover, and this feature also exists in Exchange Server 2010.
Autodiscover is a web service running on Client Access servers that, as the name suggests, allows compatible client software to automatically discover a user’s mailbox settings by looking them up in Active Directory.
But first the client needs to locate a Client Access server to connect to for Autodiscover requests. Internal clients (eg Outlook 2007/2010 running on domain-joined workstations) perform a lookup in Active Directory for which Client Access servers have an Autodiscover Site Scope configured for the Active Directory Site they are currently located in.
If the client can’t determine which Site it is in (eg the subnet is not defined as one of the Site boundaries), or there is no Client Access server explicitly configured for that Site, then the client chooses a Client Access server at random.
The risk here is that the client will choose a Client Access server that is not the most ideal one in terms of bandwidth and latency. To resolve this you can configure what is referred to as “site affinity” by setting the Autodiscover Site Scope on Client Access servers. This makes sure that clients will connect to the closest Autodiscover instance.
You can see the current Autodiscover Site Scope for all of your Client Access servers by running this command in the Exchange Management Shell.
[PS] C:\>Get-ClientAccessServer | ft name,autodiscoversitescope Name AutoDiscoverSiteScope ---- --------------------- AUSYDEXC01 {au-Sydney} USNYCEXC01 {us-NewYork} EULONEXC01 {eu-London}
Let’s say for example there is another AD Site of au-Brisbane and users there connect to mailboxes hosted in the au-Sydney site. When these Brisbane Outlook 2007/2010 clients look for an Autodiscover server to connect to it is possible they will choose the New York or London server which have a slower connection over the WAN.
To add the au-Brisbane site to the Autodiscover Site Scope of the Sydney Client Access server we can run the following commands. Because this is a multi-value attribute we have to specify all of the sites in scope, not just the one that is being added. If this was a long list of sites it would be tedious to type out manually, so instead we can first retrieve the current list of sites into an array.
[PS] C:\>$sitescope = (Get-ClientAccessServer AUSYDEXC01).autodiscoversitescope [PS] C:\>$sitescope au-Sydney
Next we add the new site to the array.
[PS] C:\>$sitescope += "au-Brisbane" [PS] C:\>$sitescope au-Sydney au-Brisbane
Finally we update the Client Access server with the new site scope settings.
[PS] C:\>Set-ClientAccessServer AUSYDEXC01 -AutoDiscoverSiteScope $sitescope
If there were multiple Client Access servers in the au-Sydney site we could update them all at once with the following commands.
[PS] C:\>$sydneycas = Get-ExchangeServer | where {$_.Site -like "*au-Sydney" -AND $_.IsClientAccessServer -eq $true} [PS] C:\>$sydneycas | Set-ClientAccessServer -AutoDiscoverSiteScope $scope
You can see the result of the change by retrieving the site scopes again.
[PS] C:\>Get-ClientAccessServer | ft name,autodiscoversitescope Name AutoDiscoverSiteScope ---- --------------------- AUSYDEXC01 {au-Brisbane,au-Sydney} USNYCEXC01 {us-NewYork} EULONEXC01 {eu-London}
Note that Outlook clients will connect to Autodiscover using SSL so you must correctly configure an SSL certificate for the Client Access servers.
Hi Paul,
thanks for the great explanation,just to confirm that I got the point we have 2 cases where the outlookclient can choose a random Client access server wich is not belonging to the real outlookclient’s site
assuming that we have the following sites
au-Brisbane
{au-Sydney}
{us-NewYork}
{eu-London}
1- the site boundries are not defined (you mean by that there is no site explicity defined for au-Brisbane in active directorty sites and services. so that the outlookclient itself can not determine it belongs to which site,as the client computer knows the site it is in using netlogon service . so here the computer client doesn’t know to which site it belongs therefore ,it will make ldap request to the active directory to get the scp(service connection point) that includes the keyword attributes which defines the siteof the cas server who made this scp and outlook client can’t compare the site he got from the scp to his own site as the client already doesn’t know its site.
2- the second case where the outlook-client knows the site it belongs to for example the client belongs to “au-Brisbane” and this site is defined in active directory sites and services, but there is no client Access server have an Autodiscover Site Scope configured explicitly for “au-Brisbane” so that will force the client to select rondom Client access server.
I’m am so glad this is still here after 11 years. This is just what I was looking for.
Thank you.
What happens if you have 3rd site that doesn’t have Exchange server in its side, so you set a preferred Autodiscover site-scope to one of the sites but that site becomes unavailable due to a power down, if the 3rd sites affinity isn’t available does it fail-back to picking a random Exchange again ?
Pingback: Outlook profile doesn't resolve via Autodiscover for user mailbox moved to Office 365 - Michael O'Donovan's Office 365 World - Site Home - MSDN Blogs
Pingback: Exchange 2010 to 2013 Migration - Reviewing Autodiscover Configuration
Hi Paul,
Thanks for the awesome info.
How about connections via internet? External Auto-discover points to internet facing CAS, how can it determine which site to point to? and what happens when the DAG comes in play? Unfortunately, I don’t have a CAS array.
Cheers
Hi Paul,
When I check the autodiscovery site scope (Get-ClientAccessServer | ft name,autodiscoversitescope) it lists an old site for both our CAS Servers.
We used to have only 1 site, now we’re having 2 new sites, the old one was never removed by our IT contracter.
I’m I correct to use the following command to change the autodiscoversitescope for our 2 CAS servers ?
Set-ClientAccessServer -Identity “SERVERNAME” -AutoDiscoverSiteScope “SITENAME”
Or are there other things I need to do aswell ??
Regards
Misha
If you run that command then only “SITENAME” will be included.
If you have multiple sites you just need to entire them together with a comma separator, eg “SITENAME1,SITENAME2”
Thanks Paul for the quick response.
We have one CAS server at each site, sites are named Almere & Arnhem.
Set-ClientAccessServer -Identity “CASSERVER1” -AutoDiscoverSiteScope “Almere”
Set-ClientAccessServer -Identity “CASSERVER2” -AutoDiscoverSiteScope “Arnhem”
The Almere site is the primary site.
Regards Misha
Very useful, thanks!
Tried the same $sitescope.Remove(“au-Brisbane”) again and it works.. Thanks for the help..
Ok great!
Is this article applies to E2k7 too ?
To add the site we use [PS] C:\>$sitescope += “au-Brisbane”
how can we remove the site ?? what is the command for it ..
Use -= instead.
[PS] C:Windowssystem32>$sitescope -= “au-Brisbane”
Method invocation failed because [System.Object[]] doesn’t contain a method named ‘op_Subtraction’
At line:1 char:14
+ $sitescope -= <<<< "au-Brisbane"
+ CategoryInfo : InvalidOperation: (op_Subtraction:String) [], RuntimeException
+ FullyQualifiedErrorId : MethodNotFound
Doesn't work..
Sorry, try the .Remove method for the array.
Eg, $sitescope.Remove(“au-Brisbane”)
[PS] C:Windowssystem32>$sitescope.Remove(“au-Brisbane”)
Method invocation failed because [System.Object[]] doesn’t contain a method named ‘Remove’.
At line:1 char:18
+ $sitescope.Remove <<<$sitescope .Remove(“au-Brisbane”)
Unexpected token ‘.Remove’ in expression or statement.
At line:1 char:19
+ $sitescope .Remove <<<< ("au-Brisbane")
+ CategoryInfo : ParserError: (.Remove:String) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnexpectedToken
:((
You need to quote them within the brackets:
$sitescope -= (“au-Brisbane”)
Blah.
That diagram should read:
Forest B
– Site 1 (CAS 1B)
Sorry for the confusion.
Hi Paul –
Very helpful article. Is it possible to add sites from another forest to the autodiscover site scope? I have servers and clients in a remote forest (trusted) that are trying to access CAS servers in the local forest, but they’re picking CAS servers at random, which is causing problems.
Here is my configuration:
Forest A
– Site 1 (CAS 1a)
– Site 2 (CAS 2a)
Forest B
– Site 1 (CAS 1a)
Site to site VPN only connects Forest A Site 1 with Forest B Site 1
So the CAS in Forest B is trying to connect to CAS 2a, which fails because it’s not reachable on the network. I want to add Forest B Site 1 to the site scope of CAS 1a, forcing clients and servers in Forest B to connect only to CAS 1a.
Thanks!
Hi Nick, I’m not personally familiar with the process but it looks like this whitepaper includes some details on how to configure Autodiscover for multiple forests.
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx
Very good article.. thanks for the information.
Pingback: Modifying Autodiscover Site Scope for Exchange 2010 « JC’s Blog-O-Gibberish