Outlook Anywhere with Additonal UPN suffix

Posted by robd on February 03, 2015
Active Directory Sites and Services, exchange 2010

So today we had a requirement to start using Outlook Anywhere (Outlook over RPC) on our Exchange 2010 server, the setup is dead easy:

Logon to your CAS server,

Install the server feature “RPC over HTTP Proxy”,

Open the Exchange Management consol and go to Server Configuration and Client Access, Click Enable Outlook Anywhere,

Use your domain (you dont need HTTP/S), choose your authentication and if you need to offload your certificate to another server:

Website1

Thats the Exchange bit done.

Next change your DNS:

Locally and externally you need two things; an A record and a SRV record both need to point at Autodicsover.DOMAIN.ORG, here’s two examples from 123 reg:

Website2 Website3

Finally make sure 443 is allow through your Firewall.

Last but not least test with:

https://testconnectivity.microsoft.com

Ok so now onto the UPN bit, in my case my email differed from my domain i.e. my domain is bohemian.local and my email domain is bohemiangrove.co.uk.

What this means is when logging on via Outlook I get prompted to type domain and password:

hmsg1hmsg2 hmsg4

If you’d rather not do this then you need to add your email domain as a UPN suffix.

To do this, on a DC open: Active Directory Domains and Trusts

rom the displayed context menu, click Properties.

1

On the properties box that appears, in the Alternative UPN suffixes field, specify the desired alternate UPN suffix for the domain and click Add.

2

Apply and ok. Finally open Active Directory Users and Computer

Find a user and under User logon name section, choose the alternate UPN suffix from the drop-down list that was created earlier in Active Directory Domains and Trusts snapin.

3

 

Then test Outlook Anywhere using the users email as the username.

 

Tags: , ,

1 Comment to Outlook Anywhere with Additonal UPN suffix

  • I’ve been scratching my head for some hours now wondering why the microsoft connection analyser works, but my outlook keeps prompting me for a password. I don’t know why I didn’t try the domain\user combination, but as soon as I did it just fired up, without the need for VPN. I’ve also added my external domain to the trusted domains like you say and changed the users login. Thank you for writing this. Very simple when you know how.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.