Disable AutoDiscover feature in Outlook 2010 in co-existence scenario (Office 365)


To totally unlock this section you need to Log-in


Login

During a migration from a "legacy" Exchange infrastructure, like Exchange 2007 or Exchange 2010, to Exchange Online (Office 365) you'll have to reconfigure Outlook 2010/2013 on several clients.

In a Windows domain scenario, if we migrate a user, in Outlook, on Office 365 mail services, we could have a boring issue: Outlook will try to connect, continuosly, on the old legacy mail server because of the AutoDiscover service, that analyze your Windows domain, then it'll check the AutoDiscover SVR record on the public DNS server, or with SCP property in in LAN environment, and then it'll try to reconfigure Outlook with the old settings (pre-migration).

This behaviour will lead us to have Outlook's clients to keep searching and asking users for "right credentials", even if they're already logged on Office 365 service with Outlook 2010/2013.

To address this issue a good solution is to disable AutoDiscover on Outlook 2010. Unfortunately there's no easy option on Outlook to disable this feature.

Obviously we can't disable AutoDiscover for all users in this scenario because there're even not-migrated-yet users and they can use AutoDiscover with no problem.

Instead, we'll have to disable, through a simple .reg file, this feature on every single migrated user.

The procedure

To disable AutoDiscover completely, on Internet and Active Directory sceario, we could use the following .reg file:

Windows Registry Editor Version 5.00


[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeSCPLookup"=dword:1
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeHttpRedirect"=dword:1
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeHttpsAutodiscoverDomain"=dword:1
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeHttpsRootDomain"=dword:1
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\AutoDiscover]
"ExcludeSrvRecord"=dword:1

There are other really interesting things you can do with the registry to tune and alter the default behaviour of Autodiscover on the Outlook client machine.

The registry key for Outlook 2007 is:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Outlook\AutoDiscover

The registry key for Outlook 2010 is:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\Outlook\AutoDiscover

By changing the values below you alter the default behaviour of Autodiscover. The names of the registry keys are fairly explanatory.

Value name: PreferLocalXML
Value type: DWORD
Value data: 0 or 1

Value name: ZeroConfigExchange
Value type: DWORD
Value data: 0 or 1

Value name: DisableAutoStartup
Value type: DWORD
Value data: 0 or 1

Value name: ExcludeHttpRedirect
Value type: DWORD
Value data: 0 or 1

Value name: ExcludeHttpsAutodiscoverDomain
Value type: DWORD
Value data: 0 or 1

Value name: ExcludeHttpsRootDomain
Value type: DWORD
Value data: 0 or 1

Value name: ExcludeScpLookup
Value type: DWORD
Value data: 0 or 1

Value name: ExcludeSrvRecord
Value type: DWORD
Value data: 0 or 1

Autodiscover On The LAN

If your workstation is domain joined and you are connected to the internal network you should NOT be using DNS to determine which server you will contact for Autodiscover; this is a very common falsehood. In actual fact you should be leveraging a Service Connection Point (SCP) in AD.

The SCP is published into AD when a CAS server is installed. This is done automatically by the Exchange server setup routine.

You can see the value in ADSIEDIT as the serviceBindingInformation attribute and in PowerShell using the command (with parameter):

Get-ClientAccessServer –AutoDiscoverServiceInternalUri

By default this will be the FQDN of the server. This should be changed to a Load Balanced URL as per your Exchange design to achieve high availability (HA).

To show this in a diagram:

Disable AutoDiscover feature in Outlook 2010 in co-existence scenario (Office 365)

Disable AutoDiscover feature in Outlook 2010 in co-existence scenario (Office 365)

Outlook will build either (but not both) a list of CAS servers in-site or out of site. The AutodiscoverSiteScope value is used to determine site membership. It will then date sort these and connect to the 1st one in the list. This means that you will typically connect to the CAS that was installed first.

If Outlook fails to contact any CAS server based off its SCP look-up then it will fall back to DNS.

Autodiscover On The Internet

For external Outlook clients, these are not able to directly contact AD (at least I sure hope that you don’t have a DC exposing 389 TCP to the Internet) and thus will use DNS to locate the Autodiscover endpoint. This is illustrated here:

Disable AutoDiscover feature in Outlook 2010 in co-existence scenario (Office 365)

Disable AutoDiscover feature in Outlook 2010 in co-existence scenario (Office 365)

Download

NOTE: this download is available only for registered and logged on users. Sorry.

[wpfilebase tag="file" id=146 /]