After installing and configuring Exchange 2016, setting up URLs is another important step. Exchange 2016 use IIS web virtual directories to provide various Exchange services. These virtual directories have different URLs and can be same or different for internal and external users depending upon installation scenario. In this post, I will show steps to configure external and internal URL in Exchange 2016.
Configure External and Internal URL in Exchange 2016
Before you start URL configuration, you need to plan what domain names you will use to access Exchange services from inside the network and from the Internet. The diagram below shows very simple Exchange deployment. We have split-DNS where internal users hit internal DNS server and external (Internet) users hit external DNS (example GoDaddy DNS) servers. Here, internal domain is mustbegeek.com (root domain of AD forest). So, for internal users the domain name to access outlook on the web can be mail.mustbegeek.com and we can use same domain name for Internet users as well. Add CNAME record for mail.mustbegeek.com domain name in both internal and external DNS server. Similarly, add MX record for mustbegeek.com domain in external DNS server using control panel of hosting provider (example GoDaddy). You can perform NAT (Network Address Translation) on the router to translate required public IP and ports to MBG-EX01 host.
Important virtual directories are, OWA, activesync, autodiscover, ECP and outlook anywhere. You can view all the virtual directories in Internet Information Services (IIS) as shown below.
Exchange 2016 consists of two roles, Mailbox and Edge Transport role. Mailbox role has three service, client access service, transport serviceand mailbox service. Client access service is also called front end and transport and mailbox service is called back end. As you can see above, there are two websites, Default Web Site and Exchange Back End. Default Web Site corresponds to client access service (Front End) and Exchange Back End corresponds to mailbox service (Back End).
So, here I will configure single domain mail.mustbegeek.com to access various Exchange services. For example, https://mail.mustbegeek.com/owa to access outlook on the web from internal and external network. Similarly, https://mail.mustbegeek.com/ecp to access Exchange Admin Center from internal and external network. We will use same domain name for other Exchange services as well, like EWS, ActiveSync, etc.
Logon to Exchange Admin Center(EAC). Click servers in the features pane. Select virtual directories tab. Here you can configure URL of various virtual directories.
Step 1: Outlook Web Access
Outlook web access virtual directory is used to access outlook on the web service of Exchange 2016. To configure URL of OWA double-click owa (Default Web Site).
In the general page, type https://mail.mustbegeek.com/owa for both Internal and External URL as shown above. Click save. Users will now have to type https://mail.mustbegeek.com/owa in their browsers to access outlook on the web.
Step 2: Exchange Control Panel
Exchange Control Panel virtual directory is used to access Exchange Admin Center to manage Exchange server. Double-click ecp(Default Web Site).
Configure internal and external URL. Administrators now need to type https://mail.mustbegeek.com/ecp to access Exchange Admin Center.
Step 3: ActiveSync
ActiveSync is used by mobile phones to send and receive emails, calendar info, etc. Double-click Microsoft-Server-ActiveSync(Default Web Site).
Type https://mail.mustbegeek.com/Microsoft-Server-ActiveSync for both internal and external URL. Click save.
Step 4: Offline Address Book (OAB)
OAB virtual directory is used by outlook clients in cache mode to download address lists so that they can browse address lists even when they are not connected to Exchange server. Double-click OAB (Default Web Site).
Configure external and internal URLs. Type https://mail.mustbegeek.com/OAB for both URLs. Click save.
Step 5: Exchange Web Services (EWS)
EWS virtual directory provides many services like service availability, calendar sharing, automatic reply, mail tips etc. Double-click EWS (Default Web Site).
Type https://mail.mustbegeek.com/EWS/Exchange.asmx for both external and internal URL. Click save.
Step 6: Outlook Anywhere
Exchange 2016 uses MAPI over HTTP protocol by default. Outlook Anywhere (RPC over HTTP) is now fallback method and is used if clients doesn’t support MAPI over HTTP. Outlook anywhere is used by office outlook to connect to Exchange server directly from Internet. Click servers tab. Double-click server from the list. Click Outlook Anywhere from the page.
Type mail.mustbegeek.com for both internal and external. Click save.
Step 7: MAPI over HTTP
MAPI over HTTP was introduced in Exchange 2013 SP1. It is now default protocol and enabled by default in Exchange 2016. You can configure URL for MAPI over HTTP using Exchange Management Shell (EMS) only. Open EMS and type following cmdlet to set external and internal URL for MAPI virtual directory.
[PS] C:\> Set-MapiVirtualDirectory -Identity "MBG-EX01\mapi (Default Web Site)" -InternalUrl https://mail.mustbegeek.com/mapi -ExternalUrl https://mail.mustbegeek.com/mapi -IISAuthenticationMethods Negotiate
To verify MAPI URLs type following cmdlet in EMS as shown below,
[PS] C:\>Get-MapiVirtualDirectory -Identity "MBG-EX01\mapi (Default Web Site)" | fl server, internalurl, externalurl
To verify if MAPI is actually enabled. Type, Get-OrganizationConfig | fl *mapi*
Step 8: Auto Discover
Auto Discover virtual directory lets Outlook application to discover mailbox settings automatically so that users don’t have to deal with manual configuration of advanced settings of Outlook. Auto Discover feature automatically discovers mailbox settings and setup Outlook. This feature also works for mobile phones. In Exchange 2016, you can configure SCP for AutoDiscover virtual directory from Exchange Management Shell (EMS). The command below will update SCP (Service Connection Point) object. SCP is active directory object and is used by internal domain-joined clients to retrieve autodiscover URL.
[PS] C:\Windows\system32>Set-ClientAccessService -Identity MBG-EX01 -AutoDiscoverServiceInternalUri https://autodiscover.mustbegeek.com/Autodiscover/Autodiscover.xml
To verify the URL type following command in Exchange Management Shell.
[PS] C:\Windows\system32>Get-ClientAccessService | fl AutoDiscoverServiceInternalUri AutoDiscoverServiceInternalUri : https://autodiscover.mustbegeek.com/Autodiscover/Autodiscover.xml
For external clients you don’t have to configure autodiscover URL as they will try different autodiscover URLs based on combination of user’s email address. In this way you can configure URL for various virtual directories. You can now configure digital certificate and setup HTTP to HTTPS redirection.