Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-05-30

This topic explains how to configure the Autodiscover service for Internet-based access on a Microsoft Exchange Server 2007 computer that has the Client Access server role installed.

If you have deployed Exchange 2007 in your messaging environment, you can let the Autodiscover service automatically configure Microsoft Office Outlook 2007 clients for features such as the Availability service, Unified Messaging, and Outlook Anywhere. If you plan to allow external access to the Autodiscover service for Outlook 2007 clients that connect from the Internet, you must configure a valid Secure Sockets Layer (SSL) certificate from a certification authority (CA) that is trusted by the client computer's operating system.

Configuring Internet Access to the Autodiscover Service

We recommend that you host the Autodiscover service on a separate site if you manage a Web site that is frequently visited and that hosts your e-mail traffic. To allow external access to the Autodiscover service for Outlook 2007 clients that are connected from the Internet, we recommend that you follow these steps in order.

You must use one IP address per site.
  1. (Optional) Configure a separate site on a Client Access computer to host the Autodiscover service   You can create a separate site to host Autodiscover service traffic by using the New-AutodiscoverVirtualDirectory cmdlet. This optional step is recommended if the Simple Mail Transfer Protocol (SMTP) address domain is the same as the corporate Web site address and your corporate Web site is frequently visited. For example, if the company Web site is, the e-mail SMTP domain is, and the company Web site ( is frequently visited, we recommend that you create a separate site and host the Autodiscover service on For more information, see How to Create a New Autodiscover Service Virtual Directory.

  2. (Required) Configure a valid SSL certificate   Configure a valid SSL certificate from a CA that the client computer trusts. If you have decided to host the Autodiscover service on a separate site, see How to Configure SSL Certificates to Use Multiple Client Access Server Host Names.

  3. (Optional) Update the SCP Object   If you have created an additional IIS site for the Autodiscover service, you must update the service connection point (SCP) object in the Active Directory directory service to specify to which Client Access server and Autodiscover virtual directory you want clients to connect. For more information about SCP objects, see Publishing with Service Connection Points.

After you have completed these steps, you should configure the firewall for the address space and configure the SSL certificate for the Autodiscover service.

The following procedures explain how to create an Autodiscover virtual directory for a new Web site.

Before You Begin

To perform the following procedure, the account you use must be delegated Exchange Server Administrator role and membership in the local Administrators group for the target server. 

For more information about permissions, delegating roles, and the rights that are required to administer Exchange Server 2007, see Permission Considerations.


To use the Exchange Management Shell to configure a new Web site for the Autodiscover service

  1. If you have not already done this, create a new Web site for the Autodiscover service by using Internet Information Services (IIS) Manager.

  2. Create a new Autodiscover virtual directory in IIS for the Autodiscover service by running the following command:

    Copy Code
    New-AutodiscoverVirtualDirectory -Websitename <websitename> -BasicAuthentication:$true -WindowsAuthentication:$true
    A Web site that uses SSL requires that you use a unique IP address.
  3. Configure a trusted third-party SSL certificate on the Autodiscover service Web site.

For more information about syntax and parameters, see New-AutodiscoverVirtualDirectory.

For More Information

For more information about the Autodiscover service, see the following topics: