Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
DM-AVAL

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 71
Reply with quote  #1 

Another Office 365 question, this one concerning domain names and client access urls.

---

We currently use the following (and obviously modified) domain names / urls for Exchange client access:

  • mail.abc.cc
  • autodiscover.abc.cc
  • outlook.abc.cc (for Exchange 2010 CAS array - not resolvable from the Internet per best practices)

In fact, this domain is not resolvable at all from the Internet in general.

That's right.

Internal use only (although it is a valid top-level domain (not .local or .private)).

You have to connect to the internal network via multiple forms of authentication and only then can you access your virtual desktop (and Outlook in particular).

Web access (OWA) is not used (internally or externally).

Mobile devices are managed with 3rd party software which I will not address in this post.


So... how do we receive email if the domain "abc.cc" is not resolvable?

We use domain name "xyz.org" which is associated with MX/A records for mail delivery.


---

The (gradual) move to Office 365 requires us to use a domain name that can be resolved externally so we will use our xyz.org domain.

Internally, we have added a UPN suffix for xyz.org so users can logon as some.one@xyz.org as well as the pre-Window 2000 logon: abc\jdoe


As for Exchange client access, I am planning to use the following urls:

mail.xyz.org
autodiscover.xyz.org

We would add these names to our SSL certificate (in fact, obtain a NEW SSL certificate with the additional names).

I would then make these the external url in OWA (etc.) although it will be a moot point for OWA - unused -but maybe necessary for Exchange Web Services depending how that all interacts with Office 365.


What about Outlook Anywhere?

I'm thinking of simply using: mail.xyz.org

Exchange 2016 apparently allows us to specify a different internal and external url (like OWA) but with Exchange 2010 this is not the case.


Does that make sense? Look doable?

I understand there's much more to do (ensure communication between O365 and on-premises via our firewall) but for now I just wanted to run the url choice by the
forum embers to see if I was not overlooking something.

0
donoli

Senior Member
Registered:
Posts: 522
Reply with quote  #2 
Quote:
In fact, this domain is not resolvable at all from the Internet in general.


Not exactly. If you are actually using cc.com, it resolved to an IP address although there was no response.

PING cc.com (216.87.148.114) 56(84) bytes of data.
^C
--- cc.com ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6066ms



0
DM-AVAL

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 71
Reply with quote  #3 
In fact, my example is "abc.cc":

C:\Users\Me>ping abc.cc
Ping request could not find host abc.cc. Please check the name and try again.

Regardless, it's a modified (and fictitious) domain name. It more or less reflects my production environment (along with xyz.org) without revealing the exact domain names.

0
donoli

Senior Member
Registered:
Posts: 522
Reply with quote  #4 
Sorry, I read it wrong.
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 825
Reply with quote  #5 
It doesn't really matter oddly enough right now.
You have an internal domain name for email inside.
You have an external domain name.
For O365 you will gave to expose a website on exchange to O365 for cutover/ hybrid.
But you lock down access on the IP's

Of course future mobile device access will need to be security cignicent so look at 2FA possibly with Azure AD Premium if your current solution isn't O365 aware.

Hope I answered all...


__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.