Outlook’s Autodiscover Redirect Limit – Hybrid Autodiscover Breaking for Exchange Online Mailboxes / Remote On-Premises Mailboxes

Scenario:  After introducing additional Exchange On-Premises servers, we noticed that Autodiscover stopped working for our Exchange Online Hybrid mailboxes that were on computers internal to the domain. Using the ‘Test E-mail AutoConfiguration’ feature in Outlook, it would fail after the SCP/DNS autodiscover lookup.

Reason:  Outlook has an Autodiscover Redirect limit of 8-10 responses.  Being we had more than 10 servers in our Exchange Infrastructure, once it hit the response limit from each SCP lookup for each server, it would then fail all redirects thereafter. You do not need 100 SCP Failures if its going to fail after the first 10 servers.

Solution:  You can reduce the number of SCP lookup’s by performing any of the following.

  1. Set the AutoDiscoverSiteScope value on each Exchange server so it only serves requests for each  AD Site via the following command:  Set-ClientAccessServer ExSrv1 -autodiscoversitescope NewYork   (Or a combination NewYork,Baltimore,Tampa)
  2. Set the AutoDiscoverSiteScope to $null so it does not participate in SCP lookups via the following command: Set-ClientAccessServer ExSrv1 -AutodiscoverSiteScope $null
  3. Set the AutoDiscoverServiceInternalURI to $null so it does not participate in SCP lookups via the following command: Set-ClientAccessServer ExSrv1 -AutodiscoverServiceInternalURI $null



Exchange 2010 is no longer connecting with Outlook Anywhere

Scenario: After the installation of additional Exchange 2013 servers​, we noticed that Outlook Anywhere is broke in our Exchange 2010 environment. The Exchange 2013 environment and mailboxes are unaffected by the connection problems, but the Exchange 2010 mailboxes cannot use Outlook Anywhere. Ex2010 mailboxes have to make a connection directly to the CAS Array or connect via other protocols as workarounds.


◦We are seeing 503 HTTP Statuses (Service Unavailable) in the Ex2013 IIS logs when trying to connect to Exchange 2010 for Outlook Anywhere.

◦Outlook Clients either cannot establish a Outlook Anywhere connection, or their connection failback’s to a standard TCP connection.

◦Exchange 2013 mailboxes may have problems connecting to Public Folders on Exchange 2010 via Outlook.

◦Running the powershell command below fails when trying to get a referral and gives a 0x0000006BA or 0x6Ba error:

test-outlookconnectivity -protocols HTTP -credential $mycreds -verbose

◦Using the following command, you are unable to make a connection to ports 6001, 6002, and 6004.

rpcping -t ncacn_http -o RpcProxy=mail.domain.com -P “user,domain,password” -H 1 -F 3 -a connect -u 9 -v 3 -s casarray.domain.com -I “user,domain,password” -e 6001


Cause:  Ex2010 has a limit of servers that can be entered into a ServerFarm value in the Registry.   The addition of the new Ex2013 servers took us over the 64 server limit. When this happened, Outlook Anywhere (RPC/HTTP) in Ex2010 broke. Troubleshooting various symptoms pointed to different areas of Exchange that could be the cause of this behavior.  Later it was discovered that it was a bug confirmed by Microsoft. The real kicker of this ‘bug’ is that the Exchange 2013 servers, regardless if their frontend (CAS) or backend (MBX) servers, gets populated in this Ex 2010 key because of the Ex2013 architectural differences.


2 Resolutions:

1. Microsoft has an IU (interium update) for Exchange 2010 to fix this issue. You just need to remove this IU before you proceed with other installs. Supposedly this issue will be fixed in Exchange 2010 RU9 for SP3.   This was our fix


2. You can edit the registry manually. Note this worked for us for a while, but we did have problems with this and resorted to the IU method. Regardless , this method may get you by for a little while:

Turn the Polling for the RPCHttpConfigurator off by going setting the PeriodicPollingMinutes to 0:


Manually remove the Exchange 2013 servers from the ServerFarm Registry Key to take the number of entries below 64:


Configuring Message rules for a shared Mailbox

Configuring message rules for a shared mailbox

Scenario: How do I access a shared mailbox and change a rule.  I do have admin rights and full access to this mailbox but when I do a file > open> and try to change the rules, it reverts back to my primary mailbox rules.

Note: Exchange 2010 users cannot modify rules for mailboxes in Exchange 2013, and vice versa

There are several methods to get this to work:

Method 1: Outlook 2010 or Outlook 2013

Configuring Message rules for a shared Mailbox/Service Mailbox

If you are using Outlook 2010 or Outlook 2013 and either have been granted Full Access permissions to the mailbox or have been provided separate credentials for it, then you can also configure this shared mailbox as an additional Exchange account or add it as a secondary mailbox of your own.

How to add an additional mailbox in Outlook 2010:


How to add an additional mailbox in Outlook 2013


Once the mailbox has been added, select its Inbox folder and add the rule as you would normally do for your own mailbox.

Method 2: Outlook Web App

When you have been granted Full Access permissions, then you can log on with your own username and password and click on your own name in the top-right corner to get to the option of opening another mailbox.

If you haven’t been granted Full Access permissions but do have separate log on credentials for the additional mailbox, you can use that to log on.

Once logged in, you can create a message rule in the following way:

    For OWA 2013:
    Gears icon (right side of your name)-> Options-> Organize email

    For OWA 2010:
    Options (below your name)-> Create an Inbox Rule…

How to Get OutlookAnywhere Configuration Settings from ActiveDirectory

When you type get-outlookanywhere settings, the settings are typically retried from CAS servers. However, those settings can also be retrieved directly from active directory and usually faster than retrieving from CAS servers. To do that, use this PowerShell one liner:

get-outlookanywhere -ADPropertiesOnly | fl identity, *auth*, *hostname

That command will display server name, client authentication method, iisauthentication method and external/internal hostnames

Customer can’t connect with Outlook Anywhere

Issue: Customer can’t connect with Outlook Anywhere from home without VPN
Synopsis: Customer was running Outlook 2007 with SP2. All the settings were right
Resolution: had TMG folks run URL test for the mobile 2010 CAS farm and found 3 EB servers that failed on OAB and RPC urls. The 3 servers were removed from the pool and problem was resolved