Hi MS, I just installed 2 EXchange 2016 CU20
Domain local: nvp.lab
Domain Public: nvp.vn
EX1.nvp.lab: 10.10.10.1 (Databases: DB1)
EX2.nvp.lab: 10.10.10.2 (Database: DB2)
I configured Ex1, SCP:
Get-ClientAccessService -identity EX1 | Set-ClientAccessService -AutoDiscoverServiceInternalUri https://autodiscover.nvp.vn/Autodiscover/Autodiscover.xml
Get-ClientAccessService -identity EX2 | Set-ClientAccessService -AutoDiscoverServiceInternalUri https://autodiscover.nvp.vn/Autodiscover/Autodiscover.xml
DNS local config : Autodiscover-> 10.10.10.1
I have user U1-> Belongs to DB1 of EX01 currently I am configuring only 1 server ex01, virtual Directory, owa, SCP,.. ex02 not yet
My CA public configuration ok My problem with domain local join machine when running MS outlook user u1 pop up CA SSL connection of Server EX02.nvp.lab saying do not trust. Apparently u1 on DB01 of Ex01 but reported server Ex02. As shown below. 
My question is how to configure SCP, Autodiscover for 2 servers ex01, ex02 so that there is no error.
1/ SCP both Ex01, ex02 are audiscover.nvp.vn and point to 2 ips of 2 hosts (autodiscover.nvp.vn -> 10.10.10.1/2) and has the form https://autodiscover.nvp.vn/Autodiscover/Autodiscover.xml
2/ SCP Ex01: https://autodiscover-ex1.nvp.vn/Autodiscover/Autodiscover.xml and SCP Ex02: https://autodiscover-ex2.nvp.vn/Autodiscover/Autodiscover.xml
Should I configure to 1 or 2 and Mail also created 2 records because of preparing more classes for the upcoming DAG
mail.nvp.vn-> ip1 EX01
mail.nvp.vn->ip2 EX02
or mail1.nvp.vn->ip1 EX01
mail2.nvp.vn->ip2 EX02
Thanks

