question

ThisisParya-7758 avatar image
0 Votes"
ThisisParya-7758 asked ThisisParya-7758 commented

AD user locked as a result of outlook and exchange connection.

Hi there,
we have a domain for example "consono.com", we have s4b on that domain with "ir" mail server. But in some cases some clients are using another domain name for email addresses out of our domain but with the same mail address . "consono.com". the problem is after setting the email address to outlook, the user being locked our domain . Is it normal? because of autodiscovery?




office-exchange-server-administration
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@ThisisParya-7758,
Your question is more related to Exchange. I will change irrelated tags to office-exchange-server-administration. Hope you get better support.

0 Votes 0 ·

Hi @ThisisParya-7758

Sorry I was a little confused with the scenario.
Did you mean:
The domain-joined (local AD domain consono.com) clients are connecting to Exchange server in an external domain (using the same domain consono.com)?

If so, do you have an Exchange server in the local domain?
If there isn't an Exchange server in the local domain, can the Outlook client connect successfully? Or will it fail and cause the AD account locked?

0 Votes 0 ·

Hi KaelYao,
Yes we have an internal domain "consono.com" and a mail server "consono.ir".
also we use an external exchange mail server "consono.com" that is same name as our domain name but not using our domain.

and if the computer is join to domain and use our external exchange it again being locked .

Regards

0 Votes 0 ·

1 Answer

KaelYao-MSFT avatar image
0 Votes"
KaelYao-MSFT answered ThisisParya-7758 commented

Hi @ThisisParya-7758

I think it is the expected behavior since the domain are the same.
Can you find some event 4625 in Event Viewer>Security on the domain controller?


According to your description, I suppose non-domain joined clients should connect to external Exchange without such problem.

If it is the case, have you created an A record of Autodiscover on your internal DNS server to point to the external Exchange server's ip address?
For example:
audiscover.contoso.com <external Exchange server ip address>

If the Autodiscover record is configured in internal DNS, please run a Test E-mail Autoconfiguration via Outlook client and check the results under the "Log" tag, to see if the autodiscover process works fine.

110204-02.png


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


02.png (16.5 KiB)
· 11
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @ThisisParya-7758

I am writing here to confirm with you how thing going now?
Did the issue get resolved?

0 Votes 0 ·

Yes I have internal DNS that point the external exchange server.
Still it locked the AD user.

0 Votes 0 ·

Hi,
Thanks for the update.

Please add the following value to the registry on the Outlook client device:
Path: HKEY_CURRENT_USER\Software\Microsoft\Office\x.0\Outlook\AutoDiscover
(x.0 in this registry path corresponds to the Outlook version (16.0 = Outlook 2016, 15.0 = Outlook 2013, 14.0 = Outlook 2010, 12.0 = Outlook 2007)

Add a DWORD Value named ExcludeHttpsRootDomain and set its value to 1.

113771-12.jpg
Restart Outlook and see if it can get rid of the problem.


0 Votes 0 ·
12.jpg (52.2 KiB)
Show more comments