Planning for Autodiscover in Lync Server 2013
Topic Last Modified: 2013-02-16
Autodiscover was introduced for Lync Server in the Cumulative Update for Lync Server 2010: November 2011. The primary purpose for this initial implementation of Autodiscover was to provide a means for Lync Mobile to locate the Mobility service (Mcx). The Autodiscover service in Lync Server 2013 is now a service used by all clients to locate server and user services. The Microsoft Lync Server 2013 Autodiscover service runs on Directors and Front End Servers.
Tip
For a more technical understanding of Autodiscover and what is communicated to clients, see Understanding Autodiscover in Lync Server 2013.
Mobility is still a distinct scenario and the Mobility services still require some special planning. For additional details, see Planning for mobility in Lync Server 2013.
When Autodiscover was introduced in Lync Server 2010, there were compromises that needed to be made in order to implement a service that required potential certificate changes to existing server deployments. Autodiscover could be used over port TCP 443 for HTTPS or over port TCP 80 for HTTP. If the decision was made to use HTTPS, certificates on reverse proxies, Directors, and Front End Servers needed to be reissued in order to accommodate the required lyncdiscover.<domain> and lyncdiscoverinternal.<domain> DNS records. If the decision was to use HTTP, the reissue of certificates could be avoided by using DNS CNAME (or alias) records to use existing names on the certificates. Using HTTP did mean that the initial communications were unencrypted.
Because Lync Server 2013 uses Autodiscover for all clients, the main scenario is to use HTTPS exclusively and to create certificates with lyncdiscover.<domain> as part of the configuration of reverse proxies, Directors and Front End Servers. If you are implementing Autodiscover into an upgraded deployment from Lync Server 2010, you may want to use HTTP to avoid reissuing certificates. Guidance for both scenarios is provided in the following sections.
Important
The subject alternative name list on certificates used by the external web services publishing rule must contain a lyncdiscover.<sipdomain> entry for each SIP domain within your organization. For details about the subject alternative name entries that are required for Directors, Front End Servers, and reverse proxies, see Certificate summary - Autodiscover in Lync Server 2013.