Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Exchange Online|Exchange Server|Office|Office 365|Outlook

Outlook Click-to-Run Optimizes AutoDiscover for Office 365

Autodiscover Makes Life Easier

Years ago, we had to configure Outlook profiles manually to connect to the right mailbox and server. This wasn’t a good experience. Then Microsoft came up with the idea that computers could probably figure out how to find someone’s mailbox and the Autodiscover feature was born.

In a cloud service like Exchange Online, it is literally impossible for a user to know what server hosts the active copy of a mailbox at any time. With an infrastructure spanning over 175,000 physical servers, Exchange Online is a beast. Autodiscover is hugely important because it makes it easy for users to configure Outlook even when the choice of mailbox servers is massive.

With that in mind, it seems reasonable that the Outlook team would “continue to optimize for the Office 365 experience.” Unfortunately, in this zero-sum game, optimization for the cloud means pain for on-premises users. At least, that’s the impression given by Outlook.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Spreading Happiness in UserVoice

The statement about optimizing for the cloud is from the Outlook team’s December 8 response to a UserVoice request asking Microsoft to adjust a change made to optimize Autodiscover queries for Office 365. If you use the click to run version of Outlook 2016 for Windows, Outlook checks Office 365 first and has done so since the 16.0.6741.2017 update.

Checking Office 365 works well if you have an Exchange Online mailbox. Office 365 will respond to the Autodiscover request and return details of your mailbox and other associated services (like public folders). However, in certain circumstances, the query runs into problems. The two examples cited in UserVoice are when someone has been assigned an Exchange Online (or Office 365) license but their “live” mailbox is on-premises, or when someone with a personal Office subscription uses their business email address to configure Outlook. In the latter example, the business email address belongs to an Office 365 tenant, so that’s where Outlook heads for Autodiscover.

Because Autodiscover fails, Outlook prompts for user credentials. But the credentials go back to Office 365 and fail when Azure Active Directory tries to check the account. The problem is present for both existing and new profiles.

Other problems have been reported by people who use Outlook to connect to Exchange on hosted platforms other than Office 365. The Outlook team probably overlooked this use case, probably because they don’t expect the Click-to-Run version to be used in these circumstances. And of course, if Autodiscover is not configured properly inside an on-premises deployment, changes made to make things run more smoothly for the cloud are likely to accentuate and reveal flaws.

Outlook mobile for iOS and Android also use Autodiscover, but the change doesn’t affect them because these clients use AutoDetect to figure out what email service they need to connect to before calling Autodiscover.

Instruct Autodiscover to Ignore Office 365

The workaround is described in a Microsoft Knowledge Base article and requires a change to the system registry to insert a new DWORD value to exclude Office 365 (ExcludeExplicitO365Endpoint) from the list of locations checked by Autodiscover. Again, this sounds reasonable, but you’d have to know about how Autodiscover works and be prepared to update the system registry on affected PCs. Also, the change must be reversed if the user’s mailbox eventually moves to Exchange Online.

The Logic Behind the Change

It’s easy to understand why the Outlook team made the change. With 155 million people using Office 365, we’re at a point where most Exchange users are now in the cloud (probably), so optimizing the click-to-run version of Outlook for Windows for Office 365 makes sense, especially as this is a version designed for use with Office 365. Most on-premises customers use the MSI version of Outlook 2016, which isn’t affected, or run an earlier version of Outlook (some going back as far as Outlook 2007).

No Sympathy from Outlook

The response from the Outlook team is blunt. It doesn’t convey much sympathy to the on-premises community who hope that Outlook might give them some TLC in the future and that’s regrettable. Someone in the Outlook team could do with some coaching on how to write UserVoice responses. It’s also regrettable that the Outlook team didn’t accommodate some of the edge cases that are now causing problems.

While the change is understandable, some of the online commentary is simply off the wall. Like “One would hope that these on-premises authentication requests hitting Microsoft’s O365 servers are just authentication requests, and Microsoft are not keeping these credentials. If they were, this would be a directory harvesting exercise to the likes we have never seen before.” That’s just too much, even in the silliness surrounding the holiday season.

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (2)

2 responses to “Outlook Click-to-Run Optimizes AutoDiscover for Office 365”

  1. <p>I would contest your suggestion that "most Exchange users are now in the cloud". However, whatever the numbers, it's clear that Microsoft is struggling to deliver a quality hybrid experience to its enterprise customers. This is because Exchange wasn't designed or architected as a hybrid product. Outlook.com has similar issues. For example, I have a Premium Outlook.com account which uses a personal domain. Outlook 2016 (Version 1811) fails to connect to my mailbox. The Windows 10 mail app connects without a problem.</p>

    • <blockquote><em><a href="#16013">In reply to rne247:</a></em></blockquote><p>Well, you can contest my suggestion, but the available data that we have – and the only available data that we have – indicates that the majority of Exchange mailboxes are now in the cloud. In fact, if you include the 400+ million Outlook.com mailboxes, all of which run on Exchange Online, you can see that the majority is far higher. But in any case, I agree that Microsoft struggles at times to make things work as flawlessly as everyone would hope, especially when you take hybrid into account. Exchange now has over 10 years of design and engineering for hybrid, so the Exchange of today (Exchange 2016 or 2019) is very much a hybrid beast. That being said, the complexities of dealing with all the variations that happen inside customer on-premises deployments is staggering, so some glitches can be expected (bad as they are if you're affected by one).</p>

Leave a Reply

Tony Redmond has written thousands of articles about Microsoft technology since 1996. He covers Office 365 and associated technologies for Petri.com and is also the lead author for the Office 365 for IT Pros eBook, updated monthly to keep pace with change in the cloud.