Managing Exchange Server 2010 Features for Mobile Devices (part 1) - Understanding and Using Autodiscover, Understanding and Using Direct Push

The Autodiscover service simplifies the provisioning process for mobile devices and for Outlook 2007 and later clients by returning the required Exchange settings after a user enters his or her e-mail address and password. This eliminates the need to configure mobile carriers in Exchange Server, as well as the need to download and install the carriers list on mobile devices.

Autodiscover is enabled by default, and the Default Web Site associated with a particular Web site has an associated Autodiscover virtual directory through which devices can be provisioned.

You can manage Autodiscover using the Exchange Management Shell. To get detailed information about the Autodiscover configuration, type the following command:

Get-AutodiscoverVirtualDirectory -Server MyServer

where MyServer is the name of the Client Access server you want to examine. Included in the detailed information is the identity of the Autodiscover virtual directory, which you can use with related cmdlets.

By default, Autodiscover is configured to use Anonymous, Basic, and Windows authentication. Using the Set-AutodiscoverVirtualDirectory cmdlet, you can enable or disable these authentication methods, as well as digest authentication. You can also set the internal and external URLs for Autodiscover. Neither URL is set by default.

To disable Autodiscover, type the following command:

Remove-AutodiscoverVirtualDirectory -Server MyServer

where MyServer is the name of the Client Access server on which this feature should be disabled.

If you later want to enable Autodiscover, you can type the following command:

New-AutodiscoverVirtualDirectory -Server MyServer

where MyServer is the name of the Client Access server on which this feature should be enabled for the Default Web Site.

Samples Example 1 to Example 4 provide the full syntax and usage for the Get-AutodiscoverVirtualDirectory, New-AutodiscoverVirtualDirectory, Set-AutodiscoverVirtualDirectory and Remove-AutodiscoverVirtualDirectory cmdlets, respectively.

Syntax

Get-AutodiscoverVirtualDirectory [-Server ServerName | -Identity
VirtualDirID] [-DomainController DCName]


Usage

Get-AutodiscoverVirtualDirectory
-Identity "CorpMailSvr25\Autodiscover(Default Web Site)"

Syntax

New-AutodiscoverVirtualDirectory [-ApplicationRoot RootPath]
[-AppPoolId AppPoolIdentity]
[-BasicAuthentication <$true | $false>]
[-DigestAuthentication <$true | $false>]
[-DomainController DCName]
[-ExternalURL ExternalURL]
[-InternalURL InternalURL]
[-Path FileSystemPath]
[-WebSiteName SiteName]
[-WebSiteName WebSiteName]
[-WindowsAuthentication <$true | $false>]
[-WSSecurityAuthentication <$true | $false>]


Usage

New-AutodiscoverVirtualDirectory  -WebSiteName "Default Web Site"
 -BasicAuthentication $true -DigestAuthentication $false
 -WindowsAuthentication $true

Syntax

Set-AutodiscoverVirtualDirectory -Identity DirectoryIdentity
 [-ExternalURL ExternalURL]
 [-InternalURL InternalURL]
 [-BasicAuthentication <$true | $false>]
 [-DigestAuthentication <$true | $false>]
 [-LiveIdBasicAuthentication <$true | $false>]
 [-LiveIdSpNegoAuthentication <$true | $false>]
 [-DomainController DCName]
 [-WindowsAuthentication <$true | $false>]
 [-WSSecurityAuthentication <$true | $false>]


Usage

Set-AutodiscoverVirtualDirectory
-Identity "CorpMailSvr25\Autodiscover(Default Web Site)"
-BasicAuthentication $false -DigestAuthentication $false
 -WindowsAuthentication $true

Syntax

Remove-AutodiscoverVirtualDirectory -Identity DirectoryIdentity


Usage

Remove-AutodiscoverVirtualDirectory
-Identity "CorpMailSvr25\Autodiscover(Default Web Site)"

Direct Push automates the synchronization process, enabling a mobile device to make requests to keep itself up to date. When the Web site used with Exchange ActiveSync has SSL enabled, Direct Push allows a mobile device to issue long-lived Hypertext Transfer Protocol Secure (HTTPS) monitoring requests to Exchange Server. Exchange Server monitors activity in the related user's mailbox. If new mail arrives or other changes are made to the mailbox—such as modifications to calendar or contact items—Exchange sends a response to the mobile device, stating that changes have occurred and that the device should initiate synchronization with Exchange Server. The device then issues a synchronization request. When synchronization is complete, the device issues another long-lived HTTPS monitoring request.

Port 443 is the default TCP port used with SSL. For Direct Push to work, port 443 must be opened between the Internet and the organization's Internet-facing Client Access server or servers. You do not need to open port 443 on your external firewalls to all of your Client Access servers—only those to which users can establish connections. The Client Access server receiving the request automatically proxies the request so that it can be handled appropriately. If necessary, this can also mean proxying requests between the mobile device and the Client Access server in the user's home site. A user's home site is the Active Directory site where the mailbox server hosting his or her mailbox is located.