Exchange 2013 Initial Configuration Settings: How to configure virtual directories (Part 10)

Exchange 2013 logo

In part 10 of this mini-series, I’ll look at how to configure the virtual directories used by Exchange 2013. We’ll need to configure these to match the FQDNs we request on our SSL certificate.

It’s assumed that split-brain DNS will be setup for the configuration to work. The essenace of split-brain DNS is that your external domain name is also configured on your internal DNS servers, but the A records on the internal DNS server point to the internal IP address of the server whereas the domain name configured on your external DNS servers point to the external IP address of your server. So whether a client is internal or external the FQDN will always resolve to the correct IP address.

We’ll be configuring the following services:

  • Autodiscover
  • Exchange Admin  Center (ecp)
  • Outlook Web App (owa)
  • Exchange Web Services (EWS)
  • Active Sync
  • Offline Address Book (OAB)
  • Outlook Anywhere

Exchange Admin Center

  1. In the Exchange Admin Center go to servers, virtual directories.Exchange 2013 - servers - virtual directories
  2. You can’t configure the Autodiscover URL via the Exchange Admin Center so we’ll skip this for the time being and come back to it later when we look at how to make the changes using the Exchange Management Shell. The rest we’ll work through in the order above.
  3. Highlight ecp (Default Web Site) and click edit. Exchange 2013 - servers - virtual directories - ecp - general beforeAs you can see only the Internal URL exists at the moment.
  4. Change the Internal URL and External URL settings to, click save.Exchange 2013 - servers - virtual directories - ecp - general afterA warning message will appear: You’ve changed the InternalURL or ExtenralURL of the ECP virtual directory. Please make the same changes to the OWA virtual directory in the same website.warning - youve changed the internalurl or externalurl of the eco virtual directory please make the same change to the owaClick ok.
  5. As the warning message states, make the same change to the owa (Default Web Site). Highlight it and click edit. Set the Internal URL and External URL to, click save.Exchange 2013 - servers - virtual directories - owa default web site - general
  6. Highlight EWS (Default Web Site), click edit and make the same changes.Exchange 2013 - servers - virtual directories - ews default web site - general
  7. Highlight Microsoft-Server-ActiveSync (Default Web Site), click edit and make the same changes.Exchange 2013 - servers - virtual directories - Microsoft-Server-ActiveSync default web site - general
  8. Highlight OAB (Default Web Site), click edit and make the same changes. Exchange 2013 - servers - virtual directories - OAB default web site - general
  9. Finally we have the Outlook Anywhere setting to configure. Select servers from the left hand menu and servers from the top menu. Highlight the OX-Exch1 server and click edit. Exchange 2013 - servers - servers
  10. Select Outlook Anywhere, and then change the external host name and internal host name parameters, Click save.Exchange 2013 - servers - servers - edit - Outlook Anywherewarning - microsoft exchange versions earlier than exchange server 2013 do not support the negotiate client authentication method.Read the warning. If you are migrating from a previous version of Exchange then change the authentication method to NTLM until you have removed the previous Exchange server. Otherwise click ok.
  11. So the only setting remaining is Autodiscover. We’ll take a look at that in the next section – using the Exchange Management Shell.

Exchange Management Shell

To perform the same tasks in the Exchange Management Shell we’ll use the following cmdlets:

Get-ECPVirtualDirectory, Set-ECPVirtualDIrectory
Get-OWAVirtualDirectory, Set-OWAVirtualDirectory
Get-WebServicesVirtualDirectory, Set-WebServicesVirtualDirectory
Get-ActiveSyncVirtualDirectory, Set-ActiverSyncVirtualDirectory
Get-OABVirtualDirectory, Set-OABVirtualDirectory
Get-OutlookAnywhere, Set-OutlookAnywhere

  1. First we’ll use Get-Command (GCM) to see a list of cmdlets relating to virtual directories. Type: gcm *virtualdirect* gcm virtualdirectYou can see highlighted the Get-xxxVirtualDirectory and Set-xxxVirtualDirectory cmdlets we’ll be using.
  2. But first we’ll configure the autodiscover URL using Get-ClientAccessServer.
    Type: Get-ClientAccessServer | fl
    You can see the AutoDiscoverServiceInternalUri is set to the internal FQDN. We need to change this.Exchange 2013 - get-clientaccessserver fl
  3.  Type Set-ClientAccessServer -Identity Ox-Exch1 -AutoDiscoverServiceInternalUri
    You can see the command below returns without an error, then I used Get-ClientAccessServer | fl Name, AutodiscoverServiceInternalUri -Autosize to confirm the setting.
    Note: the i at the end of AutodiscoverServiceInternalUri not an l.Exchange 2013 - set-clientaccessserver -identity -autodiscoverserviceinternaluri
  4. Now let’s configure the ECP virtual directory. Type: Get-ECPVirtualDirectory | fl Exchange 2013 - get-ecpvirtualdirectoryYou can see the InternalUrl is set to the servername, and there is no ExternalUrl set at the moment.
  5. Type: Set-EcpVirtualDirectory -Identity “Ox-Exch1\ecp (Default Web Site)” -InternalUrl “” -ExternalUrl “” Exchange 2013 set-ecpvirtualdirectory -identity -internalurl -externalurlNotice the same warning we received before about making sure the OWA and ECP virtual directories are the same. After running the command I used Get-ECPVirtualDirectory to confirm the changes.
  6. Run through steps 4 and 5 for OWA, EWS, ActiveSync, and the OAB. Take care to make sure you get the correct virtual directory for each of the services.
  7. Finally we’ll configure Outlook Anywhere. Type: Get-OutlookAnyWhere to see the current settings.
  8. Type: Set-OutlookAnywhere -Identity “Ox-Exch1\Rpc (Default Web Site)” -ExternalHostname  -ExternalClientsRequireSsl:$True -ExternalClientAuthenticationMethod Negotiate -InternalHostname  -InternalClientsRequireSsl:$True -InternalClientAuthenticationMethod Negotiate The authentication method may vary depending on if you are migrating from a previous version of Exchange or if this is a new installation. Set-OutlookAnywhere -Identity -ExternalHostname -ExternalClientsRequireSsl -ExternalClientAuthenticationMethod -InternalHostname -InternalClientsRequireSsl -InternalClientAuthenticationMethod

In this post I’ve looked at how to configure Exchaneg 2013 virtual directories using the Exchange Admin Console and Exchange Management Shell.

Advert **

Advert **

For the other articles in this series please go to: