• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 282
  • Last Modified:

Exchange server 2007 / windows server 2003- domain authentication question

Hi,
I have a domain that is called "mycompany.local" in Active Directory.
When installing Exchange server 2007 I ran into a problem trying to get Outlook Anywhere to work. I can't get it to work if the Exchange server is not accessed with the ".local" domain name, autentication don't work if I define an external hostname with ".com" domain.
I can edit all the hosts files and enter the ".local" domain name there but we use NAT and the hostname is different when the users is inside or outside the firewall.

How can I make this work?
Does the AD domain need to be the same as external domain to make Outlook Anywhere work or is there a way around this?
Is it a way to make Outlook Anywhere work without renaming/reinstalling the domain?
0
rj2
Asked:
rj2
  • 3
  • 2
1 Solution
 
James MontgomeryCommented:
What certificate is your CAS server using? Outlook anywhere requires a trusted cert with a SAN attribute if i recall correctly for it to work internally and externally.

http://exchangepedia.com/blog/2007/08/outlook-anywhere-and-exchanges-self.html

http://www.msexchange.org/articles_tutorials/exchange-server-2007/mobility-client-access/securing-exchange-2007-client-access-server-3rd-party-san-certificate.html
0
 
rj2Author Commented:
It uses certificate for mycompany.com
0
 
rj2Author Commented:
What I would like ideally is to keep my internal AD domain mycompany.local, use external domain mycompany.com and just make Outlook Anywhere work. But so far I have only been able to connect using Outlook Anywhere from outside the firewall using hostname "mail.mycompany.local" and setting the IP in the hosts file. Even though the SSL certificate is for "mail.mycompany.com"
0
 
James MontgomeryCommented:
First of all check this forum post:
http://forums.msexchange.org/m_1800438631/mpage_1/key_/tm.htm#1800455745

If that doesn't work I suppose you may find some use in the articles below.

Configuring Outlook Anywhere to Use an SSL Certificate with Redirection
http://technet.microsoft.com/en-us/library/bb310764.aspx

How to Configure an External Host Name for Outlook Anywhere (though i think you have already done this)
http://technet.microsoft.com/en-us/library/aa996902.aspx

How to Configure SSL Certificates to Use Multiple Client Access Server Host Names
http://technet.microsoft.com/en-us/library/aa995942.aspx
0
 
rj2Author Commented:
It is working now. The link http://forums.msexchange.org/m_1800438631/mpage_1/key_/tm.htm#1800455745 was right on. Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now