We help IT Professionals succeed at work.

Mass Deploy RPC over HTTPS change

rustyrpage
rustyrpage asked
on
863 Views
Last Modified: 2010-07-27
I currently have 150 clients set up to use RPC over HTTPS with an older Exchange FE server that is not as secure.  I have set up a new FE Exchange server & configured RPC over HTTP to work...here-in lies the problem, how do I deploy it easily.  I would prefer not send out directions to every client as they don't do it if there's more than 1 step.  Is there a way to do a group policy, or better yet a batch file (as a lot of these people never connect to the VPN) to make the server name change?

Thanks!
Comment
Watch Question

Expert of the Year 2007
Expert of the Year 2006

Commented:
Why don't you just cut it over at the firewall level using the same SSL certificate and external name? The name of the server that the users connect to doesn't have to change that way.

Simon.

Author

Commented:
Because we cannot eliminate the other server right away.
Expert of the Year 2007
Expert of the Year 2006

Commented:
Why not?
They are frontends - as far as I am concerned they are disposable.
Have you tied the certificate and/or FQDN in the Exchange clients to the server's real name? That is the only reason I can think that would cause a problem. Even that can be worked around. Unless there is something that you haven't said, there is no reason why a simple copy of the certificate to the new server and a switch of the NAT will not work.

Simon.

Author

Commented:
We have 400+ users across 7 companies.  I want the differenitation in FQDN name between companies & servers for FDA & internal security reasons.

Author

Commented:
That said, if there isn't a solution to the problem, then we'll do an auto-it for it.
You could push out a maintenance update to Office 2003 with the new server settings.  It would have to be ran with admins and from the office 2003 source directory.

Author

Commented:
I was reading somewhere about the PRFs or something like that.  Is that what you are referring to?

So, in the grand-scheme of things, there is no easy way to accomplish this?

Sembee, I'm not trying to be a punk about the suggestion of seperating out the servers, but there are a lot of politics & it's a pain.  Basically, when the companies I support started, there were only 10 employees, so we just shared the front-end Exchange server with one of the other companies under the same ownership.  Now my company has grown to 150 employees alone (plus another 80 that I support in addition), so I want to get our own front-end Exchange server & separate from the main company.  The next move is going to be to get our own back-end Exchange server (except we are really thinking about going with 2007 so that we can do an active-active redundancy & just get two beefed up Exchange back-end boxes & three load balanced front-ends.

Thanks for your suggestions!
Expert of the Year 2007
Expert of the Year 2006
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Thank you for your feedback, but like I said, this is a FULLY political decision.  I would like an answer to the question at hand if it is available, otherwise I will close out the question.

Where do I find information about PRF files.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.