Greaume
asked on
Outlook 2007 The name of the security certificate is invalid or does not match the name of the site
I have found the article for this @ http://support.microsoft.com/kb/940726/en-us
I don't use the exchange management shell that much.
Is there a different way to do this?
In View Certificate I have:
Issued to: MYSERVER.domain.local
Issued by: domain-MYSERVER-CA
I have just finished installing service pack 1 for exchange 2007 and Exchange 2007 Update Rollout 9.
thanks a lot
aa
I don't use the exchange management shell that much.
Is there a different way to do this?
In View Certificate I have:
Issued to: MYSERVER.domain.local
Issued by: domain-MYSERVER-CA
I have just finished installing service pack 1 for exchange 2007 and Exchange 2007 Update Rollout 9.
thanks a lot
aa
Your certificate has expired. That is why you are getting the error message. You can either issue yourself a new certificate or you could get one from GoDaddy on the cheap.
Here is an article on renewing your self signed certificate:
http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html
If you want a 3rd party:
https://www.godaddy.com/ssl/ssl-certificates.aspx
Here is a tutorial for setting up a 3rd party certificate:
http://knowthenetwork.com/blog/2008/09/how-to-install-3rd-party-trusted-certificates-to-exchange-2007/
Here is an article on renewing your self signed certificate:
http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html
If you want a 3rd party:
https://www.godaddy.com/ssl/ssl-certificates.aspx
Here is a tutorial for setting up a 3rd party certificate:
http://knowthenetwork.com/blog/2008/09/how-to-install-3rd-party-trusted-certificates-to-exchange-2007/
That cert is your local computer cert. You'll need to import one to the Exchange server using Import-ExchangeCertificate .
ASKER
how can I tell if the certificate has expired?
Plus this was working just fine until the service pack 1 update
Plus this was working just fine until the service pack 1 update
run this from exch shell
get-exchangecertificate | fl
copy paste the output here
get-exchangecertificate | fl
copy paste the output here
ASKER
AccessRules : {System.Security.AccessCon trol.Crypt oKeyAccess Rule, System
.Security.AccessControl.Cr yptoKeyAcc essRule, System.Securi
ty.AccessControl.CryptoKey AccessRule }
CertificateDomains : {SERVERNAME.domain.local}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=SERVERNAME.domain.local
NotAfter : 03/12/2012 12:00:00 AM
NotBefore : 04/12/2009 12:00:00 AM
PublicKeySize : 1024
RootCAType : None
SerialNumber : 0FA99168655D05BC4DAF62F106 A5D34F
Services : IMAP, POP, IIS
Status : Valid
Subject : CN=SERVERNAME.domain.local
Thumbprint : 92CAED80A1F05704F22D49A99C 59E3463AF2 B575
AccessRules : {System.Security.AccessCon trol.Crypt oKeyAccess Rule, System
.Security.AccessControl.Cr yptoKeyAcc essRule, System.Securi
ty.AccessControl.CryptoKey AccessRule }
CertificateDomains : {SERVERNAME.domain.local}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=domain-SERVERNAME-CA
NotAfter : 13/10/2010 5:44:59 PM
NotBefore : 13/10/2009 5:44:59 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 6112E677000000000003
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=SERVERNAME.domain.local
Thumbprint : 2E501D0BCA10275DC3D5A3B230 3E929E2290 EDA1
AccessRules : {System.Security.AccessCon trol.Crypt oKeyAccess Rule, System
.Security.AccessControl.Cr yptoKeyAcc essRule, System.Securi
ty.AccessControl.CryptoKey AccessRule }
CertificateDomains : {Sites, SERVERNAME.domain.local}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=domain-SERVERNAME-CA
NotAfter : 13/10/2011 5:34:28 PM
NotBefore : 13/10/2009 5:34:28 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 610943C3000000000002
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=Sites
Thumbprint : 26F476F3CDC40650A103A28021 C0FA48A6F7 0D3C
AccessRules : {System.Security.AccessCon trol.Crypt oKeyAccess Rule, System
.Security.AccessControl.Cr yptoKeyAcc essRule}
CertificateDomains : {domain-SERVERNAME-CA}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=domain-SERVERNAME-CA
NotAfter : 13/10/2014 5:43:55 PM
NotBefore : 13/10/2009 5:33:56 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 47C55EE35A260A9A444DFD0203 E77BCF
Services : None
Status : Valid
Subject : CN=domain-SERVERNAME-CA
Thumbprint : 4C5799F068CA8DF6E3DACEBBEA 20E6F0C176 C7CE
AccessRules : {System.Security.AccessCon trol.Crypt oKeyAccess Rule, System
.Security.AccessControl.Cr yptoKeyAcc essRule}
CertificateDomains : {WMSvc-WIN-3ZALEM6NNWY}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=WMSvc-WIN-3ZALEM6NNWY
NotAfter : 11/10/2019 12:28:34 PM
NotBefore : 13/10/2009 12:28:34 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 6AE0EEA2DF8C768743D5525DE7 F0D0B1
Services : None
Status : Valid
Subject : CN=WMSvc-WIN-3ZALEM6NNWY
Thumbprint : FBBB2EB062E8D03471C7CCEA01 A591EF6B91 94BE
.Security.AccessControl.Cr
ty.AccessControl.CryptoKey
CertificateDomains : {SERVERNAME.domain.local}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=SERVERNAME.domain.local
NotAfter : 03/12/2012 12:00:00 AM
NotBefore : 04/12/2009 12:00:00 AM
PublicKeySize : 1024
RootCAType : None
SerialNumber : 0FA99168655D05BC4DAF62F106
Services : IMAP, POP, IIS
Status : Valid
Subject : CN=SERVERNAME.domain.local
Thumbprint : 92CAED80A1F05704F22D49A99C
AccessRules : {System.Security.AccessCon
.Security.AccessControl.Cr
ty.AccessControl.CryptoKey
CertificateDomains : {SERVERNAME.domain.local}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=domain-SERVERNAME-CA
NotAfter : 13/10/2010 5:44:59 PM
NotBefore : 13/10/2009 5:44:59 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 6112E677000000000003
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=SERVERNAME.domain.local
Thumbprint : 2E501D0BCA10275DC3D5A3B230
AccessRules : {System.Security.AccessCon
.Security.AccessControl.Cr
ty.AccessControl.CryptoKey
CertificateDomains : {Sites, SERVERNAME.domain.local}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=domain-SERVERNAME-CA
NotAfter : 13/10/2011 5:34:28 PM
NotBefore : 13/10/2009 5:34:28 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 610943C3000000000002
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=Sites
Thumbprint : 26F476F3CDC40650A103A28021
AccessRules : {System.Security.AccessCon
.Security.AccessControl.Cr
CertificateDomains : {domain-SERVERNAME-CA}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=domain-SERVERNAME-CA
NotAfter : 13/10/2014 5:43:55 PM
NotBefore : 13/10/2009 5:33:56 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 47C55EE35A260A9A444DFD0203
Services : None
Status : Valid
Subject : CN=domain-SERVERNAME-CA
Thumbprint : 4C5799F068CA8DF6E3DACEBBEA
AccessRules : {System.Security.AccessCon
.Security.AccessControl.Cr
CertificateDomains : {WMSvc-WIN-3ZALEM6NNWY}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=WMSvc-WIN-3ZALEM6NNWY
NotAfter : 11/10/2019 12:28:34 PM
NotBefore : 13/10/2009 12:28:34 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 6AE0EEA2DF8C768743D5525DE7
Services : None
Status : Valid
Subject : CN=WMSvc-WIN-3ZALEM6NNWY
Thumbprint : FBBB2EB062E8D03471C7CCEA01
ASKER
From the orginal question
what has changed since service pack 1 and why would outlook 2007 clients be getting the certificate error?
what has changed since service pack 1 and why would outlook 2007 clients be getting the certificate error?
This is the steps you took
Installed Exchange 2007
installed Sp1
Installed RU 9 ?
Correct ?
Installed Exchange 2007
installed Sp1
Installed RU 9 ?
Correct ?
ASKER
yes
Exchange 2007 has been running for about 6 months yes
two days ego
installed sp1
then
RU 9 to get rid of constant password pop up for outlook 2007 users
Exchange 2007 has been running for about 6 months yes
two days ego
installed sp1
then
RU 9 to get rid of constant password pop up for outlook 2007 users
Did you try SP3 ?
SP3 is out.
http://www.microsoft.com/downloads/details.aspx?FamilyID=1687160b-634a-43cb-a65a-f355cff0afa6&displaylang=en
Also did you /preparead and /prepareschema
and run windows installer 4.5 *before* you installed Exchange 2007 SP1
I hope this is not a SBS :)
SP3 is out.
http://www.microsoft.com/downloads/details.aspx?FamilyID=1687160b-634a-43cb-a65a-f355cff0afa6&displaylang=en
Also did you /preparead and /prepareschema
and run windows installer 4.5 *before* you installed Exchange 2007 SP1
I hope this is not a SBS :)
ASKER
There is nothing wrong with the server except the certificate error for outlook clients running 2007
yes it is sbs 2008 std
yes it is sbs 2008 std
Thanks for clarifying :)
get-exchangecertificate | fl
please post here.
get-exchangecertificate | fl
please post here.
ASKER
the microsoft article http://support.microsoft.com/kb/940726/en-us
go through exchange shell commands to fix this problem that outlook 2007 clients are having.
would these apply to this error that I am getting?
go through exchange shell commands to fix this problem that outlook 2007 clients are having.
would these apply to this error that I am getting?
ASKER
i have it's above
Seriously sorry :(
I have 10+ EE windows open and I end-up reading the last post and replying to that.
will check the article too.
I have 10+ EE windows open and I end-up reading the last post and replying to that.
will check the article too.
Yes! Please follow the article to set the InternalUri as follows:-
Follow the kb-940726, and run the following command on the server.
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceIntern alUri https://mail.contoso.com/autodiscover/autodiscover.xml
Set-WebServicesVirtualDire ctory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab
DisableLoopbackcheck registry.
key as per the article <http://support.microsoft.com/kb/896861>.
Please follow the following article
http://support.microsoft.com/kb/927612
Hope this helps!
Follow the kb-940726, and run the following command on the server.
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceIntern
Set-WebServicesVirtualDire
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab
DisableLoopbackcheck registry.
key as per the article <http://support.microsoft.com/kb/896861>.
Please follow the following article
http://support.microsoft.com/kb/927612
Hope this helps!
Mohammaed @ you are one cool dude with real cool skills.
I saved your last autodiscover post.
You are the first person who recommended setSPN along with the various -internalurl's.
> That was perfect <
I saved your last autodiscover post.
You are the first person who recommended setSPN along with the various -internalurl's.
> That was perfect <
ASKER
I don't have much experience with exchange command shell!!
When I run these commands do I replace mail.contoso.com with servername.domain.local which would be my server name and domain name for the local network.
Thank you
aa
When I run these commands do I replace mail.contoso.com with servername.domain.local which would be my server name and domain name for the local network.
Thank you
aa
yes @ servername.domain.local
FQDN (fully qualified domain name) of your local exchange server.
FQDN (fully qualified domain name) of your local exchange server.
ASKER
So just to make sure I get this: Sorry to be anal about this :)
1st:
Run the command in this article kb-940726
Set-ClientAccessServer –AutodiscoverServiceIntern alUri https://servername.domain.local/autodiscover/autodiscover.xml
2nd:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceIntern alUri https://servername.domain.local/autodiscover/autodiscover.xml
3rd:
Set-WebServicesVirtualDire ctory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://servername.domain.local/ews/exchange.asmx
4th:
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://servername.domain.local/oab
Than:
DisableLoopbackcheck registry.
key as per the article <http://support.microsoft.com/kb/896861>.
Please follow the following article
http://support.microsoft.com/kb/927612
Thank you
aa
1st:
Run the command in this article kb-940726
Set-ClientAccessServer –AutodiscoverServiceIntern
2nd:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceIntern
3rd:
Set-WebServicesVirtualDire
4th:
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://servername.domain.local/oab
Than:
DisableLoopbackcheck registry.
key as per the article <http://support.microsoft.com/kb/896861>.
Please follow the following article
http://support.microsoft.com/kb/927612
Thank you
aa
yes
You run these commands against the server listed in -IDENTITY field.
Just to be safe, you can run this, and check the identity fields.
get-ClientAccessServer
Replace the identity within " " with CAS_Server_Name
example
Set-ClientAccessServer -Identity "EXCHANGE"" -AutodiscoverServiceIntern alUri https://servername.domain.local/autodiscover/autodiscover.xml
Set-WebServicesVirtualDire ctory -Identity "Exchange\EWS*" -InternalUrl "https://servername.domain.local/ews/exchange.asmx"
You run these commands against the server listed in -IDENTITY field.
Just to be safe, you can run this, and check the identity fields.
get-ClientAccessServer
Replace the identity within " " with CAS_Server_Name
example
Set-ClientAccessServer -Identity "EXCHANGE"" -AutodiscoverServiceIntern
Set-WebServicesVirtualDire
ASKER
Ok this is what I get : this is for the first command from the article kb-940726
[PS] C:\Windows\System32>get-Cl ientAccess Server
Name
----
SERVERNAME
[PS] C:\Windows\System32>Set-Cl ientAccess Server -AutodiscoverServiceIntern alUri https://SERVERNAME.domain.local/autodiscover/autodiscover.xml
cmdlet Set-ClientAccessServer at command pipeline position 1
Supply values for the following parameters:
Identity: https://SERVERNAME.domain.local/autodiscover/autodiscover.xml
Set-ClientAccessServer : Cannot bind parameter 'Identity'. Cannot convert value "https://SERVERNAME.domain.local/autodiscover/autodiscover.xml" to type "Microsoft.Exchange.Config ura
tion.Tasks.ClientAccessSer verIdParam eter". Error: "'https://SERVERNAME.domain.local/autodi
scover/autodiscover.xml' is not a valid value for the identity.
Parameter name: identity"
At line:1 char:23
+ Set-ClientAccessServer <<<< -AutodiscoverServiceIntern alUri https://SERVERNAME.domain.l
ocal/autodiscover/autodisc over.xml
[PS] C:\Windows\System32>
[PS] C:\Windows\System32>get-Cl
Name
----
SERVERNAME
[PS] C:\Windows\System32>Set-Cl
cmdlet Set-ClientAccessServer at command pipeline position 1
Supply values for the following parameters:
Identity: https://SERVERNAME.domain.local/autodiscover/autodiscover.xml
Set-ClientAccessServer : Cannot bind parameter 'Identity'. Cannot convert value "https://SERVERNAME.domain.local/autodiscover/autodiscover.xml" to type "Microsoft.Exchange.Config
tion.Tasks.ClientAccessSer
scover/autodiscover.xml' is not a valid value for the identity.
Parameter name: identity"
At line:1 char:23
+ Set-ClientAccessServer <<<< -AutodiscoverServiceIntern
ocal/autodiscover/autodisc
[PS] C:\Windows\System32>
you have to run this from Exchange management Shell
start > programs > exchange management shell
command is
get-clientaccessserver | fl
thanks
start > programs > exchange management shell
command is
get-clientaccessserver | fl
thanks
ASKER
I did type the command
Set-ClientAccessServer -AutodiscoverServiceIntern alUri https://SERVERNAME.domain.local/autodiscover/autodiscover.xml
as one line
Set-ClientAccessServer -AutodiscoverServiceIntern
as one line
Yes it's one line.
You can verify if the settings stuck by running a GET
get-clientAccessServer | fl
check if autodiscoverinternalURI field is updated with the value above @
I hope you replaced servername.domain.local with your FQDN :)
You can verify if the settings stuck by running a GET
get-clientAccessServer | fl
check if autodiscoverinternalURI field is updated with the value above @
I hope you replaced servername.domain.local with your FQDN :)
ASKER
Yes, servername.domain.local Replaced with FQDN
her it is:
[PS] C:\Windows\System32>get-cl ientAccess Server |fl
Name : SERVERNAME
OutlookAnywhereEnabled : False
AutoDiscoverServiceCN : SERVERNAME
AutoDiscoverServiceClassNa me : ms-Exchange-AutoDiscover-S ervice
AutoDiscoverServiceInterna lUri : https://sites/Autodiscover/Autodiscover.xml
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e 7a48b19596
AutoDiscoverSiteScope : {Default-First-Site-Name}
IsValid : True
OriginatingServer : SERVERNAME.domain.local
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=SERVERNAME,CN=Servers,C N=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Admin istrative Groups,CN=First Organi
zation,CN=Microsoft Exchange,CN=Services,CN=Co nfiguratio n,
DC=domain,DC=local
Identity : SERVERNAME
Guid : 9456c1e3-bf78-468c-b432-c2 a4ad690ec9
ObjectCategory : domain.local/Configuration /Schema/ms -Exch-Exch ange-Serve r
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 20/01/2010 9:44:43 AM
WhenCreated : 13/10/2009 5:55:41 PM
her it is:
[PS] C:\Windows\System32>get-cl
Name : SERVERNAME
OutlookAnywhereEnabled : False
AutoDiscoverServiceCN : SERVERNAME
AutoDiscoverServiceClassNa
AutoDiscoverServiceInterna
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e
AutoDiscoverSiteScope : {Default-First-Site-Name}
IsValid : True
OriginatingServer : SERVERNAME.domain.local
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=SERVERNAME,CN=Servers,C
(FYDIBOHF23SPDLT),CN=Admin
zation,CN=Microsoft Exchange,CN=Services,CN=Co
DC=domain,DC=local
Identity : SERVERNAME
Guid : 9456c1e3-bf78-468c-b432-c2
ObjectCategory : domain.local/Configuration
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 20/01/2010 9:44:43 AM
WhenCreated : 13/10/2009 5:55:41 PM
ok that didnt change it.
try this
Set-ClientAccessServer -identity SERVERNAME -AutodiscoverServiceIntern alUri:"https://SERVERNAME.domain.local/autodiscover/autodiscover.xml"
it's U R EYE @ not U R ELL
try this
Set-ClientAccessServer -identity SERVERNAME -AutodiscoverServiceIntern
it's U R EYE @ not U R ELL
ASKER
ok this is what i have now:
I see now where this has changed
[PS] C:\Windows\System32>get-cl ientAccess Server |fl
Name : SERVERNAME
OutlookAnywhereEnabled : False
AutoDiscoverServiceCN : SERVERNAME
AutoDiscoverServiceClassNa me : ms-Exchange-AutoDiscover-S ervice
AutoDiscoverServiceInterna lUri : https://SERVERNAME.domain.local/autodiscover/autodiscover
.xml
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e 7a48b19596
AutoDiscoverSiteScope : {Default-First-Site-Name}
IsValid : True
OriginatingServer : SERVERNAME.domain.local
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=SERVERNAME,CN=Servers,C N=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Admin istrative Groups,CN=First Organi
zation,CN=Microsoft Exchange,CN=Services,CN=Co nfiguratio n,
DC=domain,DC=local
Identity : SERVERNAME
Guid : 9456c1e3-bf78-468c-b432-c2 a4ad690ec9
ObjectCategory : domain.local/Configuration /Schema/ms -Exch-Exch ange-Serve r
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 20/01/2010 9:44:43 AM
WhenCreated : 13/10/2009 5:55:41 PM
I see now where this has changed
[PS] C:\Windows\System32>get-cl
Name : SERVERNAME
OutlookAnywhereEnabled : False
AutoDiscoverServiceCN : SERVERNAME
AutoDiscoverServiceClassNa
AutoDiscoverServiceInterna
.xml
AutoDiscoverServiceGuid : 77378f46-2c66-4aa9-a6a6-3e
AutoDiscoverSiteScope : {Default-First-Site-Name}
IsValid : True
OriginatingServer : SERVERNAME.domain.local
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=SERVERNAME,CN=Servers,C
(FYDIBOHF23SPDLT),CN=Admin
zation,CN=Microsoft Exchange,CN=Services,CN=Co
DC=domain,DC=local
Identity : SERVERNAME
Guid : 9456c1e3-bf78-468c-b432-c2
ObjectCategory : domain.local/Configuration
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 20/01/2010 9:44:43 AM
WhenCreated : 13/10/2009 5:55:41 PM
ASKER
For this command: After EWS there is a * should that be there?
Set-WebServicesVirtualDire ctory -Identity "Exchange\EWS*" -InternalUri "https://servername.domain.local/ews/exchange.asmx"
Set-WebServicesVirtualDire
yes
that way you avoid writing the whole thing :)
that way you avoid writing the whole thing :)
ASKER
it will look like this:
[PS] C:\Windows\System32>Set-We bServicesV irtualDire ctory -Identity "Exchange\EWS*" -Internal
Uri:"https://SERVERNAME.domain.local/ews/exchange.asmx"
[PS] C:\Windows\System32>Set-We
Uri:"https://SERVERNAME.domain.local/ews/exchange.asmx"
Set-WebServicesVirtualDire ctory -Identity "Exchange\EWS*" -InternalUrl"https://servername.domain.local/ews/exchange.asmx"
this is internal U R ELL
UR EYE is only for autodiscoverinternalURI
this is internal U R ELL
UR EYE is only for autodiscoverinternalURI
ASKER
Thanks for all your help I do appreciated a lot.
Set-WebServicesVirtualDire ctory - Identity "Exchange\EWS*"
Should "Exchange be SERVERNAME ??
Set-WebServicesVirtualDire
Should "Exchange be SERVERNAME ??
you're welcome
run this
get-webservicesvirtualdire ctory | fl identity
The output of that goes into -identity " "
run this
get-webservicesvirtualdire
The output of that goes into -identity " "
ASKER
After this command
Set-WebServicesVirtualDire ctory -Identity "SERVERNAME\EWS*" -InternalUrl: "https://SERVERNAME.domain.local/ews/exchange.asmx"
the cursor is sitting @
>>
Set-WebServicesVirtualDire
the cursor is sitting @
>>
press enter twice
ASKER
>> still there
ASKER
I can do the up/down errow key , show what i have done previously
close it and lets try again
Get-WebServicesVirtualDire ctory | Set-WebServicesVirtualDire ctory -InternalUrl:"https://SERVERNAME.domain.local/ews/exchange.asmx"
Get-WebServicesVirtualDire
ASKER
I should be able to use the same command above with the OABVirtualDirectory
get-oabvirtualdirectory | fl *url*
and set those fields
and set those fields
hows it going ?
ASKER
Good Day
Looking Good, outlook 2007 clients do not have this certificate error any more.
The list below I did not use
DisableLoopbackcheck registry.
key as per the article <http://support.microsoft.com/kb/896861>.
Please follow the following article
http://support.microsoft.com/kb/927612
At this point since the error is gone.
Should these still be applied or can I hold off.
If you can briefly what does 1.Loopbackcheck setting do and 2nd SPN, can I check if they are correct.
This server is a global catalog server
Again , You have been lots of help , thank you
aa
Looking Good, outlook 2007 clients do not have this certificate error any more.
The list below I did not use
DisableLoopbackcheck registry.
key as per the article <http://support.microsoft.com/kb/896861>.
Please follow the following article
http://support.microsoft.com/kb/927612
At this point since the error is gone.
Should these still be applied or can I hold off.
If you can briefly what does 1.Loopbackcheck setting do and 2nd SPN, can I check if they are correct.
This server is a global catalog server
Again , You have been lots of help , thank you
aa
Loopback check yes - you need to set that.
SetSPN - it should already be set by now.
You can verify the entries and see if the SPN's from this article http://support.microsoft.com/kb/927612
is added in your server.
Download adfind
http://www.joeware.net/freetools/tools/adfind/index.htm
extract to c:\adfind
start > run > cmd
cd adfind
adfind -SC C:SERVERNAME
SetSPN - it should already be set by now.
You can verify the entries and see if the SPN's from this article http://support.microsoft.com/kb/927612
is added in your server.
Download adfind
http://www.joeware.net/freetools/tools/adfind/index.htm
extract to c:\adfind
start > run > cmd
cd adfind
adfind -SC C:SERVERNAME
ASKER
The loopback check as per the article http://support.microsoft.com/kb/896861
does not apply to sbs 2008 it's not listed.
thanks
aa
does not apply to sbs 2008 it's not listed.
thanks
aa
ASKER
This is for accessing Ex: http://companyweb from the local server where you get the login screen but still can not login?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This has been the best help I got here yet.
Thanks for all the great help
Take care
aa
Thanks for all the great help
Take care
aa
You are welcome !!
Thanks for the points :)
Thanks for the points :)
Eg: outlook.mydomain.com
Good luck
Shaba