Solved

oops another Cas array question

Posted on 2011-03-08
2
454 Views
Last Modified: 2012-08-14
The cas array name internally is going to be the FQDN, so if my domain is: ln.acme.com

the FQDN for the cas array in my internal DNS would be cas.in.acme.com

but what would it be on the SAN certificate? Would it be cas.acme.com or would it still be cas.in.acme.com? My cas servers are internet facing


0
Comment
Question by:iamuser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
Nenadic earned 250 total points
ID: 35075125
Is acme.com your externally-known domain as well?  How are you load-balancing the services when accessed from outside?

At a minimum you need:
1. Name listed in External URL for the OWA, ECP, EAS services, e.g. mail.acme.com
2. autodiscover.acme.com

That would allow clients to discover services and then connect to them without seeing any errors.  At this point, your load-balancing solution should be able to distributed traffic to actual servers.  This could be Exchange publishing through ISA, TMG or similar or it could be through an actual hardware load balancer. Ideally, it won't be through DNS round robin or NLB.
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 250 total points
ID: 35120241
Your cas array name has to be in the san certificate or else you will end up having outlook certificate warnigs.

Your cas name can be cas.in.acme.com or cas.acme.com totally your decision

Your casarray name does not need to be in the public dns, it doesnt need to be resolved from outside
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question