Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

New additional primary email domain, new public certificate

Posted on 2011-03-18
6
Medium Priority
?
334 Views
Last Modified: 2012-08-14
Hi

A SBS 2003 R2 exchange enviroment and apx 70 WSs which are located in 22 different cities here in Finland. All remote WSs are not joined to domain and they use RDP over HTTPS Outlook client.

I need to add a new emaildomain to the server. Currently I have a public SSL certificate for currentdomain.fi. In the future I need to have newdomain.fi as a  primary email domain while currentdomai.fi needs also work. Also the webmail address have to be https:/mail.newdomain.fi/exchange. The currentdomain.fi  needs to work to the end of this year and then stop.

What are the major steps?
Do I have to buy a SAN (subject alternate name) SSL certificate in order to make both domains work same time?
If a SAN certificate is needed isn't it so that the ISP has to setup DNS/MX for newdomain.fi to point to my server before I can buy the certificate (otherwise I can't receive the certificate to administrator@newdomain.fi)
At what point should  I run CEICW again to start use new public SSL certificate (SAN if needed)?
Do I have to make changes to client Outlooks (change Exchange Proxy https address to mail. newdomain.fi) now or at least at the end of the year?

Thanks in advantage

Juha
0
Comment
Question by:RimFire007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 8

Accepted Solution

by:
GundogTrainer earned 2000 total points
ID: 35164678
OK,
This is what I would do:
1. Add the new domain name to the recipeint policy, tick the "This Exchange Organisation is responsible for all mail delivery to this domain". But Dont actualy enable it in the recipient policy yet.
This will allow Exchange to accept the mail for this domain, you can manualy add an smtp address for youself for admin@yournewdomain.fi.
2. check you can send a message directly to exchange to this new address using telnet or a simple SMTP client to the exchange SMTP service.

3. Once you are happy that this is working you can set the MX and A records for the new domain to point to your server. After 24 hours you should then be able to email admin@yournewdomain.fi from any internet host, without affecting your existing domain name at all.

4. As for SSL this is where you have an option, you could purchase a certificate that included both names or create a 2nd website in IIS that uses the same IP address but uses host headers to specify it. You could then set it to redirect to the original site ( you could swap the certificates and headers over once you decide to implement the new name.)

5. Once you ready you can then check the domain name in the recipient policy, and setting it to the default name and Applying the policy now would regenerate the email addresses etc.
0
 

Author Comment

by:RimFire007
ID: 35164738
Thanks GundogTrainer

Will check the resolution detailed later on.

Step2. Is this a  Internal LAN test which I do before Step 3?

Step 3. I suppose this is something the ISP will do? I don't usually touch MX-records at all. My firewall just forwards all smtp traffic from public IP to Server's Internal LAN address. Are you really saing that I need to touch mx-records, at the Internal DNS server?

Step 4. I'll propably purhace a SAN certificate, sounds easier to me.

Rgs, Juha
0
 
LVL 8

Assisted Solution

by:GundogTrainer
GundogTrainer earned 2000 total points
ID: 35164853
Step 2. internal test - but there is no reason it wouldnt work from the internet if you connect to the gateway IP address.

open a command prompt:(you type the text in bold)
telnet servername 25
220 servername.something.fi ESMTP MAIL Service Version: 1.2.3.4.5. ready at ....
helo test
250 servername.something.fi Hello [192.168.0.100]
mail from:admin@mydomain.fi
250 2.1.0 admin@mydomain.fi....Sender OK
rcpt to:admin@mynewdomain.fi
250 2.1.5 admin@mydomain.fi
data
354 Start mail input; end with <CRLF>.<CRLF>
subject:test
12345

.

quit



The DNS and MX records are just for internet client to know where to deliver the mail to, these will need to be created by whoever your domain name is being managed by. If you have purchased it from your ISP then this would be who should be able edit it.


0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:RimFire007
ID: 35164875
Thanks GundogTrainer

Special thanks for telnet commands! Will propably start implementing this on next week depending how busy I am. The transaction day should be the 1st of May.

Rgs, Juha
0
 

Author Comment

by:RimFire007
ID: 35445851
Just a update. Will do this on next week.

Rgs,

Juha
0
 

Author Closing Comment

by:RimFire007
ID: 35879691
Thanks GundogTrainer

The information provided helped to set up the new primary email domain.

Rgs, Juha
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question