• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 247
  • Last Modified:

Exchange 2010 - Need help with certificate

We own domaina.com. Problem is that when this domain was set up way back in the NT4 days, someone used domainb.com as the domain name internally....and we never owned it.

So now that I have moved from Exchange 2003 to 2010, Outlook clients get the "The name on the security certificate is invalid or does not match the name of the site." We do have a proper certificate for OWA and is working fine when coming from the outside.

I changed the URLs under EMC\Server Configuration\Client Access on all the URLs listed there.

Where can I change the name that the Outlook clients are looking? If I can get it to mail.domaina.com I would be happy!
0
mvalpreda
Asked:
mvalpreda
  • 3
  • 3
  • 2
  • +1
1 Solution
 
JohnGrunwellCommented:
Did you have a Unified Communtications Cert?
autodiscover.domain.com etc...
0
 
mvalpredaAuthor Commented:
Yes....but I cannot get a cert for the original domain. Outlook clients get certificate error when connecting to mail.123.com. We don't own 123.com so I am trying to change the directory in AD/Exchange that is passed to Outlook so the certificate matches to mail.456.com....which we own.
0
 
JohnGrunwellCommented:
I had to do the same thing for mine.  Look Here
http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/
Did you change umvirtualdirectory, activesync virtual directory, webservices, clientaccess  in powershell to the external site?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
AkhaterCommented:
get-clientaccessserver | fl *uri*

chances are the AutoDiscoverServiceInternalUri is still pointing to 123.com change it using the set-clientaccessserver -AutoDiscoverServiceInternalUri

also check the Get-WebServicesVirtualDirectory | fl *url* if this is unchanged you can use set-WebServicesVirtualDirectory to make the change
0
 
mvalpredaAuthor Commented:
[PS] C:\Windows\system32>get-clientaccessserver | fl *uri*

AutoDiscoverServiceInternalUri : <correct>

[PS] C:\Windows\system32>Get-WebServicesVirtualDirectory | fl *url*

InternalNLBBypassUrl : <incorrect>
InternalUrl          : <correct>
ExternalUrl          : <correct domain....missing mail.>
0
 
AkhaterCommented:
InternalNLBBypassUrl  is not to be changed and can be ignored,

what about get-oabvirtualdirectory | fl *url* ?
0
 
mvalpredaAuthor Commented:
get-oabvirtualdirectory | fl *url*

These entries are correct.
0
 
AkhaterCommented:
vale,

please open an outlook 2007/2010 client ctrl + Right click on the icon in the system tray and test email autoconfig

uncheck all boxes and keep only autodiscover.

enter username/password and run the test.

when do go to the last tab (xml) and find the url still pointing to the incorrect domain and share it with me
0
 
praveenkumare_spCommented:
did u change the urls n accordance to microsoft KB 940726 ??
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now