Solved

Outlook 2007 with SMTP/Exchange accounts in SBS 2011 environment

Posted on 2011-09-14
4
699 Views
Last Modified: 2012-05-12
A client has a goofy configuration and this type of config is how is HAS to be unfortunately.
 - MS SBS 2011 Std
 - Mixed LAN clients of XP, 7
 - Office 2007 on all clients

Client is "cost effective" in terms of IT.  There is no static IP, only DHCP for WAN address.  Further, they also have POP3 accounts at FatCow which can not be managed by the SBS server.  Due to that, their user profile MSO has a primary SMTP/POP3 account with a secondary internal Exchange account.  Mail is POP'd down and delivered to Exchange store.  This setup works ok but they get a certificate mismatch error from FatCow when MSO is first opened up.  Internal DNS has all of the correct records in place (autodiscover., mail., etc) to match the self signed internal certificate.  I'm not sure what is triggering the certificate mismatch error from FatCow.  Internal pings show all the records are hitting the correct server IP address.  We've tried shutting down autodiscover on the clients and that causes GAL sync issues but does not eliminate the mismatch error.

Thoughts?  TIA!

Steve
0
Comment
Question by:sdeblock
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 36540103
Are you sure the certificate mismatch when you open Outlook up is from Fatcow.  You don't need SSL for a POP3 / SMTP account.  It would be more likely your SBS 2011 server with the wrong cert on it.

When it was purchased / configured, did anyone buy a 3rd party SAN / UCC (Multi-Name) SSL Certificate?  If not - this is why you are getting the errors.

You will need the following names included on your SSL cert:

remote.externaldomain.com (or whatever SBS was configured as - e.g., mail.externaldomain.com)
autodiscover.externaldomain.com
internalservername.internaldomainname.local
internalservername
sites

Internal DNS does not need DNS records created.  You DO need an External DNS record configured for Autodiscover to work and that has to be an A record and it needs to point to the IP Address of your server, which will be tricky with a dynamic IP Address!

Any reason you can't get a fixed IP Address?
0
 
LVL 3

Assisted Solution

by:dahesi
dahesi earned 250 total points
ID: 36541963
normally pop3 doesnt use ssl, except port 995.
Does your fatcow account uses secured pop or just pop port 110?

maybe it will help if you install the latest "rootupdates" from ms:
http://www.microsoft.com/download/en/details.aspx?id=6149
we have sometimes cert issues behind a wsus environment.

if this doesnt help: if you use port 995 and if you have to.. contact fatcow for that issue
0
 
LVL 6

Expert Comment

by:jaredr80
ID: 37960028
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import an Outlook PST file to Office 365 using a third party product to avoid Microsoft's Azure command line tool, saving you time.
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question