Solved

Outlook 2007 with SMTP/Exchange accounts in SBS 2011 environment

Posted on 2011-09-14
4
691 Views
Last Modified: 2012-05-12
A client has a goofy configuration and this type of config is how is HAS to be unfortunately.
 - MS SBS 2011 Std
 - Mixed LAN clients of XP, 7
 - Office 2007 on all clients

Client is "cost effective" in terms of IT.  There is no static IP, only DHCP for WAN address.  Further, they also have POP3 accounts at FatCow which can not be managed by the SBS server.  Due to that, their user profile MSO has a primary SMTP/POP3 account with a secondary internal Exchange account.  Mail is POP'd down and delivered to Exchange store.  This setup works ok but they get a certificate mismatch error from FatCow when MSO is first opened up.  Internal DNS has all of the correct records in place (autodiscover., mail., etc) to match the self signed internal certificate.  I'm not sure what is triggering the certificate mismatch error from FatCow.  Internal pings show all the records are hitting the correct server IP address.  We've tried shutting down autodiscover on the clients and that causes GAL sync issues but does not eliminate the mismatch error.

Thoughts?  TIA!

Steve
0
Comment
Question by:sdeblock
4 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 36540103
Are you sure the certificate mismatch when you open Outlook up is from Fatcow.  You don't need SSL for a POP3 / SMTP account.  It would be more likely your SBS 2011 server with the wrong cert on it.

When it was purchased / configured, did anyone buy a 3rd party SAN / UCC (Multi-Name) SSL Certificate?  If not - this is why you are getting the errors.

You will need the following names included on your SSL cert:

remote.externaldomain.com (or whatever SBS was configured as - e.g., mail.externaldomain.com)
autodiscover.externaldomain.com
internalservername.internaldomainname.local
internalservername
sites

Internal DNS does not need DNS records created.  You DO need an External DNS record configured for Autodiscover to work and that has to be an A record and it needs to point to the IP Address of your server, which will be tricky with a dynamic IP Address!

Any reason you can't get a fixed IP Address?
0
 
LVL 3

Assisted Solution

by:dahesi
dahesi earned 250 total points
ID: 36541963
normally pop3 doesnt use ssl, except port 995.
Does your fatcow account uses secured pop or just pop port 110?

maybe it will help if you install the latest "rootupdates" from ms:
http://www.microsoft.com/download/en/details.aspx?id=6149
we have sometimes cert issues behind a wsus environment.

if this doesnt help: if you use port 995 and if you have to.. contact fatcow for that issue
0
 
LVL 6

Expert Comment

by:jaredr80
ID: 37960028
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What does UTC stand for?  “Coordinated Universal Time” – Think of this as the true time on Planet Earth that never changes with the exception of minor leap seconds here and there to account for the changes in the planet's rotation.   What does th…
Find out what you should include to make the best professional email signature for your organization.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question