Solved

How to setup Exchange 2010 server for outlookanywhere?

Posted on 2011-09-22
13
182 Views
Last Modified: 2012-05-12
This is a new deployed exchange 2010 server, that holding the typical roles - MB, CAS, and HT.
Supposed that the external URL/internal URL for outlook users to access Outlookanywhere are mail.ABC.com and mail.abc.local. How should I configure the SSL cert? What should I do in order to get the correct settings in order for outlook anywhere to work? How about the ssl cert?

Thanks in advance.
0
Comment
Question by:MezzutOzil
  • 6
  • 4
  • 2
  • +1
13 Comments
 
LVL 16

Accepted Solution

by:
uescomp earned 250 total points
Comment Utility
I purchased a UC cert for my exchange.  As for setting up outlook anywhere all you have to do is enable it.  Here are some links to get you started.

Outlook Anywhere:  http://exchangeserverpro.com/how-to-configure-exchange-server-2010-outlook-anywhere

Setup Certificate:  http://www.msexchange.org/articles_tutorials/videos/exchange-server-2010/video-certificate-wizard-Exchange-2010.html
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
Comment Utility
Your Exchange Cert should include the following names (as a minimum):

mail.externaldomain.com
autodiscover.externaldomain.com
internalservername.internaldomain.local
internalservername

You also need to create a new A record in DNS (external not internal), called AUTODISCOVER and it needs to point to the IP address of your Exchange Server.
0
 
LVL 4

Expert Comment

by:AmonPereira
Comment Utility
Hi,

You only need to issue a SAN cert using your public names into this cert.

No need to issue this SAN cert containing your private names because your domain already trust Exchange.

Let me know if it helped you.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
@AmonPereira - That information is not correct.  You need your internal names otherwise you will get certificate errors.
0
 
LVL 4

Expert Comment

by:AmonPereira
Comment Utility
There is a way of no doing this.

You can create a Split-Dns strategy and make internal clients to resolve its internal servers matching external names.

Then create a alias for CAS Array with a external name too.

This solves a huge issue with SAN cert, because if you have a Exchange environment with 6 servers and 5 multiples names, you must have a SAN Cert with 11 names, just as an example using DigiCert cert, it might cost about U$S 900,00/year. And every new servername costs U$S 89,00 per name/year.

If you do as i say, a SAN cert might cost something below U$S 270,00/year.

Let me know if it helped.

0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
I support a single Exch 2010 server hosting about 50 domain names and it only has a 5-name SSL cert (SAN / UCC) which cost about £120 (USD $180) for 3 years.  It doesn't have a split-dns config and the system works 100% happily.

DigiCert are a rip off - GoDaddy are infinitely cheaper and widely accepted.

If you want to give yourself a headache - sure - do it your way - but it you want it done simply and cost-effectively, follow my advice.

You don't have to have multiple domain names in the SSL cert - there are other ways around this which don't involve messing with DNS.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 4

Expert Comment

by:AmonPereira
Comment Utility
WildCard certs?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
No.
0
 
LVL 4

Expert Comment

by:AmonPereira
Comment Utility
Alan

So you have 5 SAN Names for 50 domain names.

There is something as 3 internal names and 2 public?

Share with us, how you did in your hosting environment.



0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Cert names are as per my initial comment.  The rest is all about knowing how Exchange works.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
Comment Utility
Oh - and it's 60 domain names not 50 - just checked.
0
 

Author Comment

by:MezzutOzil
Comment Utility
Sorry for the delay, let's me check through and update you guys...
0
 

Author Closing Comment

by:MezzutOzil
Comment Utility
Good
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now