Solved

How to setup Exchange 2010 server for outlookanywhere?

Posted on 2011-09-22
13
184 Views
Last Modified: 2012-05-12
This is a new deployed exchange 2010 server, that holding the typical roles - MB, CAS, and HT.
Supposed that the external URL/internal URL for outlook users to access Outlookanywhere are mail.ABC.com and mail.abc.local. How should I configure the SSL cert? What should I do in order to get the correct settings in order for outlook anywhere to work? How about the ssl cert?

Thanks in advance.
0
Comment
Question by:MezzutOzil
  • 6
  • 4
  • 2
  • +1
13 Comments
 
LVL 16

Accepted Solution

by:
uescomp earned 250 total points
ID: 36582259
I purchased a UC cert for my exchange.  As for setting up outlook anywhere all you have to do is enable it.  Here are some links to get you started.

Outlook Anywhere:  http://exchangeserverpro.com/how-to-configure-exchange-server-2010-outlook-anywhere

Setup Certificate:  http://www.msexchange.org/articles_tutorials/videos/exchange-server-2010/video-certificate-wizard-Exchange-2010.html
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 36582492
Your Exchange Cert should include the following names (as a minimum):

mail.externaldomain.com
autodiscover.externaldomain.com
internalservername.internaldomain.local
internalservername

You also need to create a new A record in DNS (external not internal), called AUTODISCOVER and it needs to point to the IP address of your Exchange Server.
0
 
LVL 4

Expert Comment

by:AmonPereira
ID: 36582626
Hi,

You only need to issue a SAN cert using your public names into this cert.

No need to issue this SAN cert containing your private names because your domain already trust Exchange.

Let me know if it helped you.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36582689
@AmonPereira - That information is not correct.  You need your internal names otherwise you will get certificate errors.
0
 
LVL 4

Expert Comment

by:AmonPereira
ID: 36582783
There is a way of no doing this.

You can create a Split-Dns strategy and make internal clients to resolve its internal servers matching external names.

Then create a alias for CAS Array with a external name too.

This solves a huge issue with SAN cert, because if you have a Exchange environment with 6 servers and 5 multiples names, you must have a SAN Cert with 11 names, just as an example using DigiCert cert, it might cost about U$S 900,00/year. And every new servername costs U$S 89,00 per name/year.

If you do as i say, a SAN cert might cost something below U$S 270,00/year.

Let me know if it helped.

0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36582818
I support a single Exch 2010 server hosting about 50 domain names and it only has a 5-name SSL cert (SAN / UCC) which cost about £120 (USD $180) for 3 years.  It doesn't have a split-dns config and the system works 100% happily.

DigiCert are a rip off - GoDaddy are infinitely cheaper and widely accepted.

If you want to give yourself a headache - sure - do it your way - but it you want it done simply and cost-effectively, follow my advice.

You don't have to have multiple domain names in the SSL cert - there are other ways around this which don't involve messing with DNS.
0
 
LVL 4

Expert Comment

by:AmonPereira
ID: 36582826
WildCard certs?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36582833
No.
0
 
LVL 4

Expert Comment

by:AmonPereira
ID: 36583008
Alan

So you have 5 SAN Names for 50 domain names.

There is something as 3 internal names and 2 public?

Share with us, how you did in your hosting environment.



0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36583053
Cert names are as per my initial comment.  The rest is all about knowing how Exchange works.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36583065
Oh - and it's 60 domain names not 50 - just checked.
0
 

Author Comment

by:MezzutOzil
ID: 36904661
Sorry for the delay, let's me check through and update you guys...
0
 

Author Closing Comment

by:MezzutOzil
ID: 36918417
Good
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
This video discusses moving either the default database or any database to a new volume.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question