We have deployed an Exchange 2010 server in our existing Exchange 2003 Organization. A while back, we changed our company name. Our domain is old.local, however our new public domain is new.net I have a single Exchange Server with HT, CAS, and MB roles. All health checks/etc are good. I installed a cert for mail.new.net to enable active sync and OWA.
When we moved a couple guinea pigs last week, Outlook began throwing up errors due to the cert not correlating to the local netbios name of the server. The cert is for mail.new.net however the internal server's name is mail.old.local. I followed the info here http://blogs.technet.com/b/danielkenyon-smith/archive/2010/05/13/the-name-on-the-certificate-is-invalid-or-does-not-match-the-name-of-the-site-part-2.aspx
and made these changes, while of course making the names accurate:
Set-ClientAccessServer -Identity "mbx1" –AutodiscoverServiceIntern
ctory -Identity "mbx1\EWS (Default Web Site)" –InternalUrl https://nlb.nwtraders.msft/EWS/Exchange.asmx
Set-OABVirtualDirectory -Identity “mbx1\OAB (Default Web Site)” -InternalURL https://nlb.nwtraders.msft/OAB
Enable-OutlookAnywhere -Server mbx1 -ExternalHostname “nlb.nwtraders.msft” -ClientAuthenticationMetho
tory -Identity “mbx1\Microsoft-Server-Act
iveSync (Default Web Site)” -InternalURL https://nlb.nwtraders.msft/Microsoft-Server-Activesync
Plenty of hell ensued. We had users unable to email internally, and weird things happening like the famous "Sent emails hanging in drafts" folders. The only way we were able to fix things was to:
1. Uninstall the Cert to remove the Outlook cert warnings/etc.
2. Rerun the commands above and setting everything back to how Exchange initially configured itself.
I obviously need to deploy an SSL cert soon, however a secondary CAS server just for Active Sync/OWA isn't an option. How can I configure the 2010 server so:
1. External clients access mail.new.net
2. Internal clients via Outlook access mail.old.local and don't receive the cert warning
Thank you for any assistance!