How modify existing Exchange 2010 Client Access Array?

Posted on 2011-10-06
Last Modified: 2012-05-12

Imagine 3 exchanges servers with the DAG roles setup. The client access array has been setup but with the external FQDN instead of the internal which causes some troubles to setup a certificate for Outlook Anywhere.

Is it a way to modify the existing Client Access Array name for an internal FQDN (the DAG FQDN in fact) ? If yes, what are the consequences and risks?

Last info, servers are in production.
Question by:David_Pazos
    LVL 49

    Expert Comment

    Hi David

    It is very easy to change the cas array name or even to delete it and create a new one

    however the cas array name is not related in anyway to the certificate and it doesn't have an internal and external fqdn so I am not sure i follow you

    finally the risks are that you will have client disconnection at a point in time
    LVL 3

    Expert Comment

    I would look at the Set-ClientAccessArray command.. specifically internally you will want to set the AutoDiscoverInternalUri

    This sets up a Service Connection Point in AD - which is the first point of contact for a domain-joined workstation internally.

    Author Comment

    Thanks for your answers.

    Akhater, can you please give me more details on the commands? Regarding your question, here is the config. The CAS Array has the same name as the Outlook Anywhere. On the server, there is 2 SSL. One only internally that came with the server containing the server name only and I bought with the FQDN external name that matches with CAS Array and Outlook Anywhere.

    Now the problem is, if I add to the FQDN external SSL the IIS connection, all the computers internally ask to validate the new certificate at each logon and that is messy.

    If you think that there is other thing to be done, please feel free to let me know =)
    LVL 49

    Accepted Solution

    Set-ClientAccessArray "name" -fqdn to change the fqdn

    what i mean is that outlook connect to the cas array name using MAPI protocol and not https so it doesn't matter if your cas array name is in the certificate or not you should not get the certificate warning.

    Author Comment

    I see. I'll investigate then after changing this. I'll have a clear view.

    Thanks for your help!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Set up iPhone and iPad email signatures to always send in high-quality HTML with this step-by step guide.
    Get an idea of what you should include in an email disclaimer with these Top 5 email disclaimer tips.
    In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now