How modify existing Exchange 2010 Client Access Array?

Posted on 2011-10-06
Medium Priority
Last Modified: 2012-05-12

Imagine 3 exchanges servers with the DAG roles setup. The client access array has been setup but with the external FQDN instead of the internal which causes some troubles to setup a certificate for Outlook Anywhere.

Is it a way to modify the existing Client Access Array name for an internal FQDN (the DAG FQDN in fact) ? If yes, what are the consequences and risks?

Last info, servers are in production.
Question by:David_Pazos
  • 2
  • 2
LVL 49

Expert Comment

ID: 36927265
Hi David

It is very easy to change the cas array name or even to delete it and create a new one

however the cas array name is not related in anyway to the certificate and it doesn't have an internal and external fqdn so I am not sure i follow you

finally the risks are that you will have client disconnection at a point in time

Expert Comment

ID: 36927324
I would look at the Set-ClientAccessArray command.. specifically internally you will want to set the AutoDiscoverInternalUri

This sets up a Service Connection Point in AD - which is the first point of contact for a domain-joined workstation internally.

Author Comment

ID: 36929670
Thanks for your answers.

Akhater, can you please give me more details on the commands? Regarding your question, here is the config. The CAS Array has the same name as the Outlook Anywhere. On the server, there is 2 SSL. One only internally that came with the server containing the server name only and I bought with the FQDN external name that matches with CAS Array and Outlook Anywhere.

Now the problem is, if I add to the FQDN external SSL the IIS connection, all the computers internally ask to validate the new certificate at each logon and that is messy.

If you think that there is other thing to be done, please feel free to let me know =)
LVL 49

Accepted Solution

Akhater earned 2000 total points
ID: 36929887
Set-ClientAccessArray "name" -fqdn newfqdn.domain.com to change the fqdn

what i mean is that outlook connect to the cas array name using MAPI protocol and not https so it doesn't matter if your cas array name is in the certificate or not you should not get the certificate warning.

Author Comment

ID: 36930365
I see. I'll investigate then after changing this. I'll have a clear view.

Thanks for your help!

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question