Post CAS 2010 install issues - Out of Office/Certificate warning.

Have just installed a new 2010 CAS and will be co-existing for a while but have a couple of issues. All mailboxes are still on 2007 mbx server and use XP/Outlook 2007. Plan is to upgrade them to Win 7/Office 2010 and migrate to new 2010 mbx server when their PC's are upgraded. Need to resolve the following issues first though.

External domain namespace is: companyname.co.uk
Internal AD domain is: companyname.local

2007 CAS: ash-owa.companyname.local
2010 CAS: cas.companyname.local

Old 2007 san certificate:
webmail.companyname.co.uk (friendly name)
autodiscover.companyname.co.uk
ash-owa.companyname.local

New 2010 SAN certificate:
 webmail.companyname.co.uk (friendly name)
autodiscover.companyname.co.uk
legacy.companyname.co.uk
cas.companyname.local

Have installed new certificate on 2010 cas & 2007 cas.

Isuue 1: Outlook users get certificate error saying name on certificate does not match site.
If I rekey my new san certificate to include the old CAS "ash-owa.companyname.local" will this solve the issue?

Issue 2: Out of Office will not open in Outlook 2007 but can be set from OWA internally.
Is this linked with the certificate error?
LVL 1
nchtIT Operations ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

e_aravindCommented:
Need to know what is the autodiscover track?

"Test email autoconfiguration" would be reaching the E2k7 and then E2010 servers from the SCP
So that should not cause the issue.

Can you share the screen-shot(s) of the "Test email autoconfiguration" log tab?
nchtIT Operations ManagerAuthor Commented:
Thanks for the reply. Test Email config result below:

Autoconfiguration has started, this may take up to a minute
Autoconfiguration found the following settings:
Display Name: Builder,Bob
Internal OWA URL: https://ash-owa.companyname.local/owa
External OWA URL: https://legacy.companyname.co.uk/owa

Protocol: Exchange RPC
Server: ash-exch.companyname.local
Login Name: Bob.Builder
Availability Service URL: https://ash-owa.companyname.local/EWS/Exchange.asmx
OOF URL: https://ash-owa.companyname.local/EWS/Exchange.asmx
OAB URL: http://ash-owa.companyname.local/OAB/5fb3331d-9fc0-4455-92c4-1e968d4a042a/
Unified Message Service URL:https://ash-owa.companyname.local/UnifiedMessaging/Service.asmx
Auth Package: Unspecified
Glen KnightCommented:
You need to have both servers local fully qualified domain names in the certificate.

Do you have 2 public IP addresses?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

nchtIT Operations ManagerAuthor Commented:
Demazter,

Thanks for the first bit. I can re-key our SAN cetificate today.

Regarding the 2 public IP Addresses. Do you mean one each for webmail.companyname.co.uk & legacy.companyname.co.uk?


Glen KnightCommented:
Yes.  The 2 public IP's are needed because Exchange 2010 doesn't proxy it redirects.  And you will need to differentiate between the source IP because you cannot forward 2 port 443's from the same IP address.
nchtIT Operations ManagerAuthor Commented:
Yes, we have all this set up although at the moment we have the webmail.companyname.co.uk address pointing back to the 2007 OWA due to an issue with mobiles.

We have around 200 smartphone users. iPhones & some nokia's were intelligent enough to change their settings to legacy.companyname.co.uk for the users mailboxes (which are still on the 2007 box). Unfortunately the android devices did not and account for 80% of our smartphones so rather than have them not working over Xmas we reverted the setting back. Have to reset the account completely on android devices so we are going to have to make a decision somewhere along the line.

Thanks for you help. Points on the way.

nchtIT Operations ManagerAuthor Commented:
Cheers
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.