Solved

exchange 2010 autodiscover

Posted on 2012-03-30
4
439 Views
Last Modified: 2012-06-28
So I recently bought a SSL cert to host my webmail.  After I installed the cert I started getting an error that says "the name on the security cert is invald or does not match the name of the site when I open outlook.  I called network solutions and they recomended that I purchase.  A Second Cert for autodiscover."mydomain".com  

How do I setup autodiscover to work correctly? and how do i configure exchange to use both certs?  autodiscover."mydomain".com" and webmail."mydomain".com.  Also do I have to set an external mx record for autodiscover?
0
Comment
Question by:reschete
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Padamdeep
ID: 37787918
If your users are not going to connect from Internet then you don't have buy any additional Certificate. Simply change the SCP to start with whatever Subject Name you have on certifcate and create an Internal DNS record.


But if your users are going to connect from Internet then you need to purchase certificate with additional name space.


Everytime you purchase a certificate, you need to be aware of all the Names spaces that you are going to use. As far as Exchange Server is concerned, following needs to be considered.

1. OWA Url
2. Active Url
3. OAB url
4. EWS Url

All the above URL can share the same name space. But if you decide to use different URLs then you need to include those.

Only thing which is going to be different is autodiscover. Because Outlook is hard coded to query certain queries for Autodiscover.

https://Autodiscover.Domain.com/autodiscover/autodiscover.xml is widely used. "Domain" in "Austodiscover.domain.com" is the SMTP address domain of user

I hope it helps.

~ Singh
0
 
LVL 1

Author Comment

by:reschete
ID: 37788847
I have 2 certs purchased already.  One is being used by webmail.domain.com and the other I will need to configure.  When I go into the consol it looks like it gives me the address as

lamail3.domain.com not autodiscover.domain.com  I think i'm just confused at which name i should put for the cert
0
 
LVL 1

Author Comment

by:reschete
ID: 37788974
or should i set my cert's name to be lamail3.domain.com/autodiscover/autodiscover.xml?
0
 
LVL 3

Accepted Solution

by:
Padamdeep earned 500 total points
ID: 37789846
You mean on certificate you see lamail3.domain.com? If that's the case then it's not going to work.

If SMTP address of your users is "lamail3.com" then you need to have a certificate with "autodiscover.lamail3.com".

Any reason for purchasing 2 different certificate and not a single SAN certificate with multiple domain names?

You can link one certificate at a time with IIS so that's the reason SAN certs are required.

You may be able to use 2 different certificate for IIS by creating another Website in IIS but I have never tried it.


~ Singh
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now