Solved

Android Exchange Sync with SBS 2011

Posted on 2012-04-10
6
829 Views
Last Modified: 2012-04-11
CCertsWe just migrated to Exchange 2011, everything is working fine except email sync to cell phones.

I purchased a UCC certificate from GoDaddy, dns names webmail.company.com, owa.company.com and autodiscover.company.com, as well as company.com.  Went through the complete certificate wizard, assigned the IIS service to the cert. Also installed the intermediate cert that came with it.

One thing I did notice is in EMC, Server Configuration-Client Access-Exchange Certificates, there are alot of pending requests.  When I try to use the complete certificate wizard and point the cert given from GoDaddy, it says it's already installed, which is correct.  But I'm not sure where the certs for all of those are?

Please see screenshot.  Originally a turbo ssl was purchased, which I revoked and bought a UCC certificate.  

Thank you!
0
Comment
Question by:cas_three
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
ID: 37830851
SBS 2011 doesn't do a great job of handling UCC certs
So first, I don't see a "remote.domain.com" here.   when you ran the "setup your internet address" wizard, did you click on the "Advanced" link under the text box where you entered your domain name and change "remote" to "webmail"?

Did you attemp to install the cert using the Install Trusted Cert wizard?
0
 

Author Comment

by:cas_three
ID: 37832679
I actually did a rekey on the UCC cert and added remote.domain.com.  So now there is webmail, owa, autodiscover and remote, all domain.com in the UCC cert.

I went through and changed everything from remote.domain.com to webmail.domain.com.

Also, when I try to browse to the Microsoft ActiveSync directory in IIS7, I get the certificate warning and have to click Continue, so the cert is definitely not somewhere it needs to be.

however, when I select the domain in IIS and go to Server Certificates, I see the GoDaddy UCC cert with all the relevant domains listed above?

I'm so confused!!!  SBS is nice and all, but for this, it sucks haha!
0
 

Author Comment

by:cas_three
ID: 37832724
Also, the certificate is already installed.  Under Network-Connectivity in the SBS consoles it's trusted. I viewed the certificate and it has all the correct SANs on it.
0
Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

 
LVL 35

Expert Comment

by:Cris Hanna
ID: 37832769
Again, I'll reiterate what I already said...
SBS doesn't play nicely with UCC certs nor are they required for SBS.    A single domain cert for remote.domainname.com is all that's required (it can actually be anything.domainname.com, but you have to make the change on the advanced. section during the "setup your internet address" wizard.

So which do you want to use?   webmail or remote for accessing SBS remotely and for the MX record?
0
 

Author Comment

by:cas_three
ID: 37832876
webmail, they already have an mx record pointing to webmail.

This was a migration from SBS2003, no external ip's or names have changed.

And whenn running through the setup your internet address wizard, it kept changing my static ip address, which was not a good thing as it would bring everyone down.
0
 

Author Comment

by:cas_three
ID: 37833599
What the problem was i was missing servername.domainname.local on the ucc cert.

Once I created a new requested and rekeyed, it's working.

Thank you
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question