?
Solved

Android Exchange Sync with SBS 2011

Posted on 2012-04-10
6
Medium Priority
?
856 Views
Last Modified: 2012-04-11
CCertsWe just migrated to Exchange 2011, everything is working fine except email sync to cell phones.

I purchased a UCC certificate from GoDaddy, dns names webmail.company.com, owa.company.com and autodiscover.company.com, as well as company.com.  Went through the complete certificate wizard, assigned the IIS service to the cert. Also installed the intermediate cert that came with it.

One thing I did notice is in EMC, Server Configuration-Client Access-Exchange Certificates, there are alot of pending requests.  When I try to use the complete certificate wizard and point the cert given from GoDaddy, it says it's already installed, which is correct.  But I'm not sure where the certs for all of those are?

Please see screenshot.  Originally a turbo ssl was purchased, which I revoked and bought a UCC certificate.  

Thank you!
0
Comment
Question by:cas_three
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 1500 total points
ID: 37830851
SBS 2011 doesn't do a great job of handling UCC certs
So first, I don't see a "remote.domain.com" here.   when you ran the "setup your internet address" wizard, did you click on the "Advanced" link under the text box where you entered your domain name and change "remote" to "webmail"?

Did you attemp to install the cert using the Install Trusted Cert wizard?
0
 

Author Comment

by:cas_three
ID: 37832679
I actually did a rekey on the UCC cert and added remote.domain.com.  So now there is webmail, owa, autodiscover and remote, all domain.com in the UCC cert.

I went through and changed everything from remote.domain.com to webmail.domain.com.

Also, when I try to browse to the Microsoft ActiveSync directory in IIS7, I get the certificate warning and have to click Continue, so the cert is definitely not somewhere it needs to be.

however, when I select the domain in IIS and go to Server Certificates, I see the GoDaddy UCC cert with all the relevant domains listed above?

I'm so confused!!!  SBS is nice and all, but for this, it sucks haha!
0
 

Author Comment

by:cas_three
ID: 37832724
Also, the certificate is already installed.  Under Network-Connectivity in the SBS consoles it's trusted. I viewed the certificate and it has all the correct SANs on it.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 35

Expert Comment

by:Cris Hanna
ID: 37832769
Again, I'll reiterate what I already said...
SBS doesn't play nicely with UCC certs nor are they required for SBS.    A single domain cert for remote.domainname.com is all that's required (it can actually be anything.domainname.com, but you have to make the change on the advanced. section during the "setup your internet address" wizard.

So which do you want to use?   webmail or remote for accessing SBS remotely and for the MX record?
0
 

Author Comment

by:cas_three
ID: 37832876
webmail, they already have an mx record pointing to webmail.

This was a migration from SBS2003, no external ip's or names have changed.

And whenn running through the setup your internet address wizard, it kept changing my static ip address, which was not a good thing as it would bring everyone down.
0
 

Author Comment

by:cas_three
ID: 37833599
What the problem was i was missing servername.domainname.local on the ucc cert.

Once I created a new requested and rekeyed, it's working.

Thank you
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question