?
Solved

Domain Name

Posted on 2012-04-11
6
Medium Priority
?
421 Views
Last Modified: 2013-02-28
Hello
Our internal domain name is setup as company.ca (not the same address for external/web purposes).  We have upgraded to Exchange 2010 and are now receiving an annoying security alert popup (the name on the security certificate is invalid or does not match the name of the site.  After research i decided to purchase a certificate and add the domain name.  I contacted Symantec who explained I cannot add this domain name into my existing certificate due to our internal domain name being owned by someone else (who wants big dollars to sell).  

I am hoping someone can help me with this problem - the best way to get rid of the popup.  

Thank you.
0
Comment
Question by:kinggirl
3 Comments
 
LVL 7

Expert Comment

by:BelushiLomax
ID: 37832925
If you use the Exchange Management tool with 2010 to generate and import your certificate you may get a certificate error warning when connecting with Outlook 2007 or 2010. The issue appears to be in the Internal URL path. If you use the External URL for both internal and external, usually done this way, the certificate import does not update the Internal URL path. To verify and change use the following:

#Check the SCP details (Autodiscover Uri):
Get-ClientAccessServer | FL

#Set the new URI for SCP
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://server external FQDN/Autodiscover/Autodiscover.xml



#Check the Web Services URL:
Get-WebServicesVirtualDirectory | FL

#Set the new URL for Web Services:
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl https://server external FQDN /EWS/Exchange.asmx -ExternalUrl https://server external FQDN /EWS/Exchange.asmx


Example FQDN:                email.Contoso.com


Options Error:

If you set the default domain name in the OWA authentication and users logon with their user name instead of domain\user when choosing Options in OWA it will\may log them off. They should use the describe method on the logon page.
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 1000 total points
ID: 37834178
It's circuitous, but you could set up your own Certification Authority (CA), and then issue your own certificate for internal use.
0
 
LVL 7

Assisted Solution

by:abdulalikhan
abdulalikhan earned 1000 total points
ID: 37836946
There are two option,

One is the public CA which is the best choice, you can buy a UCC with the following names [if there is no co-existance]

mail.domain.com [should be set as default]
autodiscover.domain.com

With this configuration, you need to set every VD (except autodiscover VD) for internal and external as mail.domain.com.

Also set your internal DNS for mail.domain.com and autodiscover.domain.com to point to your CAS server/NLB.

Second option, is to use a local CA and define it as,

mail.domain.com [should be set as default]
autodiscover.domain.com
localhostFQDN [Every CAS server FQDN]

This will only alert your users if they are not on the domain or the root CA is not on their machine.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to effectively resolve the number one email related issue received by helpdesks.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Suggested Courses
Course of the Month16 days, 5 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question