?
Solved

Domain Name

Posted on 2012-04-11
6
Medium Priority
?
416 Views
Last Modified: 2013-02-28
Hello
Our internal domain name is setup as company.ca (not the same address for external/web purposes).  We have upgraded to Exchange 2010 and are now receiving an annoying security alert popup (the name on the security certificate is invalid or does not match the name of the site.  After research i decided to purchase a certificate and add the domain name.  I contacted Symantec who explained I cannot add this domain name into my existing certificate due to our internal domain name being owned by someone else (who wants big dollars to sell).  

I am hoping someone can help me with this problem - the best way to get rid of the popup.  

Thank you.
0
Comment
Question by:kinggirl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 7

Expert Comment

by:BelushiLomax
ID: 37832925
If you use the Exchange Management tool with 2010 to generate and import your certificate you may get a certificate error warning when connecting with Outlook 2007 or 2010. The issue appears to be in the Internal URL path. If you use the External URL for both internal and external, usually done this way, the certificate import does not update the Internal URL path. To verify and change use the following:

#Check the SCP details (Autodiscover Uri):
Get-ClientAccessServer | FL

#Set the new URI for SCP
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://server external FQDN/Autodiscover/Autodiscover.xml



#Check the Web Services URL:
Get-WebServicesVirtualDirectory | FL

#Set the new URL for Web Services:
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl https://server external FQDN /EWS/Exchange.asmx -ExternalUrl https://server external FQDN /EWS/Exchange.asmx


Example FQDN:                email.Contoso.com


Options Error:

If you set the default domain name in the OWA authentication and users logon with their user name instead of domain\user when choosing Options in OWA it will\may log them off. They should use the describe method on the logon page.
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 1000 total points
ID: 37834178
It's circuitous, but you could set up your own Certification Authority (CA), and then issue your own certificate for internal use.
0
 
LVL 7

Assisted Solution

by:abdulalikhan
abdulalikhan earned 1000 total points
ID: 37836946
There are two option,

One is the public CA which is the best choice, you can buy a UCC with the following names [if there is no co-existance]

mail.domain.com [should be set as default]
autodiscover.domain.com

With this configuration, you need to set every VD (except autodiscover VD) for internal and external as mail.domain.com.

Also set your internal DNS for mail.domain.com and autodiscover.domain.com to point to your CAS server/NLB.

Second option, is to use a local CA and define it as,

mail.domain.com [should be set as default]
autodiscover.domain.com
localhostFQDN [Every CAS server FQDN]

This will only alert your users if they are not on the domain or the root CA is not on their machine.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question