troubleshooting Question

Fixing some client access problems in Exchange 2007

Avatar of tp-it-team
tp-it-team asked on
Exchange
4 Comments1 Solution194 ViewsLast Modified:
My predecessor ordered an incorrect SSL certificate for our Exchange 2007 server. The problem was that he only included external server name, not the internal, so after installing it, we started getting certificate errors in Outlook.
Please remember that I'm trying my best to guess what he was doing, I have no contact with that person anymore.
So, instead of ordering a correct cert once again, he applied a 'fix', something like this:
http://www.ntweekly.com/?p=94
I would like to take it back to how it all should be, I have a correct certificate installed now.

In order to reverse that 'fix', I deleted the DNS zone created by my predecessor. I'm not sure if its related or not but now the out of office assistant in outlook doesn't work on PC clients and MAC users are reporting that their email is not working. They are using Outlook for MACs. I maybe wrong but I suspect that it maybe something to do with client access settings on my Exchange.
Here is how it looks like now:

Outlook web access:
Internal: https://exchange.internaldomain.co.uk/owa
External: https://mail.externaldomain.co.uk/owa

For active sync I have only external address in internal field:
https://mail.externaldomain.co.uk/Microsoft-Server-Activesync
External field is empty.

Offline address book distribution is the same:
external url in internal url field and external url field empty.

here is what I have for internal auto discovery:
Name                           : EXCHANGE
AutoDiscoverServiceInternalUri : https://mail.externaldomain.co.uk/autodiscover/autod
                                 iscover.xml

External is just
Name       : EXCHANGE
*External* :

I'm not sure IF these settings relate to out of office and mac problem but I guess that config is wrong and was altered so even internal clients are connecting using mail.externaldomain.co.uk as it was the only server name in the certificate. Can you help fixing that mess, please ? Ideally, I would like to get examples of the correct URL's, not just - 'ehh, use internal one in here.'.

Any other ideas or general guidelines on how to rationalize CAS settings will be greatly appreciated.

THANKS
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros