I've just finished setting up a Microsoft Exchange 2013 environment. We have two servers in two different sites, each site has a domain controller and an exchange server.
We're doing the "internal URL set to the same as the external URL" style of making our SSL certificate work.
The exchange servers are internally known as:
And externally, they are known as:
So on my Internal DNS, I created a zone for "mycompany.com", and set up the records accordingly
siteA.mycompany.com --> [[local IP of exchangeA.mycompany.local]
siteB.mycompany.com --> [[local IP of exchangeA.mycompany.local]
And on my external DNS server (e.g. my web hosting provider), I set up the records:
siteA.mycompany.com --> [[WAN IP address of site A's router]]
siteB.mycompany.com --> [[WAN IP address of site B's router]]
I also updated the InternalURL / ExternalURL for all virtual directories in the Exchange Administration Center / EAC.
Everything is ALMOST working. Smartphones, Outlook from OUTSIDE the office, and Web access all work fine.
What's not working is regular Outlook clients on the local network:
When I am INSIDE the company on the local network, and I attempt to connect a Microsoft Outlook client to Exchange, I get a certificate warning. It appears Outlook is auto-discovering the "exchangeA.mycompany.local
" internal name, instead of the "SiteA.mycompany.com" external name.
The outlook client still works if I push past that warning... but it pops up every time you open Outlook and is incredibly annoying.
Did I miss something?