Solved

Exchange 2007 Legacy

Posted on 2013-06-01
5
965 Views
Last Modified: 2013-06-01
Hello,

I have configured a new Exchange 2013 server and it has gone quite well. I am though a little confused on the legacy setup and the certificate process for coexistence.

I have one 2007 Exchange and one 2013

I have created a DNS A record internally and externally for legacy.domain.com. This points to the 2007 Exchange server.

When I browse https://legacy.domain.com I am welcomed by a certificate error screen. Upon pressing continue it forwards to me https://mail.domain.com (which is the OWA front end for my 2007 exchange) which has no cert errors and has the third party cert  (GoDaddy)

I guess my questions are...

1) Do I have to now create a new certificate with godaddy for legacy.domain.com and bind it to the 2007 exchange server?

2) How do I enable the 2007 OWA so it uses legacy.domain.com URL as its OWA address

3) Once the legacy url and cert is working on the 2007 exchange I will then point mail.domain.com to the 2013 exchange. I will also have to re-issue the original cert as mail.domain.com is hosted on a new server?
0
Comment
Question by:lebz29
  • 3
  • 2
5 Comments
 
LVL 8

Accepted Solution

by:
vSolutionsIT earned 500 total points
ID: 39213492
answeres to your questions below

1) yes, you will have to create a new third party certificate with legacy.domain.com added to it's subjecdt alternative properties. once this certificate is avaialble you will have to install it on your legacy server as well.

2) you will have to use powershell cmdlet to redirect legacy to exchange 2007 server.

3)correct. once the new certificate is installed and powershell command is executed you will have to point your firewall to route mailflow/owa/acitvesync traffic to exchange 2013 server. you relly dont need to assign a new certificate as it should contain all the enteries when you created the certificate.

For better understanding read below article. even through it is for exchange 2003 - exchange 2010 the same concept applies to exchange 2013 as well.
http://exchangeserverpro.com/exchange-2003-2010-coexistence/
0
 

Author Comment

by:lebz29
ID: 39213511
Thank you. For step #3 How do I then import my third party cert into the 2013 server?
0
 
LVL 8

Expert Comment

by:vSolutionsIT
ID: 39213581
0
 

Author Comment

by:lebz29
ID: 39213603
Thank you. I meant to post I was ok earlier

So here is the issue I am now having with the certs.

1) Imported the legacy cert into 2007 and changed the URL path for OWA accordingly and changed the binding for IIS

2) Imported the original exchange cert just fine into 2013. I changed my firewall settings to the new 2013 server. OWA 2013 pops up just fine externally (awesome). I go to login with my user credentials and the page doesn't re-direct to the legacy OWA. Instead I get a  "Page cannot be displayed" error. If I browse the 2013s OWA instance locally on the 2013 server it re-directs me to the 2007 instance where I have to login again.

2) The moment I change the SSL cert on my 2007 server to add the legacy.domain.com I receive a constant popup in outlook indicating cert name does not match the server name.
0
 
LVL 8

Expert Comment

by:vSolutionsIT
ID: 39213657
you will have to modify exchange web services url's on the exchange 2007 server as per the domain name in the new certificate.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now