Solved

Autodiscover Exchange 2013 -- Turn off Connect to proxy servers that have this principal name in their certificate

Posted on 2013-11-11
5
3,041 Views
Last Modified: 2013-11-14
Hi,

I am having issues with Exchange Server 2013. Autodiscover is checking the box (Only Connect To Proxy Servers That Have This Principal Name In Their Certificate). How can i disable this.

I have tried:
Set-OutlookProvider EXPR -CertPrincipalName none

but did not work.
0
Comment
Question by:harbz96
  • 2
  • 2
5 Comments
 
LVL 14

Expert Comment

by:Radweld
ID: 39641343
You have to specify a principle name otherwise how with the cert work?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39644516
What is the objective with wanting to disable the function?
If your SSL certificate is for host.example.com then fine. If it is for *.example.com then you can have problems, but usually only with Windows XP clients.

Outline the original issue, not what you believe is the fix.

Simon.
0
 

Author Comment

by:harbz96
ID: 39646125
Hi Simon.

Our certificate is for exchange.domain.com

But our proxy address is mail.domain.local

And it's looking for proxy address in certificate
0
 
LVL 14

Expert Comment

by:Radweld
ID: 39647304
Your certificate must have exchange.domain.com listed as a subject alternative name (SAN) entry or be the principle name (the default name) if the default is something else but contains the san entry you can Set-OutlookProvider EXPR -CertPrincipalName exchange.domain.com
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39647314
You need to reconfigure Exchange to use your public name everywhere. That includes changing the internal and external host name for OWA, ActiveSync, Outlook Anywhere etc. Use a split DNS system to ensure the name resolution goes the correct place.

There should be no reason to change the OutlookProvider value if you configure the host name in Outlook Anywhere correctly.

Internal server names are not allowed on SSL certificates that expire past November 2014, so the switch to split DNS using the external name needs to happen at some point, you may as well do so for a new implementation.

Simon.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In-place Upgrading Dirsync to Azure AD Connect
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question