Problem on Exchange 2013 Transitioning

Hi Experts,

We are on transitioning from Exchange 2010 to Exchange 2013, on Exchange 2010  we have two HT/CAS Servers (combine role) and two MB Servers while on Exchange 2013 we also have two CAS and two MB Server. The rpc client access is mail.domain.local of Exchange 2010 while I created NLB on two Exchange 2013 CAS with name mail01.domain.local.  When we migrated the users from Exchange 2010 Mailbox Database to Exchange 2013 Database users can access easily on OWA and all mail flow are OK,but on the outlook configuration we can configure the user if we use mail01.domain.local, name will be resolve if we use the old FQDN of client access array mail.domain.local but when we open the Outlook an error is always occurred (See attachement).

Exchange 2013 Outlook 2010 Problem
Hope can you help me on this.

Thanks,
LVL 1
junyapAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
No, you just need to change all of the URLs within Exchange to use the name on your trusted SSL certificate and then configure a SPLIT DNS system so that the external name resolves internally.

http://semb.ee/splitdns

Simon.
0
 
Simon Butler (Sembee)ConsultantCommented:
First - did you test Outlook before implementing WNLB?
If not, then undo WNLB and test it again. Furthermore the Microsoft Exchange team do not recommend the use of WNLB.

Next - Outlook should not be configured manually, you MUST allow Autodiscover to do it. That is because on Exchange 2013 the server name in Outlook is unique for every user. This is due to the change in the architecture of Exchange 2013.

Therefore the first thing I would be looking at is whether Autodiscover is working correctly.

Simon.
0
 
junyapAuthor Commented:
Hi Simon,

I have not tested the outlook before I implement the WNLB. I just used it since I do not have hardware load balancer.  For the autodiscover should I point it on my two CAS Server?  Also I found something on the databases of Exchange 2013 that they inherited the fqdn of client access array of my exchange 2010, Can this be related to the problem? Hope that can you also provide link on better transition to Exchange 2013.

Thanks,
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Simon Butler (Sembee)ConsultantCommented:
"I have not tested the outlook before I implement the WNLB."

That was a mistake, because you the problem of WNLB (which is a very poor tool) getting in way. I would undo WNLB completely.

Personally I wouldn't have deployed the separate CAS role servers. Instead of the additional licences those involve, I would have used the money for hardware load balancers. Much better solution all round.

Exchange 2013 doesn't use the CAS Array setting at all, so while they may have inherited, they shouldn't be using it. Exchange 2013 only connects via Outlook Anywhere, so you have to test there, along with Autodiscover.

Have you tested Autodiscover to see if it works?
Do you have a trusted SSL certificate in place?

Simon.
0
 
junyapAuthor Commented:
Hi Simon,

Yes I have SSL for autodiscover but it is still pointed on the legacy server. Do you recommend that I should combine the roles instead of having two CAS and MB server
0
 
junyapAuthor Commented:
Hi Simon,

I already removed the two CAS Servers and install the role to MB. For now I still cannot connect to Outlook, it appearing the certificate but the name resolve was the local name of the MB server (MBX02.domain.local)  which is far different from our SSL name (mail.domain.com). Should I request that the server has certificate?

Thanks,
0
 
junyapAuthor Commented:
Hi Simon,

You are correct before your comment I read this article
http://exchangeserverpro.com/avoiding-exchange-2013-server-names-ssl-certificates/

Which solve my problem on configuring outlook. I created my external domain (domain.com) inside my internal DNS to resolve the name inside the SSL.

Thanks,
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.