Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 520
  • Last Modified:

Security Alert in Outlook

Odd issue, which I believe to know why it's happening, but not how to fix it right now.

We recently acquired a new company, they are using Outlook 365 and still connecting to and using their old email domain, not connected to our Exchange servers at all.  However, they do log on to our domain.

We are putting up a new Exchange 2010 VM and transferring mailboxes for the rest of the company over.

Only these users not configured for our email are getting a security warning for the new exchange server:

server.domain.local - information you exchange with this site cannot be viewed or changed by others.  However, there is a problem with the site's security certificate.  

With the name on the security certificate is invalid or does not match the name of the site being the one marked with the red X.

So I believe since they log onto our domain, for some reason Outlook autodiscover is seeing the new server even though it's not even configured to use it for email... how can I prevent this error?

The old exchange server never gave errors, and is still running.  I do not have any services pointed and running on the new server yet.  I do have a UCC certificate installed on the new server, the old one only had a self signed certificate, but as mentioned, never gave any errors to them.
0
DerekFG
Asked:
DerekFG
  • 2
  • 2
2 Solutions
 
Jamie McKillopIT ManagerCommented:
Hello,

You need to stop the IIS services on your server until you are ready to go live. The problem is that when you setup the server, it registered the SCP in AD. Outlook is then pulling that value when it does autodiscover.

-JJ
0
 
DerekFGAuthor Commented:
Hmm - I guess I can temporarily stop the services while not testing things.  This would just kill OWA and AutoDiscover correct? I could still manage mailbox migrations for testing, etc.. then just turn IIS back on after hours when testing owa/etc.

I thought there may be someway to just remove the internal/external autodiscover url completely for now from the EMC and achieve the same.
0
 
Jamie McKillopIT ManagerCommented:
Yes, you can also run set-clientaccessserver -identity <server> -autodiscoverserviceinternaluri $null

-JJ
0
 
DerekFGAuthor Commented:
Much appreciated.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now