Security Alert in Outlook

Posted on 2014-02-19
Last Modified: 2014-02-19
Odd issue, which I believe to know why it's happening, but not how to fix it right now.

We recently acquired a new company, they are using Outlook 365 and still connecting to and using their old email domain, not connected to our Exchange servers at all.  However, they do log on to our domain.

We are putting up a new Exchange 2010 VM and transferring mailboxes for the rest of the company over.

Only these users not configured for our email are getting a security warning for the new exchange server:

server.domain.local - information you exchange with this site cannot be viewed or changed by others.  However, there is a problem with the site's security certificate.  

With the name on the security certificate is invalid or does not match the name of the site being the one marked with the red X.

So I believe since they log onto our domain, for some reason Outlook autodiscover is seeing the new server even though it's not even configured to use it for email... how can I prevent this error?

The old exchange server never gave errors, and is still running.  I do not have any services pointed and running on the new server yet.  I do have a UCC certificate installed on the new server, the old one only had a self signed certificate, but as mentioned, never gave any errors to them.
Question by:DerekFG
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 37

Accepted Solution

Jamie McKillop earned 500 total points
ID: 39870755

You need to stop the IIS services on your server until you are ready to go live. The problem is that when you setup the server, it registered the SCP in AD. Outlook is then pulling that value when it does autodiscover.


Author Comment

ID: 39870820
Hmm - I guess I can temporarily stop the services while not testing things.  This would just kill OWA and AutoDiscover correct? I could still manage mailbox migrations for testing, etc.. then just turn IIS back on after hours when testing owa/etc.

I thought there may be someway to just remove the internal/external autodiscover url completely for now from the EMC and achieve the same.
LVL 37

Assisted Solution

by:Jamie McKillop
Jamie McKillop earned 500 total points
ID: 39870836
Yes, you can also run set-clientaccessserver -identity <server> -autodiscoverserviceinternaluri $null


Author Comment

ID: 39870844
Much appreciated.

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Overload?
You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question