Exchange server 2003 to 2010 migration

We have done migration from exchange server 2003 to exchange server 2010.

We have successfully moved all the mailboxes and public folders to the exchange server 2010.
We have verified the mail flow and its working fine.
Still we have not done decommission of exchange server 2003 because we are facing issue with wild card ssl certificate.
Doamin name: xyz.contoso.com
FQSN name of exchange server 2003 - def-mail.xyz.contoso.com
FQDN name of exchange server 2010 - abc-mail.xyz.contoso.com

owa URL 2003: https://mail.contoso.com/exchange
Owa URL 2010: https://mail.contoso.com/owa

We have split dns configuration.
We purchased the Wild card SSL certificate with *.contoso.com

We have verified below things
2010 owa can be accessed externally and internally with url: https://mail.contoso.com/owa
and mail flow is working fine.

we are able to configure emails in cell phone with the url: https://mail.contoso.com and mail flow is working fine

outlook client can be configured externally and mail flow is working and no error found. but we have verified the server url after the outlook configuration. the server name is abc-mail.xyz.contoso.com. It should be mail.contoso.com. right?

When we are configure outlook internally then we are getting error message of "the name on the security certificate is invalid or does not match the name of the site"

From the outlook client we have done test email auto configuration the we are getting error of "autodiscover to https://contoso.com/autodiscover/autodiscover.xml failed (0x800c8203) "

kindly suggetst... we are stuck over here...
rigelnetAsked:
Who is Participating?
 
hecgomrecCommented:
When you setup Exchange Server it creates a default self-signed certificate for internal use and the common name on it is usually the machinename.domainname, when you installed the new certificate you did with your external (internet facing) name which is normal but now you need to replace the fully qualified domain name (FQDN) of the URL that is stored in the following objects:

The Service Connection Point for the Autodiscover
The InternalUrl of Exchange Web Service (EWS)
The InternalUrl of the OAB Web service


Here is what worked for me: http://support.microsoft.com/kb/940726 

Make sure your DNS match the settings you just changed.
0
 
Arjun VyavahareTechnical ConsultantCommented:
Hi,

Suggest you to go through below url, which contains the steps to resolve this issue:-

http://blogs.technet.com/b/tips_from_the_inside/archive/2012/01/11/autodiscover-fails-for-one-or-more-users.aspx

Regards,
Arjun
0
 
R--RCommented:
check this from http://technet.microsoft.com may help you.

http://technet.microsoft.com/en-us/library/cc535023(v=exchg.80).aspx

Set-OutlookProvider EXPR -CertPrincipalName msstd:*.contoso.com.com
Set-OutlookProvider EXCH -CertPrincipalName msstd:*.contoso.com.com

also check if internalurl and external url is configured as mail.contoso.com of webservices and clientaccessserver.

Check this from http://premnair.wordpress.com

http://premnair.wordpress.com/2010/07/03/configure-ews-autodiscover-owa-oab-ecp-on-exchange-server-2010/
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
MaheshArchitectCommented:
What is your autodiscover Host(A) record ?
I don't see any record mentioned above.
Since you have split dns in place https://contoso.com would give you error because you must be having domain controllers blank fqdn records present in AD zone contoso.com which might be the cause of autodiscover query failure, its likely dns name resolution failure

Please configure autodiscover.contoso.com entry in dns pointing to Exchange 2010 CAS server and check

Mahesh
0
 
davorinCommented:
Exchange server name abc-mail.xyz.contoso.com in outlook is just fine. mail.contoso.com and *.contoso.com should be configured in exchange proxy settings.

For internal configuration the problem is (not 100% sure) that you are using dual level subdomain. If the internal server name yould be abc-mail.contoso.com or xyz.contoso.com it should be fine, but you are using abc-mail.XYZ.contoso.com

http://en.wikipedia.org/wiki/Wildcard_certificate
0
 
Simon Butler (Sembee)ConsultantCommented:
I would go one step further.
Change to use an RPC CAS Array address instead (which everyone with Exchange 2010 should do). That will be an internal only host name that exists in DNS only. That will stop you from using the server's real name, and if you start using a load balancer or migrate to another Exchange 2010 server it will make the decommissioning of the existing server much easier.

Simon.
0
 
rigelnetAuthor Commented:
Still we are facing below issue

When we are configure outlook internally then we are getting error message of "the name on the security certificate is invalid or does not match the name of the site"

we have configured autodiscover host A record is : mail.contoso.com

external url: https://mail.contoso.com
0
 
Simon Butler (Sembee)ConsultantCommented:
You haven't changed all of the URLs.
Go through my article here: http://semb.ee/hostnames

It outlines everything that needs to be changed.

Simon.
0
 
rigelnetAuthor Commented:
For more clear view ,

We have done migration from exchange server 2003 to exchange server 2010.

We have successfully moved all the mailboxes and public folders to the exchange server 2010.
We have verified the mail flow and its working fine.
Still we have not done decommission of exchange server 2003 because we are facing issue with wild card ssl certificate.
Doamin name: willoughby.castnylon.com
FQSN name of exchange server 2003 - Jabba.willoughby.castnylon.com
FQDN name of exchange server 2010 - Cnl-mail.willoughby.castnylon.com

owa URL 2003: http://mail.castnylon.com/exchange
Owa URL 2010: https://mail.castnylon.com/owa

We have split dns configuration.
We purchased the Wild card SSL certificate with *.castnylon.com

We have verified below things
2010 owa can be accessed externally and internally with url: https://mail.castnylon.com/owa
and mail flow is working fine.

we are able to configure emails in cell phone with the url: https://mail.castnylon.com and mail flow is working fine

outlook client can be configured externally and mail flow is working and no error found. but we have verified the server url after the outlook configuration. the server name is cnl-mail.willoughby.castnylon.com It should be mail.castnylon.com. right?

When we are configure outlook internally then we are getting error message of "the name on the security certificate is invalid or does not match the name of the site"

From the outlook client we have done test email auto configuration the we are getting error of "autodiscover to https://castnylon.com/autodiscover/autodiscover.xml failed (0x800c8203) "

kindly suggest... we are stuck over here...
Error1.JPG
Error2.JPG
Error3.JPG
Error4.JPG
Error5.JPG
Error6.JPG
0
 
hecgomrecCommented:
Please follow the indications I gave you... you will fix your issues... I had the same error when I did my migration.

All your settings should match, internal and external.
0
 
Simon Butler (Sembee)ConsultantCommented:
"but we have verified the server url after the outlook configuration. the server name is cnl-mail.willoughby.castnylon.com It should be mail.castnylon.com. right?"

No.

The server name will always be the server's REAL name.
If you are getting SSL prompts then that is NOT the cause of them, it is because you have missed one of the URLs.

Simon.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.