Solved

External autodiscover issues with clients of Exchange 2010

Posted on 2014-04-29
7
34 Views
Last Modified: 2016-06-02
Hello,

I have several users in the field that we have moved away from POP3 for Outlook to connect to Exchange and have moved them to Exchaneg over HTTPS. I get a security warning on  Outlook after it connects stating for "autodiscover.example.com" The name of the security certifiacte is invalid or does not match the name of the site. This statement is totally accurate. The actual name on the certificate site is remote.example1.com. This is actually the cert for our OWA site. I did some research created and SRV record pointing to the correct site name internally and that is not an issue. However, how do I get this issue resolved? We have several email domains inside the company that is different than the domain name present in the cert.

Any guidance is appreciated!

Thank you!
0
Comment
Question by:wunderlich
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40030596
Your SRV record should be pointing to remote.example1.com so that Autodiscover resolves and you can modify your internal URL's to point to remote.example1.com by running the following Exchange Management Shell commands:

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://remote.example1.com/EWS/Exchange.asmx”
Set-oabvirtualdirectory -Identity * -internalurl “https://remote.example1.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://remote.example1.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://remote.example1.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://remote.example1.com/Microsoft-Server-ActiveSync"

That should resolve the Certificate errors.

Alan
0
 
LVL 12

Accepted Solution

by:
Md. Mojahid earned 500 total points
ID: 40031440
what type of certificate you have. You should go with SAN certificate.
0
 

Author Comment

by:wunderlich
ID: 40031986
Mojahid,

Thank you this was the conclusion I came to at 9:00 last night!

Thank you!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40032004
You don't need a SAN certificate.  You can make it work happily with a single name certificate.

Alan
0
 

Author Comment

by:wunderlich
ID: 40032017
Alan,

I have been working though stuff you suggested and keep hitting roadblocks. I did more research and came to the same conclusion as Mojahid. Though your solutions did point out some research points and with such I will try to alert point strategy.

Thank you.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question