[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

External autodiscover issues with clients of Exchange 2010

Posted on 2014-04-29
7
Medium Priority
?
44 Views
Last Modified: 2016-06-02
Hello,

I have several users in the field that we have moved away from POP3 for Outlook to connect to Exchange and have moved them to Exchaneg over HTTPS. I get a security warning on  Outlook after it connects stating for "autodiscover.example.com" The name of the security certifiacte is invalid or does not match the name of the site. This statement is totally accurate. The actual name on the certificate site is remote.example1.com. This is actually the cert for our OWA site. I did some research created and SRV record pointing to the correct site name internally and that is not an issue. However, how do I get this issue resolved? We have several email domains inside the company that is different than the domain name present in the cert.

Any guidance is appreciated!

Thank you!
0
Comment
Question by:wunderlich
  • 2
  • 2
5 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40030596
Your SRV record should be pointing to remote.example1.com so that Autodiscover resolves and you can modify your internal URL's to point to remote.example1.com by running the following Exchange Management Shell commands:

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://remote.example1.com/EWS/Exchange.asmx”
Set-oabvirtualdirectory -Identity * -internalurl “https://remote.example1.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://remote.example1.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://remote.example1.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://remote.example1.com/Microsoft-Server-ActiveSync"

That should resolve the Certificate errors.

Alan
0
 
LVL 12

Accepted Solution

by:
Md. Mojahid earned 2000 total points
ID: 40031440
what type of certificate you have. You should go with SAN certificate.
0
 

Author Comment

by:wunderlich
ID: 40031986
Mojahid,

Thank you this was the conclusion I came to at 9:00 last night!

Thank you!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40032004
You don't need a SAN certificate.  You can make it work happily with a single name certificate.

Alan
0
 

Author Comment

by:wunderlich
ID: 40032017
Alan,

I have been working though stuff you suggested and keep hitting roadblocks. I did more research and came to the same conclusion as Mojahid. Though your solutions did point out some research points and with such I will try to alert point strategy.

Thank you.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month18 days, 22 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question