Solved

External autodiscover issues with clients of Exchange 2010

Posted on 2014-04-29
7
28 Views
Last Modified: 2016-06-02
Hello,

I have several users in the field that we have moved away from POP3 for Outlook to connect to Exchange and have moved them to Exchaneg over HTTPS. I get a security warning on  Outlook after it connects stating for "autodiscover.example.com" The name of the security certifiacte is invalid or does not match the name of the site. This statement is totally accurate. The actual name on the certificate site is remote.example1.com. This is actually the cert for our OWA site. I did some research created and SRV record pointing to the correct site name internally and that is not an issue. However, how do I get this issue resolved? We have several email domains inside the company that is different than the domain name present in the cert.

Any guidance is appreciated!

Thank you!
0
Comment
Question by:wunderlich
  • 2
  • 2
7 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40030596
Your SRV record should be pointing to remote.example1.com so that Autodiscover resolves and you can modify your internal URL's to point to remote.example1.com by running the following Exchange Management Shell commands:

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://remote.example1.com/EWS/Exchange.asmx
Set-oabvirtualdirectory -Identity * -internalurl “https://remote.example1.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://remote.example1.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://remote.example1.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://remote.example1.com/Microsoft-Server-ActiveSync"

That should resolve the Certificate errors.

Alan
0
 
LVL 12

Accepted Solution

by:
Md. Mojahid earned 500 total points
ID: 40031440
what type of certificate you have. You should go with SAN certificate.
0
 

Author Comment

by:wunderlich
ID: 40031986
Mojahid,

Thank you this was the conclusion I came to at 9:00 last night!

Thank you!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40032004
You don't need a SAN certificate.  You can make it work happily with a single name certificate.

Alan
0
 

Author Comment

by:wunderlich
ID: 40032017
Alan,

I have been working though stuff you suggested and keep hitting roadblocks. I did more research and came to the same conclusion as Mojahid. Though your solutions did point out some research points and with such I will try to alert point strategy.

Thank you.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Are you unable to connect or configure Hotmail email account in Microsoft Outlook 2010, 2007? Or Outlook.com emails are not downloading to Outlook? Lets’ see the problem and resolve Outlook Connector error syncing folder hierarchy (0x8004102A).
This video discusses moving either the default database or any database to a new volume.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now