[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

External autodiscover issues with clients of Exchange 2010

Posted on 2014-04-29
7
Medium Priority
?
40 Views
Last Modified: 2016-06-02
Hello,

I have several users in the field that we have moved away from POP3 for Outlook to connect to Exchange and have moved them to Exchaneg over HTTPS. I get a security warning on  Outlook after it connects stating for "autodiscover.example.com" The name of the security certifiacte is invalid or does not match the name of the site. This statement is totally accurate. The actual name on the certificate site is remote.example1.com. This is actually the cert for our OWA site. I did some research created and SRV record pointing to the correct site name internally and that is not an issue. However, how do I get this issue resolved? We have several email domains inside the company that is different than the domain name present in the cert.

Any guidance is appreciated!

Thank you!
0
Comment
Question by:wunderlich
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40030596
Your SRV record should be pointing to remote.example1.com so that Autodiscover resolves and you can modify your internal URL's to point to remote.example1.com by running the following Exchange Management Shell commands:

Set-AutodiscoverVirtualDirectory -Identity * -internalurl “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-ClientAccessServer -Identity * -AutodiscoverServiceInternalUri “https://remote.example1.com/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory -Identity * -internalurl “https://remote.example1.com/EWS/Exchange.asmx”
Set-oabvirtualdirectory -Identity * -internalurl “https://remote.example1.com/oab”
Set-owavirtualdirectory -Identity * -internalurl “https://remote.example1.com/owa”
Set-ecpvirtualdirectory -Identity * -internalurl “https://remote.example1.com/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://remote.example1.com/Microsoft-Server-ActiveSync"

That should resolve the Certificate errors.

Alan
0
 
LVL 12

Accepted Solution

by:
Md. Mojahid earned 2000 total points
ID: 40031440
what type of certificate you have. You should go with SAN certificate.
0
 

Author Comment

by:wunderlich
ID: 40031986
Mojahid,

Thank you this was the conclusion I came to at 9:00 last night!

Thank you!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 40032004
You don't need a SAN certificate.  You can make it work happily with a single name certificate.

Alan
0
 

Author Comment

by:wunderlich
ID: 40032017
Alan,

I have been working though stuff you suggested and keep hitting roadblocks. I did more research and came to the same conclusion as Mojahid. Though your solutions did point out some research points and with such I will try to alert point strategy.

Thank you.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question