Help Users cannot connect to new exchnage Internally

Hi All just setup a new domain with exchange 2013 users are using office 2010.

on opening outlook it starts to configure email, we get a cert error but that is because we have not installed one yet.

it cannot seem to resolve the user name, I thought you could use the standard cert, could this be the issue??
pepps11976Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ganesh Kumar ASr Infrastructure SpecialistCommented:
By default Exchange 2013 autodiscover needs UCC, you also can use SAN Wildcard certificate but it depends based on the multiple domains. Recommended is public UCC certificate. You can go with any UCC certificate providers like digicert, godaddy, etc.,. If the autodiscover works well, then you wont be facing issue with the client communication with Exchange 2013.

To identify the connectivity and certificate issues : https://testconnectivity.microsoft.com/ run this and post the error you see.
0
Adam FarageSr. Enterprise ArchitectCommented:
Exchange 2013 requires AutoDiscover as Anand said. Since the clients are internal you would setup the namespace for AutoDiscover using the Active Directory SCP object, you can do that by doing the following:

Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverInternalUri https://autodiscover.company.com/autodiscover/autodiscover.xml

From there you would do two things:

1) make sure the autodiscover FQDN is within the SSL certificate assigned to the Exchange server (IIS) and then restart IIS using IISRESET /NOFORCE
2) make sure DNS for the autodiscover.company.com domain is pointed to either a load balancer (if one exists) or the Exchange CAS role


That should resolve your issue. AutoDiscover is automatically turned on in Exchange 2013 as it is *required* for client connectivity. The steps above will help you configure it.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pepps11976Author Commented:
Ok so just to clarify

my exchange server is called exchange which is on a domain so exchange.domain-uk.com

if I purchase a wildcard cert for domain-uk.com, internal users will be able to connect? or do I still need to creat an A record pointing to the server.

is there not a quick workaround just to get these guys working?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Adam FarageSr. Enterprise ArchitectCommented:
What I posted above is are the steps required. I would recommend reviewing them but you have the certificate portion done which is great. If you do not setup Autodiscover correctly this error will show.

I would also check to make sure that IIS is assigned to your certificate.

get-ExchangeCertificate |fl
0
pepps11976Author Commented:
Ok I purchased a wild card cert from go daddy

I clicked complete in the ECP console browsed to the .crt location but when I try to install I get the following

Error
Sorry but I am pretty new to Exchange and have users screaming at me at the moment any more help much appreciated
0
Adam FarageSr. Enterprise ArchitectCommented:
Run the following in Exchange management shell:
Get-ExchangeCertificate -Thumbprint 414CF234B784F320036BEFCF0EE4A26DA9C715C6 | FL

Open in new window


Post the results here for review into a text file (its easier for us to view).
0
pepps11976Author Commented:
that errors I have attached

Cert.txt
0
Adam FarageSr. Enterprise ArchitectCommented:
ive seen this before :)

Try repairing the certificate store:

certutil -repairstore my "YourSerialNumber"

Open in new window


That serial number should be the thumbprint. Once you are done rerun the import request and try the command I gave you above. Also try "Get-ExchangeCertificate | FL" and post the output.

**edit**

Much better instructions: https://support.comodo.com/index.php?/Knowledgebase/Article/View/624/0/privatekeymissing-when-running-enable-exchangecertificate

I ran into the SAME EXACT issue when I did this on my first Exchange 2013 deployment. I think something with Exchange / Server 2012 is funky.
0
pepps11976Author Commented:
Arrggggg

I managed to install the Cert however users were still getting certificate issue, now I can no longer access EAC I logon in and just get a white page, I have read this can be cause by certs.

Please helpp
0
Adam FarageSr. Enterprise ArchitectCommented:
Run IISRESET /NOFORCE or restart the Exchange servers..
0
pepps11976Author Commented:
I have restarted twice but still no luck
0
pepps11976Author Commented:
I found this but how do I know what cert to delete?

http://www.techieshelp.com/exchange-2013-eac-ecp-blank-screen/
0
pepps11976Author Commented:
certerror.jpg
these are my certs but im not sure which one to delete
0
Adam FarageSr. Enterprise ArchitectCommented:
On the blank ECP screen (in the browser) look at the certificate. That is most likely the one that needs to go.
0
pepps11976Author Commented:
ok I have deleted the cert now I cannot even log into ecp, meaning I get page cannot be displayed not even a login box anymore
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.