Solved

Exchange 2010 Autodiscover returns internal server FQDN

Posted on 2014-11-15
7
244 Views
Last Modified: 2014-12-15
I have a Microsoft Exchange 2010 installation.  I purchased a UCC certificate, but I am having issues because of the changes in UCC SAN issuance related to invalid FQDN.

Now, I'm trying to fix a problem where all of my clients are getting certificate errors internally because the internal FQDN is xxxx.xxxx.LAN.  Obviously the UCC points to the outside FQDN.  Since I cannot add anything to the certificate to aleviate this, I'm trying to get the server to return the external FQDN whether accessed from inside or out.

Currently, it returns the internal FQDN whether accessing it from inside or out.  I have executed the following Powershell commands in an attempt to fix this, but to no avail:
Set-ClientAccessServer -Identity MYLOCALSERVER -AutodiscoverServiceInternalUri https://MYEXTERNALSERVER.MYDOMAIN.com/autodiscover/autodiscover.xml

Open in new window

Set-WebServicesVirtualDirectory -Identity "MYLOCALSERVER\EWS (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/ews/exchange.asmx

Open in new window

Set-OABVirtualDirectory -Identity "MYLOCALSERVER\oab (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/oab

Open in new window

0
Comment
Question by:Shane Kahkola
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40445246
Those URLs look good. Did you also configure split brain DNS?

Take a look at this article. Disregard the certificate section because you already took care of that. But review the split-brain DNS section and also the URLs section.

http://supertekboy.com/2014/05/27/designing-a-simple-name-space-for-exchange-2010/
0
 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40449061
Thank you for the rsponse Gareth.  Unfortunately, I have already done all of that.  I still get the results I mentioned earlier.
0
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 500 total points
ID: 40449090
Can you post the output of these commands?

Get-WebServicesVirtualDirectory | fl identity,internalurl,ExternalURL

Open in new window


Get-ClientAccessServer |fl identity,autodiscoverserviceinternaluri

Open in new window

0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40458078
I'm sorry, I never saw your follow-up post.  I'll do that today and report back.
0
 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40464776
Gareth,

I have not been able to do this yet as it has been pre-empted by a different problem.  When I resolve that, I can come back to this.  Unfortunately, the other problem makes this moot until it's fixed.
0
 
LVL 3

Author Closing Comment

by:Shane Kahkola
ID: 40500773
I am not sure what happened, but this problem suddenly resolved itself.  My guess is that it had to do with a server and router reboot.  Not really sure.

Gareth, from all I have read, what you were aiming at was the right direction, so I gave you the solution.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40500892
Thanks ccbbc. Glad to help!
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question