Exchange 2010 Autodiscover returns internal server FQDN
I have a Microsoft Exchange 2010 installation. I purchased a UCC certificate, but I am having issues because of the changes in UCC SAN issuance related to invalid FQDN.
Now, I'm trying to fix a problem where all of my clients are getting certificate errors internally because the internal FQDN is xxxx.xxxx.LAN. Obviously the UCC points to the outside FQDN. Since I cannot add anything to the certificate to aleviate this, I'm trying to get the server to return the external FQDN whether accessed from inside or out.
Currently, it returns the internal FQDN whether accessing it from inside or out. I have executed the following Powershell commands in an attempt to fix this, but to no avail:
Now, I'm trying to fix a problem where all of my clients are getting certificate errors internally because the internal FQDN is xxxx.xxxx.LAN. Obviously the UCC points to the outside FQDN. Since I cannot add anything to the certificate to aleviate this, I'm trying to get the server to return the external FQDN whether accessed from inside or out.
Currently, it returns the internal FQDN whether accessing it from inside or out. I have executed the following Powershell commands in an attempt to fix this, but to no avail:
Set-ClientAccessServer -Identity MYLOCALSERVER -AutodiscoverServiceInternalUri https://MYEXTERNALSERVER.MYDOMAIN.com/autodiscover/autodiscover.xmlSet-WebServicesVirtualDirectory -Identity "MYLOCALSERVER\EWS (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/ews/exchange.asmxSet-OABVirtualDirectory -Identity "MYLOCALSERVER\oab (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/oabASKER
Thank you for the rsponse Gareth. Unfortunately, I have already done all of that. I still get the results I mentioned earlier.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm sorry, I never saw your follow-up post. I'll do that today and report back.
ASKER
Gareth,
I have not been able to do this yet as it has been pre-empted by a different problem. When I resolve that, I can come back to this. Unfortunately, the other problem makes this moot until it's fixed.
I have not been able to do this yet as it has been pre-empted by a different problem. When I resolve that, I can come back to this. Unfortunately, the other problem makes this moot until it's fixed.
ASKER
I am not sure what happened, but this problem suddenly resolved itself. My guess is that it had to do with a server and router reboot. Not really sure.
Gareth, from all I have read, what you were aiming at was the right direction, so I gave you the solution.
Gareth, from all I have read, what you were aiming at was the right direction, so I gave you the solution.
Thanks ccbbc. Glad to help!
Take a look at this article. Disregard the certificate section because you already took care of that. But review the split-brain DNS section and also the URLs section.
http://supertekboy.com/2014/05/27/designing-a-simple-name-space-for-exchange-2010/