Solved

Exchange 2010 Autodiscover returns internal server FQDN

Posted on 2014-11-15
7
226 Views
Last Modified: 2014-12-15
I have a Microsoft Exchange 2010 installation.  I purchased a UCC certificate, but I am having issues because of the changes in UCC SAN issuance related to invalid FQDN.

Now, I'm trying to fix a problem where all of my clients are getting certificate errors internally because the internal FQDN is xxxx.xxxx.LAN.  Obviously the UCC points to the outside FQDN.  Since I cannot add anything to the certificate to aleviate this, I'm trying to get the server to return the external FQDN whether accessed from inside or out.

Currently, it returns the internal FQDN whether accessing it from inside or out.  I have executed the following Powershell commands in an attempt to fix this, but to no avail:
Set-ClientAccessServer -Identity MYLOCALSERVER -AutodiscoverServiceInternalUri https://MYEXTERNALSERVER.MYDOMAIN.com/autodiscover/autodiscover.xml

Open in new window

Set-WebServicesVirtualDirectory -Identity "MYLOCALSERVER\EWS (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/ews/exchange.asmx

Open in new window

Set-OABVirtualDirectory -Identity "MYLOCALSERVER\oab (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/oab

Open in new window

0
Comment
Question by:Shane Kahkola
  • 4
  • 3
7 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40445246
Those URLs look good. Did you also configure split brain DNS?

Take a look at this article. Disregard the certificate section because you already took care of that. But review the split-brain DNS section and also the URLs section.

http://supertekboy.com/2014/05/27/designing-a-simple-name-space-for-exchange-2010/
0
 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40449061
Thank you for the rsponse Gareth.  Unfortunately, I have already done all of that.  I still get the results I mentioned earlier.
0
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 500 total points
ID: 40449090
Can you post the output of these commands?

Get-WebServicesVirtualDirectory | fl identity,internalurl,ExternalURL

Open in new window


Get-ClientAccessServer |fl identity,autodiscoverserviceinternaluri

Open in new window

0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40458078
I'm sorry, I never saw your follow-up post.  I'll do that today and report back.
0
 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40464776
Gareth,

I have not been able to do this yet as it has been pre-empted by a different problem.  When I resolve that, I can come back to this.  Unfortunately, the other problem makes this moot until it's fixed.
0
 
LVL 3

Author Closing Comment

by:Shane Kahkola
ID: 40500773
I am not sure what happened, but this problem suddenly resolved itself.  My guess is that it had to do with a server and router reboot.  Not really sure.

Gareth, from all I have read, what you were aiming at was the right direction, so I gave you the solution.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40500892
Thanks ccbbc. Glad to help!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
This Micro Tutorial demonstrates  how Internet marketers work with competitive analysis data, and a common task in data preparation is creating separate column for domains. You will then extract from a list of URLs.
This video discusses moving either the default database or any database to a new volume.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now