Solved

Exchange 2010 Autodiscover returns internal server FQDN

Posted on 2014-11-15
7
237 Views
Last Modified: 2014-12-15
I have a Microsoft Exchange 2010 installation.  I purchased a UCC certificate, but I am having issues because of the changes in UCC SAN issuance related to invalid FQDN.

Now, I'm trying to fix a problem where all of my clients are getting certificate errors internally because the internal FQDN is xxxx.xxxx.LAN.  Obviously the UCC points to the outside FQDN.  Since I cannot add anything to the certificate to aleviate this, I'm trying to get the server to return the external FQDN whether accessed from inside or out.

Currently, it returns the internal FQDN whether accessing it from inside or out.  I have executed the following Powershell commands in an attempt to fix this, but to no avail:
Set-ClientAccessServer -Identity MYLOCALSERVER -AutodiscoverServiceInternalUri https://MYEXTERNALSERVER.MYDOMAIN.com/autodiscover/autodiscover.xml

Open in new window

Set-WebServicesVirtualDirectory -Identity "MYLOCALSERVER\EWS (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/ews/exchange.asmx

Open in new window

Set-OABVirtualDirectory -Identity "MYLOCALSERVER\oab (Default Web Site)" -InternalUrl https://MYEXTERNALSERVER.MYDOMAIN.com/oab

Open in new window

0
Comment
Question by:Shane Kahkola
  • 4
  • 3
7 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40445246
Those URLs look good. Did you also configure split brain DNS?

Take a look at this article. Disregard the certificate section because you already took care of that. But review the split-brain DNS section and also the URLs section.

http://supertekboy.com/2014/05/27/designing-a-simple-name-space-for-exchange-2010/
0
 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40449061
Thank you for the rsponse Gareth.  Unfortunately, I have already done all of that.  I still get the results I mentioned earlier.
0
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 500 total points
ID: 40449090
Can you post the output of these commands?

Get-WebServicesVirtualDirectory | fl identity,internalurl,ExternalURL

Open in new window


Get-ClientAccessServer |fl identity,autodiscoverserviceinternaluri

Open in new window

0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40458078
I'm sorry, I never saw your follow-up post.  I'll do that today and report back.
0
 
LVL 3

Author Comment

by:Shane Kahkola
ID: 40464776
Gareth,

I have not been able to do this yet as it has been pre-empted by a different problem.  When I resolve that, I can come back to this.  Unfortunately, the other problem makes this moot until it's fixed.
0
 
LVL 3

Author Closing Comment

by:Shane Kahkola
ID: 40500773
I am not sure what happened, but this problem suddenly resolved itself.  My guess is that it had to do with a server and router reboot.  Not really sure.

Gareth, from all I have read, what you were aiming at was the right direction, so I gave you the solution.
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40500892
Thanks ccbbc. Glad to help!
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

An analysis of the phishing scam that has been affecting Google users, along with steps to take for protection, as well as what to do if you receive one of the emails.
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question