Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Transition from Exchange 2010 STD to 2 Exchange 2013 STD Servers. Any Tips.

Posted on 2015-02-19
3
Medium Priority
?
45 Views
Last Modified: 2015-03-02
I'm in the process of upgrading from Exchange 2010 to 2 Exchange 2013 servers. I've created my mailboxes and Database availability group on the new servers and all statues are healthy. I've imported my wildcard certificate from my old server to the both 2013 servers and enabled IIS and SMTP to use this certificate. I've created a couple of test accounts to test mail flow, and mail flow is working between all three servers. One thing I'm having an issue with is connectivity with Outlook clients (2010 and 2013). I receive certificate errors and proxy server errors. It is my understanding that Microsoft is now using only "Outlook Anywhere" for all connectivity between the server and the client with Exchange version 2013. I checked the exchange proxy settings on one of the Outlook clients and noticed the MSSTD setting is not configured properly. Its supposed to have the wildcard certificate in the MSSTD field but instead it has mail.domain.com. After doing some research, there's a command that you use in exchange power shell to make changes to the OUTLOOK PROVIDER. But I'm afraid this will affect the old exchange server as well. I'm trying to make this a smooth transition, and avoid creating problems for users. Does anyone have recommended steps on how to proceed from this point?

Thank you for your time.
0
Comment
Question by:Domenic DiPasquale
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40618673
If you were using a wildcard certificate before, then setting must have already been set.
It is a global setting which you can see thus:

get-outlookprovider

With a wildcard certificate it will have to say *.example.com for the first two entries.
If you are mixing certificate types, then you will have to either put the wildcard certificate on the old platform or change the new server to have a specific URL certificate instead of a wildcard.

Simon.
0
 

Author Comment

by:Domenic DiPasquale
ID: 40619684
These are the results when I run GET-OUTLOOKPROVIDER:
Name                          Server                        CertPrincipalName             TTL
----                                  ------                                -----------------                      ---
EXCH                                                                                                                  1
EXPR                                                        msstd:*.domainhidden.com         1
WEB                                                                                                                   1
I checked one of the test mailboxes on one of the exchange 2013 servers, and I noticed that the MSSTD setting is using mail.domainhidden.com. I'm also getting certificate warnings: "The name on the security certificate is invalid or does not match the name of the site." It's trying to match the exchange servers internal hostname with the wildcard. I don't understand why I'm not receiving any issues on my exchange 2010 server.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 40620875
Outlook does not use Outlook Anywhere to connect to the Exchange 2010 server, so certificate warnings will not occur. The only time you would get certificate warnings is for Autodiscover.

You can see the internal Autodiscover settings thus:

get-clientaccessserver | select identity, autodiscoverserviceinternaluri

The host name on the result should be covered by the certificate.

Simon.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question