I have setup a new Exchange 2013 server to replace a exchange 2007 server
Old Server: Server 2008 & Exchange 2007
New Server: Server 2012 & Exchange 2013
1) Mail is all pointed at the new server, and is currently being passed to the old server (I didn't set this up it's just working)
2) New user accounts work on the new server and send/receive, can be used on ipads/Phones/webmail but not outlook - certificate errors
3) Old users can be used in outlook using the old server but are receiving mail, cant use webmail or iphones as the mail.domain.com is pointed at the new server
4) Administrator mailbox is moved to the new server and can use webmail but not IPads/Phones/outlook
I have created a new certificate request on the new server but I cannot verify it as when I go to https://newserver/certsrv
and submit a certificate request I receive the error "no certificate templates could be found. you do not have permission to request a certificate from this CA, or an error occured while accessing the active directory."
I have went through the following:
(they are both the same case)
( I ahve it running as a network service)
I have also made sure anonymous authentication is disabled and using windows authentication on the certsrv and certenroll in IIS
I have added some more certificate templates in the certsrv addin and they show up, but not the web server one which I need, I have even deleted it and re-added it but only new additions show up
You generate this certificate from the new Exchange 2013 server. When you get the cer/crt file back you import this back into the Exchange 2013 server. You will need to enabled the services for this using the Enable-ExchangeCertificate
You will then need to export the certificate (with the private key) and import the new certificate into all of the Exchange Servers that hold the CAS role (2007 and 2013).
You then have to enable the certificate on all of the CAS servers as well.
Once that is in place you will need to configure your virtual directories for Exchange 2007 (https://legacy.example.com/owa/oab/etc) You will then use the (https://mail.example.com/owa/oab/etc) for Exchange 2013 virtual directories.
You will leave the autodiscover set to autodiscover.example.com for both. It is also recommeneded that you use Exchange 2013 for ActiveSync as well so ensure that you only setup Exchange 2013 activesycn virtual directory.
I would also suggest that you go through the Exchange Deployment Assistant and make sure that you have gone over all of the steps accordingly.