MCKAdmin
asked on
Exchange 2016 connectivity problem after migration from Exchange 2010
We have Exchange 2010 (SBS 2011) and to prepare for migrating away from SBS have installed an Exchange 2016 server following the Exchange Server Deployment Assistant. We are using self-signed certificates. After migrating one mailbox to the 2016 server I cannot access it with Outlook but OWA works fine. At first Outlook said it could not connect because it said the server wasn't available. After messing around and creating a new self-signed certificate and installing it on my PC I got it to connect once but when I closed Outlook and re-opened it it shows as working offline. If I create a new profile it hangs up at searching for settings then eventually I get a green check mark but at the Log on to server part it says the connection to the Exchange server is unavailable. When running the "test email autoconfiguration" tool it say it was unable to determine my settings. I'm sure there are other details you need - please let me know and I'll post them.
Thanks!!!
Thanks!!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can get by without a SAN cert and rely on only one domain saving some money in the process. Just use SRV records for Autodiscover with a target containing the domain in the cert.
ASKER
We would need a third party cert for internal Exchange use? I realize things are different with 2016 vs 2010 but we didn't have a third party cert on the 2010 box.
For migration purposes you can use a FREE 30-day trial certificate from Comodo. I do this all the time: https://www.comodo.com/landing/ssl-certificate/free-ssl/
Jeff
TechSoEasy
Jeff
TechSoEasy
No, not for internal only. That you can get away with. Once you want to go external, you'll need a SAN cert from a CA.
You do not need a SAN cert for an SBS. A single name certificate works just fine. Normally you would need to set up an external DNS record for Autodiscover (as described in this article: http://www.thirdtier.net/2009/02/setting-up-an-external-autodiscover-record-for-sbs-2008/) but since this is for an internal migration you don't even need to do that.
The free cert from Comodo that I recommended above works just great. I've performed over 30 SBS migrations to either Office 365 of Exchange 2013 in the past year and that is all I've ever needed.
The free cert from Comodo that I recommended above works just great. I've performed over 30 SBS migrations to either Office 365 of Exchange 2013 in the past year and that is all I've ever needed.
ASKER
Since this Exchange 2016 server is a new Dell server I was able to use Dell support to troubleshoot this. The issue was some misconfigured URL's on the new server and also misconfigured DNS.
I figured part of it was URLs. Keep those commands I posted above handy.
I keep them on a macro key and use them all of the time.
Glad I could help.
I keep them on a macro key and use them all of the time.
Glad I could help.
Self-signed certs are no longer valid. You must purchase one from a trusted CA.
you'll want:
mail.domain.com
autodiscover.domain.com
No CA will issue a cert with .local.