Exchange 2010 and Outlook Connectivity

Trying to connect Outlook to an existing Exchange 2010 server.  This system was setup by somebody else and the company had to move the servers.  Not only that but they had no control over DNS.  I pulled as much from the DNS as I could.  Ok, now to make matters worse, the owner decided he wanted his mail to work right away so he signed up for Godaddy hosted email and had Godaddy setup DNS for him.  Now I am trying to get things back to the way it was with the new IP address.

So this is what I have:
Exchange Server running on Windows Server 2008 R2  (Server name is Server2)
DC running on Windows Server 2012
A SSL cert with only the server name of

This was setup to go through Mail Assure from SolarWinds.  So all the old MX records pointed to their system.  By the way I moved over the old firewall and just changed the WAN IP on it.  It should be setup correctly.  I am no longer using Mail Assure.

I can connect to the OWA fine.  However I cannot get Outlook to connect.  To test I created his domain in my DNS server for testing so he can continue to work with GoDaddy until I can get this connected.  I created an autodiscover but it gets a security error since autodiscover is not in the cert name only the server name mail is in it.  (the autodiscover is a cname pointing to

I have tried to change the client properties - Outlook Anywhere from basic authentication to NTLM but that does not work.  Authentication is set to domain\user name so when Outlook asks for the password I enter it in as thedomain\user then the password that works in OWA.  I get the following error:
Logon to Exchange ActiveSync mail server (EAS): Could not locate the specified server.  User name and/or password are not valid.  Please verify the information is correct.

By the way the user domain login is first initial last name and his email is just his first name.  I am using thedomain\firstinitiallastname to try and login.  (This is what I use for OWA)

How do I get Outlook to attach to this Exchange server from the outside of this domain?  It has been a long time since I played with Exchange since most of my customers use a hosted solution now.
Christopher MostPresidentAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

timgreen7077Exchange EngineerCommented:
You have to many moving pieces, and I believe you will need to open a live session for assistance.
SeanSystem EngineerCommented:
I would start with the exchange connectivity analyzer and then go from there.
Christopher MostPresidentAuthor Commented:
I may be able to try the connectivity advisor over the weekend, however since the current public DNS is pointing to the Godaddy Exchange services, it will not tell me anything.  I can try to temporarily change it over the weekend then run a test and see what it says.

I agree, I walked into a mess with this one.  A user who changes things on his own and an old IT company that pretty much will not talk to us.  (He is in litigation with them so only the lawyers talk).  However, I do know that his machine worked before he moved it and I only changed the IP address of the WAN.  So it should work if I can figure out what Outlook needs without the use of autodiscover (or I need to setup autodiscover correctly)  Maybe even get a new SSL cert that has the autodiscover, owa, mail, and server name in it so I am covered on all bases.  LOL.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Christopher MostPresidentAuthor Commented:
By the way I am thinking that the autodiscover does not know anything about the mail server since it is called server2 locally.  I think that may be part of the problem but I don't know enough to be sure.
Michael B. SmithManaging ConsultantCommented:
I'm inclined to agree with @timgreen7077. ExRCA (the connectivity analyzer) is gonna barf because you don't have autodiscover in the SSL cert, and that's literally the first thing you are going to need to fix (or have someone fix for you).

If time is of the essence - worst case you could connect the users using IMAP/S until you get the rest of it fixed.
Edward van BiljonMessaging and Collaboration Technical Lead (Exchange MVP)Commented:

I would go and check all the urls for exchange are set, this can be done on the ecp, it should match the name of your ssl certificate, autodiscover url should also be setup correctly as well. Once that is done then ensure you running either the latest RU for SP3 if you have that then also check your bindings in IIS so it is using your SSL cert. let me know the outcome and we can carry on troubleshooting.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Christopher MostPresidentAuthor Commented:
OK, I have tried the Exchange Connectivity Analyzer and I always get this error:  " says: Verifying the challenge failed. Please refresh the page and try again"

So I cannot even get past the verify challenge since it always fails.  I tried both in IE and Chrome.  Apparently this has been a problem in the past where it is just broken.

I will check the urls today.  Will I need to change the SSL cert to reflect both the mail and autodiscover?  Right now it only has the in it.  I know it worked before we moved it.  Just not sure how they got it to work.  Before the autodiscover did not even exist in the DNS from what I could tell.
Michael B. SmithManaging ConsultantCommented:
More than likely they had a cname record that pointed to their autodiscover record.
Christopher MostPresidentAuthor Commented:
Forgive my ignorance but where would I find the urls in the Exchange Control Panel?  I logged in and I can see the different users but not sure where to go to verify the urls.

Also, what is RU?  Does it stand for rollup?  If so he has the following rollup updates on his machine: 11,12,14,15,20, and 21.

Not sure if I need this but is there a way to see what the autodiscover information is?  

I checked with his hosting company and I have pricing for the SSL cert.  I plan to get it to cover mail, autodiscover, owa, and server2.  Am I getting too much or am I missing something I should add?
Christopher MostPresidentAuthor Commented:
Sorry for the late response but the customer decided to change directions.  We are leaving it on Godaddy for now and I have exported the current employees emails to a pst file and uploaded them.  I appreciate everyone's help!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.