Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
JamesNT

Senior Member
Registered:
Posts: 137
Reply with quote  #1 
Single Exchange 2010 server.  We have both mobile and internal clients.

Internal clients are all Outlook 20xx.  External clients are iPhone, Android, etc.

The Exchange server internal name is exchange03.mydomain.net with ip of 192.168.1.34.  We have the external name of mail2.mydomain.net with a public IP address.

Is it possible to get all clients, both internal and external, to use mail2.mydomain.net so we can use a single SAN cert for Exchange?  Right now the internal clients are still hugging exchange03.mydomain.net even with the cert for mail2.mydomain.net installed. 

I just checked the Exchange Best Practices Analyzer and it gives no cert errors so Exchange is happy with the single SAN cert installed.  External clients are also happy.  However, internal Outlook clients keep give cert errors regarding exchange03.wha.net and autodiscover not matching the exchange cert.  Is there any way to make the internal clients uses mail2.wha.net?

JamesNT certerror2.JPG  certerroronclient.JPG


__________________
I miss Windows NT 4.0 Service Pack 4.
0
DM-AVAL

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 69
Reply with quote  #2 
Have you changed the internal Urls to mail2.yourdomain.net?

You might not be able to get away with a single name on the cert. Usually I have to do this:

mail2.yourdomain.net
autodiscover.yourdomain.net


0
JamesNT

Senior Member
Registered:
Posts: 137
Reply with quote  #3 
Yes, changing the internal urls was the first thing I did.

JamesNT

__________________
I miss Windows NT 4.0 Service Pack 4.
0
Wobble_Wibble

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 45
Reply with quote  #4 
James

Use this
https://social.technet.microsoft.com/wiki/contents/articles/5163.managing-exchange-2010-externalinternal-url-s-via-powershell.aspx
And Outlook configuration test

It's late, but will put up more if you need more assistance

__________________
Press any key....
Yes, any key....
OK, try the space bar.
0
JamesNT

Senior Member
Registered:
Posts: 137
Reply with quote  #5 
That link is exactly the steps I followed.  The issue, I think, is that internal Outlook clients are still using exchange03.mydomain.net to connect which is the internal address rather than mail2.mydomain.net which is the external address the cert is for.

JamesNT

__________________
I miss Windows NT 4.0 Service Pack 4.
0
Infradeploy

Avatar / Picture

Senior Member
Registered:
Posts: 165
Reply with quote  #6 
Look at your auto discover config
__________________
Have SpaceSuit, Will Travel

0
jsclmedave

Administrator
Registered:
Posts: 413
Reply with quote  #7 
Auto Discover Config and the DNS on the clients as well as Servers...
__________________
Tim Bolton @jsclmedave
Email: [string](0..20|%{[char][int](32+('527377347976847978324785847679797514357977').substring(($_*2),2))}) -replace ' '  

New to the forum? Please Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation: