 Badger3kWe Don't Need No Stinkin BadgersPremium
join:2001-09-27
Franklin, OH | Exchange migration So I'm in the process of migrating a client from Exchange 2007 to 2010. No big deal, except for this which maybe isn't a big deal at all.
Their internal AD domain is domain1.com and they just recently changed the company name to domain2.com. The 2007 Exchange server is mail.domain1.com for all external OWA and ActiveSync access, and the computer name is Exchange2007.domain1.com.
So with the new Exchange server, they want the CAS and all URLs to be domain2.com. So I have Outlook Anywhere, ActiveSync, and OWA set to owa.domain2.com. The computer name is Exchange2010.domain1.com.
Great, everything passes connectivity tests, I can log into the 2010 OWA and be redirected to the 2007 server if my mailbox hasn't been moved yet. My problem is I'm seeing Cert errors for owa.domain2.com because the server returned Exchange2010.domain1.com (the internal name). I wasn't able to add the internal FQDN to the SAN certificate due to it being a different .com domain. Anything I can do so that doesn't happen?
I did some reading and they have split DNS and did not have an internal zone for domain2.com, so everything was resolving to the public IP. I've since added an internal zone for domain2.com and setup all of the records to the proper internal IP but I'm not sure if that will fix it or not. I basically need the Exchange 2010 server to respond to everything as owa.domain2.com or anything else that I was able to specify on the SAN cert and not Exchange2010.domain1.com when people access it internally.
--
Team Discovery: Project Hope |
|
 techjoePremium
join:2004-02-20
Warrenville, IL
kudos:1
 ·MegaPath
 ·Sprint Mobile Br..
 ·Comcast
| reply to Badger3k
Re: Exchange migration Set the InternalURL and ExternalURL properties to control what URL the server is going to use with the clients.
Here's a long article on it but worth reading for you at this point, given your situation. Essentially it looks like you want to set both attributes to your new domain2.com hostname, install & enable the domain2.com certificate(s) as needed, and set up your split DNS (which it looks like you did).
»technet.microsoft.com/en-us/libr···763.aspx
--
Baka wa shinanakya naoranai |
|
|
|
Badger3kWe Don't Need No Stinkin BadgersPremium
join:2001-09-27
Franklin, OH | Thanks for the link, I'll give that a reading.
I may have gotten it by following this link »support.microsoft.com/kb/940726. Prior to following that support article, setting up a new client would give the Security warning. Afterwards the warning doesn't come up. I'm waiting to hear back from one of the users that was having the issue. I'll read over the link you posted in case something else needs to change.
--
Team Discovery: Project Hope |
|
techjoePremium
join:2004-02-20
Warrenville, IL
kudos:1 | At a quick glance it looks like that article had you set the InternalURL to the external host to make it match the certificate that has the external hostname on it. That should do it.
--
Baka wa shinanakya naoranai |
|
