The Exchange 2007 Wiki

Menu

Getting Started
Programming Exchange
PowerShell Scripts

Organization Node
  - Mailbox
  - Client Access
  - Hub Transport
  - Unified Messaging
Server Node
  - Mailbox
  - Client Access
  - Hub Transport
  - Unified Messaging
Edge Transport
Recipient Management
Tips and Tricks
FAQs
  - Definitions
  - Ask a Question

Site Index
Home


Wall of Fame
Syndication
Feedback

The content on this site is provided "AS IS" with no warranties, and confers no rights.

Cas Cert Method1

Subject Alternative Name Certificates:

The recommended way to accomplish this goal is to use something called a Subject Alternative Name certificate.   A SAN certificate allows you to specify multiple names on the certificate for which it will be valid.  This is the preferred way of configuring Exchange 2007 Autodiscover for use by Outlook 2007 clients.

The down side on SAN certificates is that they can be more expensive than a regular certificate.  To configure a SAN certificate for external access use the following steps.

  1. Obtain and apply your Subject Alternative Name certificate.  When you do so you can use the new-exchangecertificate command to generate the request.  Make sure that you request the autodiscover.company.com address. See  Exchange 2007 lessons learned - generating a certificate with a 3rd party CA for more information on getting a Subject Alternative Name Certificate.
  2. Change the External and Internal URLs for your Autodiscover services to point to mail.company.com. (*see note below)
    1. For OAB use Set-OABVirtualDirectory –externalURL https://mail.company.com/oab –InternalURL https://mail.company.com/oab
    2. For EWS (Exchange Web Services) use Set-WebServicesVirtualDirectory –externalurl https://mail.company.com/EWS/Exchange.asmx  –internalurl https://mail.company.com/EWS/Exchange.asmx
    3. For UM (if you have it) use Set-UMVirtualDirectory –externalurl https://mail.company.com/UnifiedMessaging/Service.asmx –internalurl https://mail.company.com/UnifiedMessaging/Service.asmx
  3. Configure the Service connection point to use the same mail.company.com address. Use the command: Set-ClientAccessServer -id <cas server>  -AutoDiscoverServiceInternalUri https://mail.company.com/autodiscover/autodiscover.xml
  4. Ensure that mail.company.com can be resolved internally
  5. Ensure that mail.company.com and Autodiscover.company.com can be resolved externally.

At this point all clients should be working fine.  If your clients are outside of the network you may need to configure Outlook Anywhere.  The Exchange 2007 help provides excellent information on how to do that.
How to Enable Outlook Anywhere
http://technet.microsoft.com/en-us/library/bb123889.aspx

Site

Changes
Index
Search

 

User

 

Log In
Register

 
 

Last Modified 5/10/07 4:32 AM