Autodiscover Certificates for Multiple Domains
I have an exchange 2007 environment with about 30 domains in it.
We bought a Unified Communications Certifiate for our main domain, call it domain1.com
This had the following names in it:
mail.domain1.com autodiscover.domain1.com server5.domain1.local
This stopped the certificate error popping up when we opened outlook, at least for the people who have a domain1.com email address.
Unfortunately for users of the other 29 domains they get a certificate error on launching outlook and other things such as using "out of office".
The error says "autodiscover.domain2.com - The cert is trusted, The cert date is valid, The name on the cert
does not match"
I cannot put all domains in the cert and I cannot buy 30 certs, so how else can I resolve this problem?
I found
this on technet but I don't quite understand it so if anyone could better explain I would be very greatful.
Thanks,
Leigh
February 28th, 2011 6:40am
For that number of domains you basically have two choices.
1. A certificate that supports the number of domains - they are available, but will cost. You may have to use a different certificate provider.
2. The SRV record or redirect method.
SRV records may well mean that you have to move the domains to a provider that supports them. Many DNS providers do not.
SRV record method: http://support.microsoft.com/kb/940881
Redirection method:
http://technet.microsoft.com/en-us/library/ff923256.aspx
No idea what the link you have provided is - I don't click on random shortened URLs.
Simon.Simon Butler, Exchange MVP
Blog |
Exchange Resources | In the UK?
Hire Me.
Free Windows Admin Tool Kit Click here and download it now
February 28th, 2011 9:26am
Thanks I think I will try using the SRV method as our hosting company (heartinternet) seem to support it.
To confirm, am I right in thinking I should do the following:
Remove all A & C Name entries in domain2.com DNS for autodiscover.domain2.com
Add a SRV record into domain2.com DNS which says: service: _autodiscover protocol: _tcp server: domain1.co.uk
port:
443
Just not 100% sure I've got the 1s and 2s in the right place?
Thanks,
Leigh
February 28th, 2011 10:39am