Hi all,I have been stuck trying to clean up the "tech" who used to work here made on the exchange server. Always fun to clean up after other people :SNow, I seem to have fixed most of the issues except for a couple that I hope you guys can help me with...My company, compA, has an exchange 2007 server with all the latest patches (patched yesterday to make sure). We're hosting mail for some of our customers and for most of them things seem to work as expected. That was until we got a customer who really needed the Scheduling Assistant features. After a "few" hours I managed to sort most of that out, but they're still getting an alert about the cert we're using and every now and then a login-box pops up asking for credentials for what I think is to download the OAB. I believe these are tied together...So here's the thing: compA has a wildcart cert for *.compa.org. For compA employees, this works like a charm!CompB has an srv record pointing to this cert, and when compB employees connect they're promped about the certificate (security alert saying the name of the cert doesn't match the name of the computer). From what I hear that shouldn't be an issue with a srv record?After accepting the certificate, Outlook tries to connect somewhere, but passwords are never accepted from this prompt. Pressing cancel makes it go away, but entering the password only makes it come back again.Anyone have any help to offer? I'm kind of tired and out of ideas at the moment.Cheers!

Sounds like they are using private certificates?CompB needs to trust the certificate chain, but then also their may be a DNS issue where the server name they are resolving to doesn't match the name on the cert. Verify that the cert chain is trusted and that DNS is configured correctly. SF - MCITP:EMA, MCTS

The warning comes up with the name autodiscover.compB.org, but checking out the details you can see it's for *.compA.org . According to what I read srv records should be compatible. The cert was issued by Equifax, which should be fine with XP clients. I even, to make sure, imported the Equifax cert into trusted root, which made no difference. If I select the "view certificate" button it tells me the certifikate is ok.* Equifax Secure Global eBusiness CA-1--- * *.compA.orgI guess the DNS is properly set up as it maps the autodiscover.compB.org to mail.compA.org (with the wild card cert).Any other good ideas?

Have you taken a look at this article?Exchange 2007 Autodiscover and certificates http://msexchangeteam.com/archive/2007/04/30/438249.aspxI wonder if it is the wild card cert. I know OCS has issues with wild card certs, haven't seen them with exchange but I typically use a UC Cert.SF - MCITP:EMA, MCTS: MOSS 2007, OCS 2007, Exchange 2007

Hi, First please ensure that you have right configured SRV record in DNS zone. You can check it against the settings in the article below: A new feature is available that enables Outlook 2007 to use DNS Service Location (SRV) records to locate the Exchange Autodiscover service http://support.microsoft.com/kb/940881 Then let us use get-outlookprovider |fl to check the CertPrincipalName on EXPR, if it is the same as the wildcard domain name. If not, then I recommend you to use command below to set the CertPrincipalName Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.contoso.com More information to share with you: Wildcard Certificate Causes Client Connectivity Issues for Outlook Anywhere http://technet.microsoft.com/en-us/library/cc535023.aspx Regards, Xiu