Announcement

Collapse
No announcement yet.

Ex13/WS12 - autodiscover record being deleted

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ex13/WS12 - autodiscover record being deleted

    ok so there's a new Exchange 2013 server, hsoted on Windows 2012.
    it's all very new to me and i'm finding it odd, but that's ok, I just need time.

    However,
    every 12 hours, on a terminal server, outlook starts getting in a huff about the sSL certificate. It throws up a self-signed certificate and refuses to connect.
    The thing is - it throws a certificaTe i can't even find matching thumbnail for with get-exchangecertificate.

    i did find a fix for it;

    http://acbrownit.wordpress.com/2012/...-autodiscover/

    works nicely. It may not be the best solution, but it works..

    however, every 12 hours, it reverts.

    i have a recollection of some sort of DNS security that can overwrite an SRV record, or delete it, but not how i could turn this on or off

    does anyone have any better ideas ?


    the domain base is a .local and doesn't have that in the SAN as you can't really get them any more
    get-clientaccessserver gives AutoDiscoverServiceInternalURI is https://webmail.external.co.uk/Autod...todiscover.xml

    get-outlookanywhere gives webmail.external.co.uk for both internal and external hostnames
    Last edited by tehcamel; 10th September 2013, 22:54.
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

  • #2
    Re: Ex13/WS12 - autodiscover record being deleted

    As pointed out, you can't add Domains to a 3rd Party SSL certificate for Domains you don't own or that can't be registered. It's a case of ensuring that all External and Internal URLs for Exchange virtual directories, EWS and Autodiscover point to the appropriate SAN, which is present on the SSL certificate. I have never come across this issue before. Have you also set the MSSTD provider? As for Autodiscover, I don't tend use SRV records. I would create a split DNS zone internally called Autodiscover.ExternalDomain.com and add a Host (A) record in there with the apprite internal IP only (no Host name). The autodiscoverserviceinternalURI is then set to be Autodiscover.External.co.uk and all other Exchange services as mentioned above to, in your case, webmail.external.co.uk/etc etc. You may well have to also create a split DNS zone for this one as for autodiscover.

    The SANs on the certificate would be webmail.External.co.uk and autodiscover.External.co.uk as a minimum.

    Comment


    • #3
      Re: Ex13/WS12 - autodiscover record being deleted

      one of my colleagues ended up figuring it out - misconfigured dns on the Terminal Server, was pointing to 8.8.8.8 for some unknown reason..
      all fixed now
      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

      Comment

      Working...
      X