Comments for Cohesive Logic

Comment on Exchange 2010 & Single Name SSL Certificates by Scott Fortier

Scott Fortier — Fri, 11 Nov 2011 19:02:57 +0000

Jeremy,

Thank you very much for this right up. This was exactly the solution I needed. I had been stuck for a while installing a new Exchange 2010 server into a domain with a lot of Windows, Linux, and Netware servers that had a non standard domain name ending in .loc ( from the Windows NT days ). Since the domain name was not a standard .local, .priv. etc, we were unable to obtain a SSL certificate for it. Now everything on this new exchange server worked perfectly except whenever a local Outlook 2010 client would attempt to connect, it would receive the annoying certificate warning from the self signed cert. Since local and external clients can access this server via it’s public IP, this article solved the problem I had been questioning people about for more than a week in a matter of minutes.

Thanks,
Scott

Comment on Exchange 2010 & Single Name SSL Certificates by Brian Ipsen

Brian Ipsen — Sat, 29 Oct 2011 21:07:28 +0000

I am actually trying to implement this – as an upgrade from 2007 to 2010, and I had everything working before the upgrade. Now – in my test environment – I have tried this, but the internal outlook client pops up with a certificate warning on autodiscover.domain.com – even though the URL’s have been set to the name of the certificate. So I wonder if outlook somehow automatically
tries to https connect to autodiscover.xxxxx.yyy – where xxxxx.yyy is the domain part of the users email address…

Comment on Exchange 2010 & Single Name SSL Certificates by Exchange Certificates

Exchange Certificates — Fri, 30 Sep 2011 09:33:47 +0000

[...] you will also need to change the autodiscovery URLs to all use the name covered by the SSL cert. Exchange 2010 & Single Name SSL Certificates | Cohesive Logic – The Microsoft Infrastructure Exp… Reply With Quote [...]

Comment on How To: Create PTR Entries for a Classless Reverse DNS Zone on Windows 2008 by What’s wrong with my reverse lookup zone? - Admins Goodies

What’s wrong with my reverse lookup zone? - Admins Goodies — Sun, 14 Aug 2011 10:07:52 +0000

[...] http://cohesivelogic.com/2009/11/how-to-create-ptr-entries-for-a-classless-reverse-dns-zone-on-windo... [...]

Comment on Windows Phone 7 SSL by Good-Bye Android | MCB Systems

Good-Bye Android | MCB Systems — Fri, 11 Feb 2011 22:18:18 +0000

[...] native RDP client (even my Windows Mobile 2003 phone had that). It doesn’t support StartSSL, but this article says I should be able to add the certificate. It also is late on delivering its first update, but [...]

Comment on Exchange 2010 & Single Name SSL Certificates by Jeremy Phillips

Jeremy Phillips — Wed, 05 Jan 2011 07:04:38 +0000

Hey Devin, thanks for replying. In answer to your questions:

1) I actually didn’t insist on mail.domain.com… As I stated it’s an example FQDN. While you could use autodiscover.domain.com I’m not sure many people would want to use that for OWA. While I agree with not using a CNAME I can’t think of any downsides to using an SRV record myself, perhaps you could elucidate what’s wrong with it?
2) I wrote this up for someone who has 4 mailboxes and uses their Exchange environment as a learning environment more than anything else. Not everyone wants to spend $90/year on SAN certs for extremely small environments.

Comment on Exchange 2010 & Single Name SSL Certificates by Devin L. Ganger

Devin L. Ganger — Wed, 05 Jan 2011 06:05:31 +0000

1) Why insist on mail.domain.com? If you set the domain name to autodiscover.domain.com, you can use that as the access URL, set the cert domain to autodisocver.domain.com, and have it all work without the SRV or CNAME redirect (which pops up a user-facing warning).

2) SAN certs from providers like GoDaddy are cheap enough that anyone running their own Exchange server really doesn’t have an excuse for not buying one. I mean, you probably spent more money on the physical RAM to support that multi-role confguration!

Comment on Checking Exchange 2010 Database Health with PowerShell by Automatically Fixing FailedAndSuspended Exchange 2010 Databases with PowerShell | Cohesive Logic - Business + Technology

Wed, 18 Aug 2010 18:42:13 +0000

[...] Previous Post [...]

Comment on A Note on Clustering Exchange 2010 by Matt

Matt — Fri, 05 Feb 2010 17:50:59 +0000

you’d think there would be a setting that says if you configure manual DB activation, then never dismount the DB, if you lose majority. that would solve my entire issue.

i want to use the DAG for DR purposes only, and that would do it.

but because of this issue, i have to continue to use 3rd party tools, or potentially MS DPM 2010. bleh. DAG’s are just so easy.

Comment on A Note on Clustering Exchange 2010 by Matt

Matt — Fri, 05 Feb 2010 17:42:21 +0000

Hi Jeremy,

Yes, because I have 3 offices, all with a local mailbox server. I need the mailbox server local for various reasons, mainly performance.

I really like the DAG feature in Exchange 2010, but it clearly was designed for the datacenter model, and not a multi-office model, at least those that run active/passive.

Got any ideas for me??