Redirect Exchange 2010 to use the registered domain name from internal domain name for SSL certificate

So we hit an issue trying to change the autodiscover url in Exchange 2010 to enable our iPhone and Mac Mail users to have a nice easy setup since the client had changed their domain. After faffing about using the GUI and looking through IIS settings it was time to break out the command line.

Firstly I wanted to see what was set, in Exchange PowerShell type the following

Get-WebServicesVirtualDirectory |fl identity,internalurl,externalurl

This gives you the below output

Identity    : ESERVER01\EWS (Default Web Site)
InternalUrl : https://mail.olddomain.com/EWS/Exchange.asmx
ExternalUrl : https://mail.olddomain.com/ews/exchange.asmx

SO I needed to change both the URLS,

This was done buy running these commands,:

Set-WebServicesVirtualDirectory -Identity “ESERVER01\EWS (Default Web Site)” -InternalUrl https://mail.newdomain.com/EWS/Exchange.asmx -BasicAuthentication:$true

Set-WebServicesVirtualDirectory -Identity “ESERVER01\EWS (Default Web Site)” -ExternalUrl https://mail.newdomain.com/EWS/Exchange.asmx -BasicAuthentication:$true

Lastly we need to change the url for the Autodiscover.xml

Get-ClientAccessServer |fl identity,autodiscoverserviceinternaluri

The result is :-

Identity : ESERVER01
AutoDiscoverServiceInternalUri : https://mail.olddomain.com/Autodiscover/Autodiscover.xml

So we run :

Set-ClientAccessServer -Identity ESERVER01 –AutoDiscoverServiceInternalUri https://mail.newdomain.com/Autodiscover/Autodiscover.xml 

Then everything picked up the new settings and worked

Redirecting your Exchange Server to use the External DNS Name

For more detailed Exchange Management Shell instructions, please see our blog – Replace Your Certificates for Internal Names – Part II.

To update your Exchange 2007, Exchange 2010, or Exchange 2013 server you will need to run the following commands from the Exchange Management Shell and replace the Server running the Client Access Role with your external domain name. These commands update the URL for the Autodiscover service, Exchange Web Services (EWS) and the OWA Web-based Offline Address book respectively.

Before running these commands, check to make sure that a DNS record exists mapping the IP Address to the Exchange Client Access (CAS) server.

Note: Each of these commands below should be run on a single line in the Exchange Management Shell (EMS):

Run These Commands:

Set-ClientAccessServer -Identity HostName -AutodiscoverServiceInternalUri https://mail.yourdomain.com/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity "HostName\EWS (Default Web Site)" -InternalUrl https://mail.yourdomain.com/ews/exchange.asmx

Set-OABVirtualDirectory -Identity "HostName\oab (Default Web Site)" -InternalUrl https://mail.yourdomain.com/oab

Depending on Your Configuration, You May Need to Run Some Additional Commands:

Set-ActiveSyncVirtualDirectory -Identity HostName\Microsoft-Server-ActiveSync (Default Web Site)" -InternalUrl https://mail.yourdomain.com/Microsoft-Server-ActiveSync

Set-OWAVirtualDirectory -Identity "HostName\owa (Default Web Site)" -InternalUrl https://mail.yourdomain.com/owa

Set-ECPVirtualDirectory -Identity "HostName\ecp (Default Web Site)" -InternalUrl https://mail.yourdomain.com/ecp

Set-OutlookAnywhere -Identity "HostName\Rpc (Default Web Site)" -InternalHostnamemail.yourdomain.com -InternalClientsRequireSsl $true

set-AutoDiscoveryVirtualDirectory – Identity “HostName\AutoDiscover (Default Web Site)” -InternalUrl https://autodiscover.yourdomain.com/Autodiscover/AutoDiscover.xml

Note: Depending on your configuration, the OutlookAnywhere setting might not be set up.

Recycle the IIS Application Pools

Next to make these commands take effect you have to tell IIS to push these changes by recycling the application pools.

  1. Open IIS Manager by clicking Start, then enter inetmgr.
  2. Expand the server and expand Application Pools, then right-click on MSExchangeAutodiscoverAppPool, and select Recycle.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s