I am currently having trouble with the last stage of configuring Exchange/Outlook in our organisation.
We are having issues with an SSL Warning when opening Outlook 2013, where it is failing to validate the SSL, as it is using our (old) Internal URL (exchange.internal.local).
Please see the config within Exchange below, however I'm not sure what is causing this, if it helps it doesn't seem to be happening in Outlook 2007
get-ClientAccessServer | ft identity,AutodiscoverServiceInternalUri
Identity InternalUrl
-------- -----------
EXCHANGE\Autodiscover (Default Web Site)
get-webservicesvirtualdirectory | ft identity,internalurl
Identity AutoDiscoverServiceInternalUri
-------- ------------------------------
EXCHANGE https://mail.externaldomain.co.uk/autodiscover/autodi...
get-webservicesvirtualdirectory | ft identity,internalurl
Identity InternalUrl
-------- -----------
EXCHANGE\EWS (Default Web Site) https://mail.externaldomain.co.uk/EWS/Exchange.asmx
get-oabvirtualdirectory | ft identity,internalurl
Identity InternalUrl
-------- -----------
EXCHANGE\OAB (Default Web Site) https://mail.externaldomain.co.uk/OAB
get-owavirtualdirectory | ft identity,internalurl
Identity InternalUrl
-------- -----------
EXCHANGE\owa (Default Web Site) https://mail.externaldomain.co.uk/owa
get-ecpvirtualdirectory | ft identity,internalurl
Identity InternalUrl
-------- -----------
EXCHANGE\ecp (Default Web Site) https://mail.externaldomain.co.uk/ecp
get-ActiveSyncVirtualDirectory | ft identity,internalurl
Identity InternalUrl
-------- -----------
EXCHANGE\Microsoft-Server-ActiveSync (Default Web Site) https://mail.externaldomain.co.uk/Microsoft-Server-ActiveSync
Get-OutlookAnywhere
RunspaceId : 416632a3-3695-430f-8d49-a072344e2bc0
ServerName : EXCHANGE
SSLOffloading : True
ExternalHostname : mail.externaldomain.co.uk
InternalHostname : mail.externaldomain.co.uk
ExternalClientAuthenticationMethod : Negotiate
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm, Negotiate}
XropUrl :
ExternalClientsRequireSsl : True
InternalClientsRequireSsl : True
MetabasePath : IIS://EXCHANGE.internal.local/W3SVC/1/ROOT/Rpc
Path : C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 516.32)
Server : EXCHANGE
AdminDisplayName :
ExchangeVersion : 0.20 (15.0.0.0)
Name : Rpc (Default Web Site)
DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=EXCHANGE,CN=Servers,CN=Exchange
Administrative Group (FYDIBOHF23SPDLT),CN=Administrative
Groups,CN=CompExchange,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=internal,DC=local
Identity : EXCHANGE\Rpc (Default Web Site)
Guid : 7a9f693d-0f42-4fd5-8de9-e3e7eb946932
ObjectCategory : internal.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged : 26/06/2013 11:31:19
WhenCreated : 21/06/2013 14:37:47
WhenChangedUTC : 26/06/2013 10:31:19
WhenCreatedUTC : 21/06/2013 13:37:47
OrganizationId :
OriginatingServer : Exchange.internal.local
IsValid : True
ObjectState : Changed
get-exchangecertificate
Thumbprint Services Subject
---------- -------- -------
239AA8CC6811F0D226F73959B3B4D61FFADDF694 IP.WS.. CN=mail.externaldomain.co.uk, OU=Domain Control Validated
Screenshot of the error
!!EDIT!!
Also if it helps, running the Exchange through Test Exchange Connectivity reveals the following:
Best Answer
Ok - Changing the Autodiscover from a DNS A Record to an SRV Record fixed.
Also this was still popping up on the Test Machines which were already setup.
On deleting/re-adding the Exchange Accounts to Outlook this fixed.