I just upgraded our Exchange 2007 SP2 environment to SP3. On one of our servers it has both the HUB and CAS roles installed, the CAS role was never implemented fully on this server and only has self signed certificates. All ran well for 2-3 years. Outlook clients are now starting to get certificate errors for this server now. Looks like the CAS role functionality is now enabled on the server. I found where Outlook Anywhere was enabled on this server, not sure if it was before or not. I disabled it. Still getting the cert. error Is there a way to disable CAS functionality on a server? I just need it to do HUB functionality. Thoughts or ideas? Thanks... Jason Meyer Update: I do see that the CAS services are STARTED on this server and am now wondering if I should just disable them. Microsoft Exchange File Distribution Services Microsoft Exchange Service Host

Hi Jason, You can stop CAS service on serer if you don;t want CAS functionality. To see all CAS services you can check below article. Microsoft Exchange File Distribution Services and Microsoft Exchange Service Host also CAS services http://www.msexchange.org/articles-tutorials/exchange-server-2007/planning-architecture/how-exchange-server-2007-core-services-work-together.htmlAnil MCC 2011,ITIL V3,MCSA 2003,MCTS 2010, My Blog : http://messagingschool.wordpress.com

see http://www.telnetport25.com/2009/04/quick-tip-removing-the-client-access-server-role-from-a-mixed-role-server%e2%80%a6/

Thank you for the input on this. I am now seeing that there is a Autodiscover process running on the server that the cert. error is coming from. Currently researching how to disable or remove the autodiscover functionality. Not sure if removing the virtual directories, or disabling the CAS services will clean this part up. As always, any thoughts are welcome. JasonJason Meyer

So, you have another CAs server? See the link to remove autodiscover http://technet.microsoft.com/en-us/library/aa995958.aspx

Yes, we have two other CAS servers that are operating correctly. Saturday I installed SP3 and rollup 3v2 and this issue started occurring. If I run Get-AcutodiscoverVirtualDirectory it returns only the two CAS servers that are working properly. (thank you LMurthy) If I run Get-ClientAccessServer | fl I see information on the three servers, CAS01, CAS02, and HUB01. I want to eliminate the certificate error that clients are getting from HUB01. Can I remove the AutoDiscover information from HUB01? Currently researching. Jason Meyer

Yes, you can.

Will that stop clients from attempting to use it for AutoDiscover? Trying to find the meaning of the IsValid parameter now..Jason Meyer

I would advise you to remove the CAs server using add\remove programs. If you just want to remove autodiscover then remove-autodiscover virtual directory and it will remove the entry from service connection point lookup and clients will not use this server for autodiscover.

Get-AutodiscoverVirtualDirectory only shows the two CAS servers that are working properly (CAS01 and CAS02) Get-ClientAccessServer returns information on (CAS01, CAS02, and HUB01) AutoDiscoverServiceCN, AutoDiscoverServiceClassName, AutoDiscoverServiceInternalUri, AutoDiscoverServiceGuid, and AutoDiscoverSiteScope all have information for each of the three servers. Is this what I remove to stop the clients from hitting HUB01 for Autodiscover information? Jason Meyer

Get-AutodiscoverVirtualDirectory only shows the two CAS servers that are working properly (CAS01 and CAS02) Get-ClientAccessServer returns information on (CAS01, CAS02, and HUB01) AutoDiscoverServiceCN, AutoDiscoverServiceClassName, AutoDiscoverServiceInternalUri, AutoDiscoverServiceGuid, and AutoDiscoverSiteScope all have information for each of the three servers. Is this what I remove to stop the clients from hitting HUB01 for Autodiscover information? Jason Meyer What's the detail message in the certificate warning? If you do not want to use CAS features in the Hub01 server, it is recommended to uninstall the CAS role through "Program and Feature". If you would not like to uninstall the CAS role, please use the following method to avoid the users to connect to the hub01 for autodiscover services: 1. Open EMS, type: set-clientaccesserver -identity hub01 -autodiscoverinternalURi:https://cas01.domain.com/autodiscover/autodiscover.xml Then the users will not connect to cas01 for autodiscover service. Gen Lin TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com

Really appreciate everyone's input and help... ended up using set-clientaccesserver -identity problemserver -autodiscoverinternaluri: $NULL and will probably be uninstalling the CAS role from this server. Hit enter, attempted autodiscover test on Outlook and instantly resolved my problem. Thanks again.Jason Meyer

IF you have another CAS server installed, you can uninstall the CAS Role. Removing CAS role will not impact the HUB Server. Thanks & Regards, Sandheep [...:::""I can't do it" never yet accomplished anything; "I will try" has performed wonders ":::...]