My question relates to Outlook Anywhere. I have a 2007 server holding CAS, HUB, and Mailbox roles. I am deploying a 2010 server to replace it, but I suspect I'll need to run in coexistence for a bit. I have a public DNS record for owa.company.com that points to exch1.company.com which NATs to exch1.company.local through an ASA. My cert Principle Name is exch1.company.com. My problem is with the Outlook Anywhere setting the client to only connect to a cert with msstd:exch1.company.com. My plan was to point owa.company.com to exch2.company.com but this client setting gets me endless login prompts. I am assuming I'll need to uncheck that box on all the clients (connects when I do), but am unsure of the best way to prevent autodiscover from re-populating it. A few solutions I read are to change Set-OutlookProvider to server $null and certprincipalname to none (not recommended) or server $null and certprinciplename to the exch2.company.com. Why is solution 1 not recommended? Security issue? If I go with solution 2, how will clients still on 2007 server connect? I also read the default is to set server and certprincipalname to $null.....is this the best solution? I am currently testing in a lab w/ self signed certs so I want to make sure I am clear before buying a public cert. Thanks in advance for any clarification you can give me.....

here is how you deal with it http://technet.microsoft.com/en-us/library/cc411324(EXCHG.80).aspx Dhruv || Email - Polaris_1942@hotmail.com

Here's another good article from technet that describes the coexistence between 2007 and 2010 http://technet.microsoft.com/en-us/library/dd638158.aspx Read through it, ask us if anything is unclear in it Jonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog: http://www.testlabs.se/blog

Hi, As CertPrincName is only used for EXPR types. It specifies the SSL certificate principal name required when connecting externally from the Exchange topology and using SSL. For example, if SERVER were specified as "fourthcoffee.com" and CERTPRINCNAME were left blank the default value of CERTPRINCNAME would be "msstd:fourthcoffee.com". So when the parameters Server and CertPrincName are $null. The Service Discovery will return to the client the best CAS for Outlook Anywhere. When you CertPrincName is not $null, the Service will always return to the Outlook client the CertPrincName set in the EXPR provider. Here is a related article for you: When, if and how do you modify Outlook Providers http://msexchangeteam.com/archive/2008/09/29/449921.aspx If anything is unclear, please feel free to let me know and I will be glad to help. Thanks, Evan