Exchange 2010 Certification issues
Dear all, I am running Exchange 2010. I have an external domain name mail-svr.abc.com and I got a email server call mail-svr.def.com. I found that when users connected to mailboxes there will have the server and user page pop up. I tried to fix it with true certificate and all the things but still not luck. I realized the problem is because of RPC over HTTP was enabled. When I disable it the problem will gone. However, the setting will pop again when the user restart the computer again. Do you have any solution for this? Thanks and Regards Jacky
December 12th, 2012 1:45pm

Hi Jacky, Could you please provide more information about the issue you are encountering? If the issue is urgent, I'd recommend you contact Microsoft Customer Support SErvice for help so that the issue can be resolved effectively. 1. What is your network topology and the relationship of domain abc.com ad email server def.com? Is it a hosted server or you are using linked mailbox? 2.What is the exact error/warning message your user received? Please capture a screenshot so that we ca better understand. 3. What certificate is used in Excange server? please run Get-ExchangeCertificate |FL and post the result. 4. How does the affected Outlook client connect to Exchange server when the issue occurs? Please open Outlook Connection Status and capture a screeshot of the result. 5. Is it Outlook 2003 or Outlook 2010? 6. How did you disable RPC over HTTP? From Outlook client or Exchange server side? Thanks and Regards If you have any feedback on our support, please click hereFiona Liao TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
December 13th, 2012 5:27am

Hi Fiona, Thanks for your help, here is the information: 1. The abc.com is external domain name and def.com is internal domain name in Active Directory. 2. There have no error message but it have the promopt every time when the user logon to Outlook as below: 3. Get-ExchangeCertificate |FL result as follows: [PS] C:\Windows\system32>Get-ExchangeCertificate |FL AccessRules : CertificateDomains : {www.ardonmaroon.com, ardonmaroon.com, autodiscover.ardonmaroon.com, mail-svr.ardonmaroon.com, l-svr.ardoncapital.com, amchkex01.ardoncapital.com} HasPrivateKey : True IsSelfSigned : False Issuer : SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.sta ldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US NotAfter : 11/28/2015 3:36:56 PM NotBefore : 12/11/2012 11:40:30 PM PublicKeySize : 2048 RootCAType : ThirdParty SerialNumber : 4EBDAF17ABFCFB Services : IMAP, POP, IIS, SMTP Status : Valid Subject : CN=www.ardonmaroon.com, OU=Domain Control Validated, O=www.ardonmaroon.com Thumbprint : 8963563441A0794CD974277E0D41D366911F8991 AccessRules : CertificateDomains : {www.ardonmaroon.com, ardonmaroon.com, autodiscover.ardonmaroon.com, legacy.ardonmaroon.com, m svr.ardonmaroon.com} HasPrivateKey : True IsSelfSigned : False Issuer : SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.goda com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US NotAfter : 11/28/2015 3:36:56 PM NotBefore : 11/28/2012 3:36:56 PM PublicKeySize : 2048 RootCAType : Unknown SerialNumber : 048381684D97EC Services : IMAP, POP, SMTP Status : Invalid Subject : CN=www.ardonmaroon.com, OU=Domain Control Validated, O=www.ardonmaroon.com Thumbprint : FC7F7107D22202C66AFBBB5ACAB3D67151F28B4E AccessRules : CertificateDomains : {mail-svr.ardonmaroon.com, AMCHKEX01.ardoncapital.com, AMCHKEX01, autodiscover.ardoncapital.co utodiscover.ardonmaroon.com, ardonmaroon.com, mail-svr.ardoncapital.com, mail-svr} HasPrivateKey : True IsSelfSigned : True Issuer : CN=mail-svr.ardonmaroon.com NotAfter : 11/13/2017 7:55:22 PM NotBefore : 11/13/2012 7:55:22 PM PublicKeySize : 2048 RootCAType : None SerialNumber : 118A1F24BD7A59B049E174EE901334D8 Services : SMTP Status : Valid Subject : CN=mail-svr.ardonmaroon.com Thumbprint : 217ADA496509E28EB042E61490F51F684B80B26C AccessRules : CertificateDomains : {AMCHKEX01, AMCHKEX01.ardoncapital.com} HasPrivateKey : True IsSelfSigned : True Issuer : CN=AMCHKEX01 NotAfter : 10/29/2017 6:25:27 PM NotBefore : 10/29/2012 6:25:27 PM PublicKeySize : 2048 RootCAType : None SerialNumber : 293940CEA0FA38874548EF8FC0A905EE Services : SMTP Status : Valid Subject : CN=AMCHKEX01 Thumbprint : 399B3BEDCD9D6B5977548409BF569CFD063EBC5A 4. Users can still connected to Outlook, but they need to click OK for the dialogue box to close it so they dont want 5. It is Outlook 2010 6. I disable it from the client side, but it will enable automatically after close and re-open Outlook Thanks for your help. Jacky
December 13th, 2012 7:37am

Any update on the issues?
Free Windows Admin Tool Kit Click here and download it now
December 17th, 2012 1:12pm

Hi Jack, Thanks for the information provided. It seems no to be a user credential prompt issue, but a user profile update request based on the picture provided; and there is no certificate related issue/prompt from th screenshot. Are you deploying Outlook with MSP file? If yes, the .msp file might be incorrect. I'd suggest you manually reinstall Outlook and then try again to see if this works. Meanwhile, I'd recommend you post the screenshot in Outlook forum for more professional suggestion. Your understanding would be appreciated. Fiona Liao TechNet Community Support
December 18th, 2012 6:08am

Actually the Outlook was installed manually and there have couple of users got this problem. I am not sure if it is really the installer issues or the server itself. Do you have more idea?
Free Windows Admin Tool Kit Click here and download it now
December 20th, 2012 5:32am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics