Currently, the local domain does not match Internet domain. Domain controller [abc.com] & domain host is [domain.abc.com] where my internet domain is [xyz.com]. Domain server is running with Windows server 2003 Standard Edition (SP2). Moreover, it is working as DNS server. We have decided to add exchange server (2007) and implementation were done successfully. Host name of exchange server [email.abc.com] on LAN, where it is on the Internet [email.xyz.com]. SSL Certificate has been installed and the provider do not allow us to add our LAN domain names [abc.com, domain.abc.com, email.abc.com] as multi domain, because some of these LAN domains are matching Internet domain names which are owned by someone else. Currently, we are facing problems with authentication with Exchange Server especially when we use MS Outlook; Security Alert on startup "The name on the security certificate is invalid or does not match the name of the site.” Sometime OWA is coming out of operation due missing certificate “Event ID: 12014” and to solve it we have to re-apply the certificate. Questions: 1. How we can solve Outlook Security Alert issue? 2. How we solve "Event ID: 12014"? 3. Do the rename of "domain server" will solve the issue without affect Exchange operation? I am looking for your recommendation and gaudiness Thank you Related link: Rename Domain name without affact of Exchange Server 2007: http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/1808341c-0353-4105-8342-9020af7534c3#1808341c-0353-4105-8342-9020af7534c3

Change the ExternalUrl property of OWA virtual directory, so that it matches your Internet domain xyz.com

Hi,How we can solve Outlook Security Alert issue?>> This is due to the mismatch in the certificate name installed on IIS and the URL Name configured on ExternalUrl property of OWA virtual directory.I belive you have got the default self signed certificate (email.abc.com) configured on your Exchange Server. As your Internet domain is different then the internal therefore you need to get the External Domain Certificate and register on the Exchange Server.If you only want to have OWA then you can get single domain certificate otherwise if you want to use other services like autodiscover then you have to go for SAN certificate.How we solve "Event ID: 12014"?>> Once you register the External Domain Certificate you have to bind that certificate with all the services on the Exchange Server.http://support.microsoft.com/kb/555855Sanjay

Try this. When using SSL Certs use the FQDN as SAN (subject alternative name) and leave your external domain name as the common name.Example. If your exchange 2007 server is named email07. Your domain name is abc.com and your external domain name is xyz.comHave your cert set up like this. email.xyz.com (this is the external)Then set up SAN like thisautodiscover.abc.comemail07.abc.comemail07abc.comxyz.comConfigure OWA for the internal address and external address.Internal address should be https://email07.abc.com/owaExternal https://email.xyz.com/owa

Hi Alhashim This link will give you good overview and how setup with screenshot about setting up exchange server 2007 to external domain (internet domain). even you can browse the serversolutions.com can get ride of your issue I recon http://www.servolutions.com/support/config_exchange_2007.htm Good luckWith best regards siddu sajjan : Disclaimer: This posting is provided "as is" with no warranties, and confers no rights.

Hi Sanjay_Gupta , I understand that the other name of SAN certificate is Unified Communications certificates (UCC). If I am right. Why the certificate provider avoid to add my local domain as friendly name due to similliarty of our local domain with Internet domain the owned by someone?

Hi tenny26, Currently, the third party certificate is generatedas you mentioned, however the third party did not allow us to add our local domain name [email.abc.com] because it match an Internet domain owned by others?!

Hi Sanjay, I have set External Url, but I am still getting same result set-owavirtualdirectory "email\owa (Default Web site)" -externalurl:https://email.xyz.com/owa

Have you tried other Public CA. Either that or rename the server.

Do you have split DNS? This is easily solved if so. If not we could also just provision an internal zone (e.g. .local addresses) for Exchange to work around this. Domain rename isn't an option here.Active Directory, 4th Edition - www.briandesmond.com/ad4/