I am hosting multiple external smtp domains in Exchange 2007 sp2 and currently have the autodiscover service configured for the clients in the domains. I have chosen not to use the redirect method for these clients, but the following article KB 939184 which allows them to use SRV records to look up the autodiscover service. I have used a CNAME instead, so for example: Autodiscover.math.school.edu CNAME autodiscover.main.school.edu, where autodiscover.main.school.edu is my true autodiscover record that has a SAN certificate name associated with it. When those external users open outlook 2007, they are prompted with a security alert saying that the "name on the security certificate is invalid or does not match the name of the site." If the client says "yes" then Outlook will function and autodiscover will work. I do not want my clients to get this warning every time they open Outlook. Is there anything I can do about that? Also is this happening because I am using a CNAME instead of an SRV record?

I believe you are going to have to add a SAN for autodiscover for every domain. -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "Wavegeek" wrote in message news:7c356383-a666-4dc7-a18e-bd6e5d6709dc... I am hosting multiple external smtp domains in Exchange 2007 sp2 and currently have the autodiscover service configured for the clients in the domains. I have chosen not to use the redirect method for these clients, but the following article KB 939184 which allows them to use SRV records to look up the autodiscover service. I have used a CNAME instead, so for example: Autodiscover.math.school.edu CNAME autodiscover.main.school.edu, where autodiscover.main.school.edu is my true autodiscover record that has a SAN certificate name associated with it. When those external users open outlook 2007, they are prompted with a security alert saying that the "name on the security certificate is invalid or does not match the name of the site." If the client says "yes" then Outlook will function and autodiscover will work. I do not want my clients to get this warning every time they open Outlook. Is there anything I can do about that? Also is this happening because I am using a CNAME instead of an SRV record? Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."