We had to add another accepted email domain to our server, which all worked good. The issue is the users who use this domain, their computers are not currently joined to the domain. They have Domain User accounts and are setup fine there, but any time they try to send and receive they get 0X80004005 errors. They also get certificate popups for autodiscover for their domain. This happens with them on the subnet of the server and when connected to vpn as well. We have a single exchange server with Hub Transport, Client Access, and Mailbox roles active. We currently only use self-signed certificates. I don't know how I should fix this, do I need to recreate the self signed certificate with the added autodiscover? Can I add another SSC with the added autodiscover? Thanks in advance.

domain joined computers use the AD SCP value for autodiscover (e.g. Get-ClientAccessServer | select *uri). Non-domain joined computers use DNS to find autodiscover (e.g. autodiscover.domain.com, domain.com/autodiscover). Its likley your autodiscover.domain.com dns records dont point to the right place or dont have the correct name in the certificate, or its not trusted. Mike Crowley | MVP My Blog -- Planet Technologies

Okay, so I need to add dns records...here is my question.... The main email setup is under domain1 and all users of that domain, use domain joined pcs... The new email domain we just added (domain2) is only used by 3 non-domain joined pcs...when Outlook is fired up, it looks for autodiscover.domain1.org....if i put the autodiscover dns record in my dns and point it to my exchange server...will that fix it?

You could create a cname so that autodiscover.domain2 points to autodiscover.domain1, but you'd also need a subject alternate name on your SSL certificate to support this. If you don't want to use multiple SSL certificates, you can configure autodiscover redirection, but it's probably not worth it for 3 users. I might just edit the host file on those 3 computers to ensure they never find autodiscover.domain2. Mike Crowley | MVP My Blog -- Planet Technologies

So if I understand you correctly......I could create another SSL cert with the autodiscover.domain2 on it and put it on my server to go along with the cname part to make that work? Or would I have to remake the Self Signed Cert I have on file already to add that subject alternate name to it? (As I can't seem to find a way to add an alternate name to an already existing exchange cert)

You would need a new cert with multiple names, such as: owa.domain1.comautodiscover.domain1.comautodiscover.domain2.com Also if it's not trusted by the computers that's a problem too. You should purchase a certificate from godaddy, entrust, digicert, etc Mike Crowley | MVP My Blog -- Planet Technologies

Thanks Mike!