HiWe are having an issue with users not being able to use the Out of Office assistant. All users are using Outlook 2007.Initially when I installed Exchange at this site I removed the self signed certificate and installed a certificate from our internal CA. The certificate was issued to the WAN IP address of the site as I think from memory I done this to get the Outlook Mobile devices working as both the mobile devices and Outlook Web Access use this link to connect https://123.123.123.123/owaAfter I installed this certificate users on the LAN i.e. in Outlook 2007 kept getting a security warning when they opened Outlook. The error was along the lines of the certificate not matching obviously due to the fact it was issued to the WAN IP address of the network. From memory I had to run a couple of commands in the management shell (i'm sure it was to do with the certificate) to get this message to dissappear. Everything is working ok in terms of Outlook Web Access and Mobile Access however there seems to be an issue for users trying to set the Out of Office assistant in Outlook. It works ok when they set it in OWA. The error message states "Your Out of Office cannot be displayed because the server is currently unavailable". Looking into it I got one of the users to hold ctrl and right-click the Outlook icon in the task bar to test email auto-configuration and they get the following error "Autoconfiguration was unable to determine your settings". I'm guessing that the auto-configuration error is likely why the Out Of Office is not working either, what I'm not sure of is how to fix it. Is this something to do with the fact that I issued the security cerificate to the WAN IP address of the network but the internal clients use the hostname of the server to connect? If so I can issue and install a different certificate, should this be issued to the internal server name? Thanks for any help

To get exchange web services work you must create a certificate using SAN´s, the SAN´s should be:fqdn of xchange server = this one is use to OOF, OAB download, free/busy connects to the exchange to get the web services.autodiscover.domain.com = this is to locate the exchange web services outside of your networkmail.domain.com = external name to access owa, outlook anywhere even if you use it internally etcCapecolMCSA - MCTS Exchange Server 2007 - 2010

HiThanks for your response.I still cant get this to work or get in my head how this is supposed to be configured. I have created a new certificate with the common name being the external owa link as I need to do this so that the mobile devices can connect i.e. mail.mydomain.comI then followed the instructions in this article: http://support.microsoft.com/kb/940726 and used mail.mydomain.com for each command.So if I am reading your response corrently are you saying that I need to create 3 seperate certificates? I thought only one certificate could be installed to the default website in IIS?Thanks

any resolution on this? I'm having the same issues

Hi guys, I will try to explain the Capecol's post. All that you need is generate a certificate request that include the three necessary names. As is explained in this webpage: http://www.linhadecodigo.com.br/artigo/2070/Exchange-Server-Criando-certificados-com-Subject-Alternative-names-em-uma-PKI-interna.aspx Sample of the request in Exchange's PowerShell: New-ExchangeCertificate -GeneralRequest -Path c:\cert1.req -SubjectName "dc=mydomain,dc=com" -DomainName srv-exch01, srv-exch.mydomain.com, mail.mydomain.com, autodiscover.mydomain.com -FriendlyName "My Domain Certificate" You will need to have a few names in the Subject Alternative Name field: Server FQDN, Server NetBios, Autodiscover,External Name. best,MCP, MCSA, MCTS 7, MCITP SA, MCITP consumer support

Hi guys, I will try to explain the Capecol's post. All that you need is generate a certificate request that include the three necessary names. As is explained in this webpage: http://www.linhadecodigo.com.br/artigo/2070/Exchange-Server-Criando-certificados-com-Subject-Alternative-names-em-uma-PKI-interna.aspx Example of the request in Exchange's PowerShell: New-ExchangeCertificate -GeneralRequest -Path c:\cert1.req -SubjectName "dc=mydomain,dc=com" -DomainName srv-exch01, srv-exch.mydomain.com, mail.mydomain.com, autodiscover.mydomain.com -FriendlyName "My Domain Certificate" You will need to have a few names in the Subject Alternative Name field: Server FQDN, Server NetBios, Autodiscover,External Name. best, MCP, MCSA, MCTS 7, MCITP SA, MCITP consumer support