Exchange 2010 Certificates, IPs, and Domain Names...

Similar Messages

• Exchange 2010, UCC SSL, and the "new" CA/BROWSER Forum not issuing for .local

  I don't know how many people have run into this yet, but the CA/BROSWER Forum, the "standards" authority for SSL issuing, has mandated that CA's can no longer issue a certificate using a FQDN "intranet" name for new or renewal SSL certificates effective
  Nov 1, 2012.  i.e. the Microsoft standard of mydomain.local will no longer be accepted as a SAN on a UCC for Exchange 2010.  I've looked thru the KBs and Social forums, but haven't really found any guidance on how to solve this.  I'm presuming
  that the certs will have to be split and the "external" domain name of server.mydomain.net will just become a single server SSL, and the internal name of server.mydomain.local will become a Self-Signed certificate.  With the increasing prevalence of OA
  and ActiveSync devices, is there any baseline guidance yet on how to make this happen without completely fouling up production servers and killing access to the user community?

  On the same topic, though likely different environment...
  Against recommended deployment, I have a number of clients running all their services on one box.  Windows Server 2008, Active Directoy, DNS, Exchange 2010 ...and so on.  These servers all have .local addresses, which means of course that the SAN
  certificates have .local addresses as one of the SANs.
  I've read alot online about this issue, and am trying to find the most cost effective solution to switch numerous production servers running this configuration.
  The best solution I've come up with so far is...
  1. Virtual AD with new external domain, 2. Migrate Exchange CAS to this domain, 3.  Reconfigure network through the box.
  Obviously these steps will contain alot more details, but this is just the outline atm.  At best, I see me having to take a second box with me to each location to perform these steps, and I can't see it happening without disruption to the work flow
  of employees.
  Thankfully, all of these businesses are relatively smal...under 25 employees.  Still, I'd like to find the smoothest transition solution possible.
  Any suggestions would be greatly appreciated!
  Regards

• OS X Server clients can't login after IP renumber and domain Name change

  I can not seem to get the logins working again on my OS X server (10.9.4 w/ server 3.1.2 on a 1 yr old. MacMini) after I needed to renumber the IP and change the domain name. I destroyed the Open Directory server, recreated it and created one test account. If I log in to the client with a local account I can connect to the server (Go>Connect To Server)  from the client using my newly created account, but when I try to login to the server  using the same network account login I get the "shaking head" response immediately. I have rebound the server to this client and it says that network accounts are available, but seem to be at a loss to understand why it won't let me login...
  The only error message I see in any of the logs is the following:
  (AFP Error Log:) Sep 15 20:21:47 isis.mydomain.com AppleFileServer[3032] <Info>: major error <1>: No credentials were supplied, or the credentials were unavailable or inaccessible.
  I'm not sure what credentials it is referring to. I created a self signed certificate that I am using with OD, could that be the one?

  Many Open Directory problems can be resolved by taking the following steps. Test after each one, and back up all data before making any changes.
  1. The OD master must have a static IP address on the local network, not a dynamic address.
  2. You must have a working DNS service, and the server's hostname must match its fully-qualified domain name. To confirm, select the server by name in the sidebar of the Server application window, then select the Overview tab. Click the Edit button on the Host Name line. On the Accessing your Server sheet, Domain Name should be selected. Change the Host Name, if necessary. The server must have at least a three-level name (e.g. "server.yourdomain.com"), and the name must not be in the ".local" top-level domain, which is reserved for Bonjour.
  3. The primary DNS server used by the server must be 127.0.0.1 (that is, itself) unless you're using another server for internal DNS. The only DNS server set on the clients should be the internal one, which they should get from DHCP if applicable.
  4. Follow these instructions to rebuild the Kerberos configuration on the master.
  5. If you use authenticated binding, check the validity of the master's certificate. The common name must match the hostname and domain name. Deselecting and then reselecting the certificate in Server.app has been reported to have an effect in some cases. Otherwise delete all certificates and create new ones.
  6. Unbind and then rebind the clients in the Users & Groups preference pane. Use the fully-qualified domain name of the master.
  7. Reboot the master and the clients.
  8. Don't log in to the server with a network user's account.
  9. Disable any internal firewalls in use, including third-party "security" software.
  10. If you've created any replica servers, delete them.
  11. As a last resort, export all OD users. In the Open Directory pane of Server, delete the OD server. Then recreate it and import the users. Ensure that the UID's are in the 1001+ range.

• Exchange 2010 in a DSfW Domain?

  Hi
  Can i install Exchange 2010 in a DSFW only Domain or does i need a real AD Domain and then make a trust between the two domains?
  Thanks
  Ren

  Originally Posted by RENEK
  Hi
  Can i install Exchange 2010 in a DSFW only Domain or does i need a real AD Domain and then make a trust between the two domains?
  Thanks
  Ren
  Hi Ren,
  Installing Exchange 2010 directly into a DSfW domain will not work and is not supported. You won't even get passed the prep stage as the schema extensions that are required won't get accepted by the DSfW controllers.
  Best way to go about this (if you already have DSfW setup) is to create a basic AD and define a cross forest trust between the two. Install Exchange 2010 into AD and provision the users from the DSfW domain over the trust.
  If you don't have DSfW setup, using IDM (the bundle edition is licensed along with GroupWise/OES) is another option.
  Cheers,
  Willem

• Exchange 2010 management tools and others

  Win2k8 domain, Exchange 2010 servers
  We want to move to Win8.1 but we, the admins, are preventing it because our tools like the Exchange 2010 Management tool doesn't work with Win8.0 so we're stuck with Win7.
  I've googled around and most suggestion never worked.
  Does Microsoft have any plans at all to have Exchange 2010 management tools and other tools we use to manage our domain work with Win8.1?

  Hi Rino, 
  Thanks for your sharing and efforts put on this issue. 
  This will benefit others who encounter the similar scenario as yours.  
  Happy holiday~
  Kate Li
  TechNet Community Support

• How to change host name and domain name in installed Cisco Meeting Place Express 2.0?

  Hi
  I have  Cisco Meeting Place Express 2.0 installed on server. Meting Place uses Linux (Red Hat) as base operation system. Please tell me how I can change host name and domain name for Meeting Place Express application to integrate it into corporate domain infrastructure.
  Thanks in advance!!!
  Sincerely yours
  Sergey Bondarenko

  Hi
  Thanks for your attention for my humble problem.
  I have performed Meeting Place Express configuration through the “net” command.
  But now unfortunately I can't connect to meeting place through web browser. I just get blank page.
  Though I can reach the server with help of ssh. I think my DNS works properly because I can resolve the ip address of  cumpxvoice .uclab.com and cumpxweb. uclab.com with help of dig command.
  Have you any idea?
  A lot of thanks in advance!!
  Sincerely yours Sergey Bondarenko
  Here I have printed the net configuration output of Cisco meeting Place Express:
  [root@cumpxvoice root]# net
  This is the MeetingPlace Express network configuration utility.
  Up to the point where you save changes, it is safe to hit ^C to get
  out at any time, in which case nothing will have changed.
  1) List current configuration
  2) Configure Ethernet port 1
  3) Configure Ethernet port 2
  4) Configure service bindings
  5) Set host names
  6) Set domain name
  7) Configure DNS service
  8) Configure NTP service
  9) Configure routing
  10) Done
  Select: 1
  Primary/audio host name: cumpxvoice
  HTTP host name:          cumpxvoice
  RTMP host name:          cumpxweb
  Domain name:             uclab.com
  Service bindings:
  Audio:                   port 1 (eth0)
  Web browsing (HTTP):     port 1 (eth0)
  Web conferencing (RTMP): port 2 (eth1)
  Port 1 (device eth0):
  IP Address:      10.62.60.116
  Network mask:    255.255.255.0
  Default gateway: 10.62.60.1
  Link setting:    autoneg on
  Port 2 (device eth1):
  IP Address:      10.62.60.117
  Network mask:    255.255.255.0
  Default gateway: 10.62.60.1
  Link setting:    autoneg on
  Static routes:
  Destination      Gateway          Network mask     Port
  0.0.0.0          10.62.60.1       0.0.0.0          1
  DNS Servers:
  10.62.60.115
  10.0.1.4

• How to change Host and domain name on APS 10g R2

  Hi,
  I have installed oracle application server 10g rel.2 I want to change the host and domain of the system, what should I do, Plz help.
  Thanks and Regards.
  Khawar

  Hi,
  Thanks to all of you for reply, I started without reading any manual to modify host and domain name and after expending several hours finally decided to reinstall APS, with new installation forms runing ok but report server having problem if you see the status of report server in enterprise manager it shows green mark(if you want to stop it via EM it will not), if you check with Report Queue manager it says no report server with the given name,
  if you check the report with GETSERVERINFO via browser it says
  "REP-51002 Bind to report server AAAAA failed. some one have idea."
  some one plz explain me how can I fix it.
  Thanks and Regards.
  Khawar

• How to change the full host and domain name on OS X Leopard...

  I recently bought an iMac, and I'm trying to configure it for my network. The question I have is, how can I change the host name and domain name from Skuld.local to skuld.tolharadys.net?
  After mucking around with a few searches on Google, I've gotten the domain name to stick since running domainname returns tolharadys.net. Also I can change the hostname as reported by 'hostname' temporarily by running 'hostname skuld.tolharadys.net' in Terminal.app. However, this isn't persistent after reboots. Ideas are welcome.

  You would need a DNS server on your network configured to answer authoritatively for that particular subdomain.

• How to change the name / IP address and domain name for BOE Server

  Hello,
  We want to change the name / IP address and domain name for BOE Server, please could you indicate the steps or procedure to follow?
  I need your help
  thank you

  If it's 3.1 just change them, shouldn't cause any issues if by domain name you are referring to changing the domain the computer belongs to. If you are changing your domain for AD authentication then you will may have to take quite a few steps if the old domain is going away. Let us know.
  Regards,
  Tim

• How to change IP, Hostname and domain name for Oracle Application R12

  Hi,
  I'm new to Oracle, we used to have one production and one test server for Oracle Application R12, but the test server was corrupted, so we decided to clone production server and create a new test server, after cloning and creation of test server, how should we do to change IP address, hostname and domain name for test server?
  Our production and test server environment is:
  Linux Enterprise AS 2.6.9
  Application module: E-Business Suite Treasury only
  Your advice will be much appreciated.
  Regards,
  Kenneth
  Edited by: 850209 on Apr 7, 2011 5:37 PM

  850209 wrote:
  Hi,
  There are few tnsnames.ora and listener.ora files in the system, how to know which one are effective? If I change tnsnames.ora hostname entry, do I need to change listerner.ora file also?
  Thanks.
  Regard,
  Kenneth.tnsnames.ora is used only by client processes. listner.ora is used only to configure the listener, and that is a server side issue only. In addition, the listener can start without any listener.ora at all, using all default values. See my discussion of tns issues at edstevensdba.wordpress.com
  If you are using dbcontrol, you will most likely need to reconfigure it, using the emca utility.

• Change Groupwise system name, po name and domain name?

  Hello Board,
  we want to migrate a Groupwise 7 System (Netware) to a Groupwise 8 System (Linux).
  Doesnt sound that difficult, but we dont want to use the names for the system name, the post office and the domain (groupwise domain, _not_ internet domain) which were used on the old system.
  Currently iam trying the way mentioned in TID 10077372, which mentions merging the two systems and then delete the old System.
  Am i on the right way? Do you have any hints?
  Any help appreciated.
  best regards
  sven

  Grewes,
  Ok you have a GW system(s) that you do not like the names and you want to change them. Not a problem. As you stated, and as Tommy said -merging works.
  The process you need is to build a new GW system -same as the version you have running preferred. Set it up as you like it -name-wise. Then, merge the older systems (branches) into the new system you built. Then you will have to build new domains/post offices and move mailboxes from the old GW branches into the new domains/post offices. When its all done -delete the old, and you are done.
  I have done many different variations of this type of migration/merge/consolidation. It works, its just a lot of work. Just make sure to plan it all out on paper first, document it, then go forward.
  Good Luck!
  Take Care.
  Gregg A. Hinchman
  Consultant
  [email protected]
  www.HinchmanConsulting.com
  A Novell Consulting Partner
  317.329.0288 Office
  413.254.2819 eFax
  "Courage is doing what is right."
  "Do not be bound to any doctrine, theory or ideology, even Buddhist ones. All systems of thought are guiding means, not absolute truth." Thich Nhat Hanh, Vietnamese monk.
  Book Travel @: www.booknewtravelnow.com
  >>>
  From: grewes<[email protected]>
  To:novell.support.groupwise.migrations
  Date: 8/20/2009 6:56 AM
  Subject: Re: Change Groupwise system name, po name and domain name?
  Thank you for your reply.
  I do not want to keep the names.
  If i want to link this domain to another branches domain and the domain
  is called the same this doesnt work AFAIK.
  grewes
  grewes's Profile: http://forums.novell.com/member.php?userid=3563
  View this thread: http://forums.novell.com/showthread.php?t=383606

• How to retrieve username and domain name on Macintosh.

  Hi,
  Can anyone tell me how to retrieve username and domain name on Macintosh
  Thanks
  Priyanka.

  There is no system property for the domain name.
  Can you please tell me some other way for solving
  this problem.No. If it's not an environment variable (System.getEnv IIRC) and no property, you can't get it without native calls using JNI or Runtime.exec/Process.

• CUCM & CUP DNS and Domain name

  Hello
  CUCM 9.1, CUP 9.1 and CUC 9.1
  I have not mentioned DNS or domain name on my CUCM and on my CUP, if i enable the DNS and domain name on the CUCM does it will change the license mac of CUCM AND CUP ???? which will cause me to rehost the license from the cisco licensing team.
  thanks

  Hi Jack,
  You can do that. Nothing would happen.
  please follow the links
  https://supportforums.cisco.com/message/4109569#4109569
  https://supportforums.cisco.com/thread/2227236
  regds,
  aman

• User Logon Name (pre-Windows 2000) and Domain Name Don't have the same Value

  Hi
  is it possible to have User Logon Name (pre-Windows 2000) and Domain Name with different value?
  Exemple:
  domain name domain1.com
  and User Logon Name (pre-Windows 2000) Domain2\user

  If you have trust in place, then also you can use trusted domain name to login from trustee domain. Also, UPN suffix can be added.
  http://technet.microsoft.com/en-us/library/cc773178%28v=ws.10%29.aspx
  Awinish Vishwakarma - MVP
  My Blog: awinish.wordpress.com
  Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

• I have two location one is Delhi(IP-192.168.100.*) and another is Mumbai(IP-192.168.1.*) and both are connected by MPLS line and ping with each other. We have one DC in Delhi location and domain name is CAPLDC and Delhi location all PC is member of this

  I have two location one is Delhi(IP-192.168.100.*) and another is Mumbai(IP-192.168.1.*) and both are connected by MPLS line and ping with each other.
  We have one DC in Delhi location and domain name is CAPLDC and Delhi location all PC is member of this domain and working properly.
  now i am trying join the Mumbai location PC with my Domain(CAPLDC) but they are not join with my DC and generate the error.
  I have chek the DNS and nslookup all are correct but this is generate error. 
   Is this possible Mumbai location join with this Domain(CAPLDC)???
  One more thing when i have created another DC with this name (papldc.com) then Mumbai location is joined properly.
  Pls find the error message below and also find the attachment.
  Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
  The domain name "capldc" might be a NetBIOS domain name.  If this is the case, verify that the domain name is properly registered with WINS.
  If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
  DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "capldc":
  The query was for the SRV record for _ldap._tcp.dc._msdcs.capldc
  The following domain controllers were identified by the query:
  capldcserver.capldc
  win-dyfq2poc88q.capldc
  However no domain controllers could be contacted.
  Common causes of this error include:
  - Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
  - Domain controllers registered in DNS are not connected to the network or are not running.
  Pankaj Kumar

  Why are you using a single labeled domain? I would recommend renaming the domain name to be something like domain.com.
  Please refer to the articles below to fix your current issue:
  http://www.wincert.net/tips/networking/1614-cant-join-pc-to-a-domain-with-single-label.html
  http://www.itgeared.com/articles/1128-using-single-label-dns-names-for-active/
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile