Renew SSL Certificate for for two Exchange 2010 Server and the new rules.

Similar Messages

• ACS Not installing renewed SSL Certificate for PEAP/EAP-TLS?

  We recently renewed our SSL certificate through RapidSSL. While attempting to install the new certificate into ACS, I was given the prompt to showing the updated dates, confirmed and installed the new certificate, deleting the old. I restarted ACS, as required, but when trying to enable PEAP or EAP-TLS, I am getting the error "Failed to initialize PEAP or EAP-TLS authentication protocol because ACS certificate is not installed."
  The worst part, is that I when I tried to reinstall the old certificate, I am now getting the same problem.
  Any suggestions?

  Matt,
  How did you perform the CSR.... did you use ACS or OpenSSL? Also, did you verify that the certificate is in the trusted personal folder on the server?
  Scott

• I have two Macs: an MBA and the new iMac.  Is there a way to have iTunes and all the content in it identical on both machines?

  I have two Macs: an MBA and the new iMac.  Is there a way to have iTunes and all the content in it identical on both machines?

  Yes you can copy the content to your new machine and use Home Sharing to keep the content identical
  Connect the two machines via an ethernet cable it is 3 times faster than Wifi. Turn wifi off on one machine to enforce ethernet connection
  In System Preferences, Sharing turn on File Sharing
  Then
  Copy the music/itunes folder from the Macbook pro to the music/ folder on the imac
  Both machines should now have the same library
  Disconnect H the ethernet cable
  Set up Home Sharing and under Settings at the bottom of the Home Sharing page. Select to transfer new purchases.
  Do the same on the other machine.
  Then when you r machines are connected by wifi and each time you start itunes it will transfer your new purchases
  Setting up home sharing

• We have a Exchange 2013 server and the Mailbox Database folder is filling up with .log files.

  We are migrating from Exchange 2010 to Exchange 2013.  We have installed the Exchange 2013 but it only has a couple of mailboxes on this server, all the mailboxes are still on the Exchange 2010 server.
  I have run a Windows Backup of the Exchange 2013 but I am still seeing a ton a log files in the mailbox folder.
  Also the database file is only about 1.1 GB but the backup is now 40 GB.  
  Is there something that can be done to truncate these logs and make the backup smaller?

  Hi ,
  1.Does the full backup completed successfully ?
  2.what about the status for the below mentioned command ? Does the mailbox database headers updated with the latest time and date ?
  Get-MailboxDatabase -Status | ft name,*full* -au
  3.Just check the application event logs for the event id
   2046  and that should state that the log truncation for the mailbox databases has been initiated or not.
  4.Before initiating the backup just make the exchange writer is not on error.
  vssadmin list writers
  In case if it on error state ,please restart the Microsoft exchange replication service and check the exchange writers status again by using the above mentioned command.
  Thanks & Regards S.Nithyanandham

• Exchange 2010 server and anonymous spam

  Force all users to change their passwords.
  Ensure you do not have a open relay internally and externally as well.
  Enable logs in your router to check for traffic on port 25.

  Hi Guys, i've been having this issue for some time now.
  The queue viewer in exchange keeps filling up to 100+ emails which were unable to send
  -The from address is always
  -the source is always local
  ip is always 255.255.255.255
  -subject is "automatic reply:
  I've Checked the server for viruses
  -Disabled Delivery reports(non deliver report spam attack)
  at this point i'm starting to suspect someone on the network may have a rootkit or some spammer may have gotten a hold of a password of a user.
  anyone else have this issue?
  whats the best way to approach this?
  This topic first appeared in the Spiceworks Community

• Firefox for Android: cannot locate server and the URL trying to reach includes a colon character

  Trying to reach a URL like this: http://myserver123:1009/home.aspx
  I've already disabled the firefox adding the "www" and ".com" to the URL which was definitely an issue originally, but it still does not resolve properly.
  The error page says:
  "Server not found. Firefox cannot find the server at myserver123"
  It seems Firefox is stopping at the colon character in the URL, thus not resolving to the page.
  Any ideas on how to fix?

  Hi LI_NY_1
  On my Nexus 6, running Lollipop and FF 37.0.1 I have no problem reaching urls like:
  http://rt-mba11:8080/index.html
  Are you sure you have your webserver for myserver123 configured correctly?
  If you could give me the URL of your webserver I can try to see if I can reproduce this problem; my guess is this is a webserver config issue and not a Firefox for Android issue but of course I could be wrong!
  Cheers!
  ...Roland

• Remove inaccessible/inactive exchange 2010 server

  I had a second exchange 2010 server with a DAG setup between the primary production exchange 2010 server and the secondary one which was at our DR site. I did a DR test and ended up having to break the DAG and mount the DB manually for the DR test. AS a
  result this second exchange server has been switched off and I have removed the DAG from the production side and all is ok with that. I am planning to move to a netapp exchange replication solution instead of dag for DR. As the DAG does not work well as a
  DR solution.
  The only problem that remains is that I still have the old server listed under servers and there is a public folder database that is still listed from the second server. Is there a way to remove this inasscible server from exchange without doing it through
  ASDIedit? There is no way that i can turn this second server on again.

  Your first option is to uninstall normally as commented by Ed.
  If no way you can uninstall (in a documented way), then you can go with the final option of cleaning up from active directory. But take a backup of the active directory system state before doing this to be safe.
  http://social.technet.microsoft.com/Forums/exchange/en-US/1c638bdd-67ba-44dd-996d-882be5fe5b09/remove-failed-exchange-2010-servers-that-are-no-longer-accessible?forum=exchange2010
  http://windowsitpro.com/exchange-server/how-uninstall-stubborn-exchange-server
  Thanks, MAS
  Please mark as helpful if you find my comment helpful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

• Exchange 2010, UCC SSL, and the "new" CA/BROWSER Forum not issuing for .local

  I don't know how many people have run into this yet, but the CA/BROSWER Forum, the "standards" authority for SSL issuing, has mandated that CA's can no longer issue a certificate using a FQDN "intranet" name for new or renewal SSL certificates effective
  Nov 1, 2012.  i.e. the Microsoft standard of mydomain.local will no longer be accepted as a SAN on a UCC for Exchange 2010.  I've looked thru the KBs and Social forums, but haven't really found any guidance on how to solve this.  I'm presuming
  that the certs will have to be split and the "external" domain name of server.mydomain.net will just become a single server SSL, and the internal name of server.mydomain.local will become a Self-Signed certificate.  With the increasing prevalence of OA
  and ActiveSync devices, is there any baseline guidance yet on how to make this happen without completely fouling up production servers and killing access to the user community?

  On the same topic, though likely different environment...
  Against recommended deployment, I have a number of clients running all their services on one box.  Windows Server 2008, Active Directoy, DNS, Exchange 2010 ...and so on.  These servers all have .local addresses, which means of course that the SAN
  certificates have .local addresses as one of the SANs.
  I've read alot online about this issue, and am trying to find the most cost effective solution to switch numerous production servers running this configuration.
  The best solution I've come up with so far is...
  1. Virtual AD with new external domain, 2. Migrate Exchange CAS to this domain, 3.  Reconfigure network through the box.
  Obviously these steps will contain alot more details, but this is just the outline atm.  At best, I see me having to take a second box with me to each location to perform these steps, and I can't see it happening without disruption to the work flow
  of employees.
  Thankfully, all of these businesses are relatively smal...under 25 employees.  Still, I'd like to find the smoothest transition solution possible.
  Any suggestions would be greatly appreciated!
  Regards

• Unable to uninstall last Exchange 2010 server

  Hi,
  I am unable to uninstall last Exchange 2010 server from the organization.
  I get error message:
  Summary: 3 item(s). 2 succeeded, 1 failed.
  Elapsed time: 00:00:19
  Configuring Prerequisites
  Completed
  Elapsed Time: 00:00:00
  Mailbox Role Prerequisites
  Failed
  Error:
  Uninstall cannot continue. Database 'Mailbox Database 2105185066': This mailbox database contains one or more mailboxes, mailbox plans, archive mailboxes, or arbitration mailboxes. To get a list of all mailboxes in this database, run the command Get-Mailbox
  -Database <Database ID>. To get a list of all mailbox plans in this database, run the command Get-MailboxPlan. To get a list of archive mailboxes in this database, run the command Get-Mailbox -Database <Database ID> -Archive. To get a list of all
  arbitration mailboxes in this database, run the command Get-Mailbox -Database <Database ID> -Arbitration. To disable a non-arbitration mailbox so that you can delete the mailbox database, run the command Disable-Mailbox <Mailbox ID>. To disable
  an archive mailbox so you can delete the mailbox database, run the command Disable-Mailbox <Mailbox ID> -Archive. Arbitration mailboxes should be moved to another server; to do this, run the command New-MoveRequest <parameters>. If this is the
  last server in the organization, run the command Disable-Mailbox <Mailbox ID> -Arbitration -DisableLastArbitrationMailboxAllowed to disable the arbitration mailbox. Mailbox plans should be moved to another server; to do this, run the command Set-MailboxPlan
  <MailboxPlan ID> -Database <Database ID>.
  Click here for help...
  http://go.microsoft.com/fwlink/?linkid=30939&l=en&v=ExBPA.14&id=4a96fd69-9cec-4a48-9571-5c9e8ab3cfe9
  Elapsed Time: 00:00:15
  Organization Prerequisites
  Completed
  Elapsed Time: 00:00:03
  I have deleted all the mailboxes, distribution groups, contacts, etc. but I am still unable to uninstall one database. When trying to delete the last database I get following error message:
  The mailbox database 'Mailbox Database 2105185066' cannot be deleted.
  Mailbox Database 2105185066
  Failed
  Error:
  This mailbox database contains one or more mailboxes, mailbox plans, archive mailboxes, or arbitration mailboxes. To get a list of all mailboxes in this database, run the command Get-Mailbox -Database <Database ID>. To get a list of all mailbox plans
  in this database, run the command Get-MailboxPlan. To get a list of archive mailboxes in this database, run the command Get-Mailbox -Database <Database ID> -Archive. To get a list of all arbitration mailboxes in this database, run the command Get-Mailbox
  -Database <Database ID> -Arbitration. To disable a non-arbitration mailbox so that you can delete the mailbox database, run the command Disable-Mailbox <Mailbox ID>. To disable an archive mailbox so you can delete the mailbox database, run the
  command Disable-Mailbox <Mailbox ID> -Archive. Arbitration mailboxes should be moved to another server; to do this, run the command New-MoveRequest <parameters>. If this is the last server in the organization, run the command Disable-Mailbox <Mailbox
  ID> -Arbitration -DisableLastArbitrationMailboxAllowed to disable the arbitration mailbox. Mailbox plans should be moved to another server; to do this, run the command Set-MailboxPlan <MailboxPlan ID> -Database <Database ID>.
  If I run command "Get-Mailbox -Database "Mailbox Database 2105185066" -Arbitration | ft -Wrap -Auto", I get following result:
  Name                                               
  Alias                                              
  ServerName Prohibit Send Quota
  SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9} SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9} ex01       unlimited
  FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 ex01       1 MB (1,048,576bytes)
  I suspect it is because of these "maiboxes" why I am unable to delete the database.
  If I run command "Disable-Mailbox SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9} -Arbitration -DisableLastArbitrationMailboxAllowed ", I get following error message:
  A positional parameter cannot be found that accepts argument 'e0dc1c29-89c3-4034-b678-e6c29d823ed9'.
      + CategoryInfo          : InvalidArgument: (:) [Disable-Mailbox], ParameterBindingException
      + FullyQualifiedErrorId : PositionalParameterNotFound,Disable-Mailbox
  Do you have any ideas how to delete the last database and uninstall the last Exchange 2010 server properly from the organization?
  Best regards,
  Toni
  www.triuvare.fi

  Hi,
  I agree with Martina. This should be solved somehow without need to use ADSI Edit.
  Martina, I did run the command you suggested (Get-mailbox -arbitration | disable-mailbox -DisableLastArbitrationMailboxAllowed), but unfortunately here is the result:
  The operation couldn't be performed because object 'Company.local/Users/SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}' couldn't be found on 'DC.Company.local'.
      + CategoryInfo          : InvalidData: (Company.local/U...8-e6c29d823ed9}:MailboxIdParameter) [Disable-Mailbox], ManagementObjectNotFoundException
      + FullyQualifiedErrorId : 63BA19E1,Microsoft.Exchange.Management.RecipientTasks.DisableMailbox
  The operation couldn't be performed because object 'Company.local/Users/FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042' couldn't be found on 'DC.Company.local'.
      + CategoryInfo          : InvalidData: (Company.local/U...bf-00a95fa1e042:MailboxIdParameter) [Disable-Mailbox], ManagementObjectNotFoundException
      + FullyQualifiedErrorId : 4002E2C8,Microsoft.Exchange.Management.RecipientTasks.DisableMailbox
  Connection between the Exchange server and the Domain Controller (DC.Company.local) is working.
  Best regards,
  Toni
  www.triuvare.fi

• Adding a second Exchange 2010 Server to an exsisting site.

  We have a working server and I want to load a second Exchange 2010 server and migrate all roles and users to the new server. What if anything do I need to watch when doing this. This first step I want to do is move all users to the new server because we
  are running out of space on the old server, and then I will move roles to the new server. then shut the old server down. Again just looking for some good directions to do this.
  Thanks,
  Dan

  Hi,
  I agree with DareDevil57. We can add a new Exchange 2010 server and migrate from the old Exchange 2010 to the new Exchange 2010 server. Make sure the new Exchange server works well, then we can decommission the old Exchange 2010 server.
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• How we can get SSL certificate for any site?

  i want to know how can get SSL certificate for any website and what is the main benefit for particular website with the help of this certificate.

  Hi,
  Would you please let me know edition information of the SBS server? Was it SBS 2008 or SBS 2011?
  Based on your description, I’m a little confused with your question. Did you mean that want to know why need
  SSL certificate for website?
  Certificate Services and SSL protect sensitive information by encrypting the data sent between client browsers
  and your server.
  An SSL Certificate is used for two reasons (1) to validate the remote server to the client before the client sends any data to that server (2) to encrypt the data between the client and server over an un-secure network (ie. the Internet). You can use
  a self-issued certificate or a third-party trusted certificate. For more details, please refer to following articles and check if can help you.
  Managing Certificates
  SSL and Certificates
  Understanding Self-Issued
  Certificates in SBS 2003 & SBS 2008
  Installing a GoDaddy Standard
  SSL Certificate on SBS 2008
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
  does not guarantee the accuracy of this information.
  If anything I misunderstand or any update, please don’t hesitate to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Looking for help to update the certificate for my Exchange Email Account...

  I'm trying to update the certificate for my Exchange Email Account...Dell had me delete the account, install the new certificate on my phone, and set up the email again...But it still won't work and acts like it can't find/use the new cert.  Any suggestions besides a hard resest of the phone?

  That's a great question, LSchmitz!
  Is the e-mail account on your cell phone? Which device? If its on your phone, an Exchange e-mail, may need to be provisioned/ set up by your employer/ IT department.
  VanessaS_VZW
  Follow us on Twitter @VZWSupport
  If my response answered your question please click the "Correct Answer" button under my response. This ensures others can benefit from our conversation. Thanks in advance for your help with this!!

• Is it possible to use single ssl certificate for multiple server farm with different FQDN?

  Hi
  We generated the CSR request for versign secure site pro certificate
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin:0in;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;}
  SSL Certificate for cn=abc.com   considering abc.com as our major domain. now we have servers in this domain like    www.abc.com,   a.abc.com , b.abc.com etc. we installed the verisign certificate and configured ACE-20 accordingly for ssl-proxy and we will use same certificate gerated for abc.com for all servers like www.abc.com , a.abc.com , b.abc.com etc. Now when we are trying to access https//www..abc.com or https://a.abc.com through mozilla , we are able to access the service but we are getting this message in certfucate status " you are connected to abc.com which is run by unknown "
  And the same message when trying to access https://www.abc.com from Google Chrome.
  "This is probably not the site you are looking for! You attempted to reach www.abc.com, but instead you actually reached a server identifying itself as abc.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of adgate.kfu.edu.sa. You should not proceed"
  so i know as this certficate is for cn=abc.com that is why we are getting such errors/status in ssl certficate.
  Now my question is
  1. Is is possible to  remove above errors doing some ssl configuration on ACE?
  2. OR we have to go for VerisgnWildcard Secure Site Pro Certificate  for CSR generated uisng cn =abc.com to be installed on ACE  and will be used  for all servers like  www.abc.com , a.abc.com etc..
  Thanks
  Waliullah

  If you want to use the same VIP and port number for multiple FQDNs, then you will need to get a wildcard certificate.  Currently, if you enter www.abc.com in your browser, that is what the browser expects to see in the certificate.  And right now it won't beause your certificate is for abc.com.  You need a wildcard cert that will be for something like *.abc.com.
  Hope this helps,
  Sean

• Exchange 2010 server with 2 DAG servers - DAG1 and DAG2 - backup with 2 DPM servers one for each DAG server

  Hello,
    Please advice, i have an Exchange 2010 server with 2 DAG servers - DAG1 and DAG2 - backup with 2 DPM servers, one for DAG1 and one for DAG2 is it possible ?

  Hi,
  I confirmed with Exchange support team that DAGs could be backed up separately.
  Meanwhile backup database is important if you need to recover both Exchange server settings and database. See:
  Recover a database availability group member server
  http://technet.microsoft.com/en-us/library/dd638206.aspx
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• RV120W SSL Certificate for Client

  Hello,
  When I try to export an SSL Certificate for a Client I get a htps.CSR file instead of the .PEM file. So, I can't update the client computer with the correct certificate.
  Firmware:
  1.0.2.6
  Help?

  Hello Sir, My name is Eric Moyers. I also responded to your other thread.
  I am pulling one of these out of our storage room and looking at the procedure. Will update you when I have something.
  Thanks
  Eric Moyers
  Cisco Network Support Engineer
  SBSC WIreless and Surveillance SME
  CCNA, CCNA-Wireless
  1-866-606-1866