Rename domain with exchange 2010 server

I have a 2 server domain. My primary File Server is also my domain controller. It is running Windows 2008 32 bit Server. My other server is running Windows 2008 R2 with Exchange 2010. My clients are all using Outlook 2010. Forever the internal domain has been xxx.local and the external domain is yyyyyy.org. When running Exchange 2003 this never created any significant issues. After migrating to Exchange 2010, I quickly discovered the issue with SSL Certificates not being issued for .local domains anymore. I did purchase a Certificate for the external domain do users have no issues there. The internal users can use Outlook 2010 but get regular and annoying messages about a certificate mismatch error because of the xxx.local domain.

Is there an easy way to rename the domain without having to basically wipe and reload exchange after a domain rename? Everything I read says domain renames are not supported if Exchange 2007 or Exchange 2010 exist in the domain.

Thanks,



You need to configure Split DNS internally to avoid the security alert prompt. You will also need to update all of your virtual directories for internal to match what you have set externally. High level steps below...

- Create a new Zone on the DNS server (internally)
- Named yyyy.org
- In that zone create an A (host) record for mail.yyyy.org (pointing to your CAS server or cas load balanced IP)
- Open the EMC
- modify all of the virtual directories so that they all match what you have externally.. example

External: https://mail.yyyy.org/owa
Internal: https://mail.yyyy.org/owa

Once you have done that have your clients re-launch Outlook and they will not see the prompt with the security warning.

There is no need to RENAME your domain. Split DNS is the answer here.

Will.



You need to configure Split DNS internally to avoid the security alert prompt. You will also need to update all of your virtual directories for internal to match what you have set externally. High level steps below...

- Create a new Zone on the DNS server (internally)
- Named yyyy.org
- In that zone create an A (host) record for mail.yyyy.org (pointing to your CAS server or cas load balanced IP)
- Open the EMC
- modify all of the virtual directories so that they all match what you have externally.. example

External: https://mail.yyyy.org/owa
Internal: https://mail.yyyy.org/owa

Once you have done that have your clients re-launch Outlook and they will not see the prompt with the security warning.

There is no need to RENAME your domain. Split DNS is the answer here.

Will.





Will's response is the correct answer and the solution, I would just like to add one comment:
By creating yyyy.org zone on your internal DNS it will then try to resolve all queries for that domain. If you have a.yyyy.org and b.yyyy.org externally you will want those internal as well otherwise internal cleints won't be able to resolve them.

The other option is to create your internal zone as the full name of your mail server then simply ad a "same as parent" record. This way all DNS queries will still go to the web except for that specific host.

Steps:

Create new primary zone on your DNS server, name it mail.yyyy.org.


Create new host record in that zone, leave the host name blank and just enter the IP address. This will create a "same as parent" record.


Follow the rest of Will's steps.



If you want complete detail on this then ExchangeServerPro has a complete article regarding this. See below link.
http://exchangeserverpro.com/ssl-requirements-for-exchange-when-certificate-authorities-wont-issue-certificate/

Will.



I don't see any parts of that article that are relevant to me. I need assistance creating the split domain.

Thanks,

Peter

Share this

Related Posts

There was an error in this gadget