Re: Adding Exchange 2003 to Exchange 2007 Forest
Thanks to Michael, and to Chuck for the answer.. [I just couldn't find anything definitive on it, and now I have it] - Original Message From: Michael B. Smith [EMAIL PROTECTED] To: MS-Exchange Admin Issues exchangelist@lyris.sunbelt-software.com Sent: Wednesday, 11 June, 2008 2:13:16 PM Subject: RE: Adding Exchange 2003 to Exchange 2007 Forest If there was previously Exchange 2000 or 2003 in the environment, then yes. If it was a Greenfield Exchange 2007 installation, then no. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com From:ROBERT WILCOX [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 11, 2008 7:25 AM To: MS-Exchange Admin Issues Subject: Adding Exchange 2003 to Exchange 2007 Forest Hi all, Is it possible to add in an Exchange 2003 server to a Forest which has a running Exchange 2007 server? Thanks Rob ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Error when moving mailboxes (UNCLASSIFIED)
Looking at eventide.net, the first has nothing, but the second event you list, 1008, may have a resolution for you. It gives a few scenarios, with different solutions, so you might want to take a look at it yourself. \\Steve// -Original Message- From: Matteson, John H Jr USA Mr USA 25th SigBN (ITT) [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2008 1:40 AM To: MS-Exchange Admin Issues Subject: RE: Error when moving mailboxes (UNCLASSIFIED) Yes, there are errors in the event log. Source MSEXCHANGEADMIN EVENT ID: 9170 and Event ID: 1008 Source: MSEXCHANGEADMIN John H. Matteson, Jr. Systems Administrator/ITT Systems Forward Operating Base Orgun-E Afghanistan DSN - 318 431 8001 VoSIP - (308) 431 - Iridium SatPhone - 717.633.3823 Roshain Mobile - 079 - 736 - 3832 In the first place, we should insist that if the immigrant who comes here in good faith becomes an American and assimilates himself to us, he shall be treated on an exact equality with everyone else, for it is an outrage to discriminate against any such man because of creed, or birthplace, or origin. But this is predicated upon the person's becoming in every facet an American, and nothing but an American... There can be no divided allegiance here. Any man who says he is an American, but something else also, isn't an American at all. We have room for but one flag, the American flag.. We have room for but one language here, and that is the English language... and we have room for but one sole loyalty and that is a loyalty to the American people. Teddy Roosevelt; 1907 -Original Message- From: Steve Szabo [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 11, 2008 4:02 AM To: MS-Exchange Admin Issues Subject: RE: Error when moving mailboxes (UNCLASSIFIED) Any indication of the error in the Event Logs? \\Steve// From: Matteson, John H Jr USA Mr USA 25th SigBN (ITT) [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 10, 2008 6:53 AM To: MS-Exchange Admin Issues Subject: Error when moving mailboxes (UNCLASSIFIED) Classification: UNCLASSIFIED Caveats: NONE Good day to everyone: I am currently in the process of moving mailboxes from one MDB on an Exchange 2003 server to another in an attempt to recover about 50% whitespace. When running the EXCHANGE TASK of MOVE MAILBOX I will sometimes receive an error on a mailbox. The detailed report records an error of 0x80072020. I've Googled the error and it seems to be related to accessing Active Directory. Does anyone on the list have an idea of how to fix this? Thanks. John H. Matteson, Jr. Systems Administrator/ITT Systems Forward Operating Base Orgun-E Afghanistan DSN - 318 431 8001 VoSIP - (308) 431 - Iridium SatPhone - 717.633.3823 Roshain Mobile - 079 - 736 - 3832 In the first place, we should insist that if the immigrant who comes here in good faith becomes an American and assimilates himself to us, he shall be treated on an exact equality with everyone else, for it is an outrage to discriminate against any such man because of creed, or birthplace, or origin. But this is predicated upon the person's becoming in every facet an American, and nothing but an American... There can be no divided allegiance here. Any man who says he is an American, but something else also, isn't an American at all. We have room for but one flag, the American flag.. We have room for but one language here, and that is the English language... and we have room for but one sole loyalty and that is a loyalty to the American people. Teddy Roosevelt; 1907 Classification: UNCLASSIFIED Caveats: NONE ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: ex2k3 for dummies
The test message was going to the external IP and did arrive. When I add City A as a Connected Routing Group (and the associated smart host) I can send email City B - City A, but City B's email to the net stops working. On Wed, Jun 11, 2008 at 3:03 PM, Barsodi.John [EMAIL PROTECTED] wrote: How are you routing between sites? Over the internet or over the MPLS? If over the MLPS, how is that configured? Anything filtering in between the servers? When you performed that telnet session, what IP were you connecting to? The internal or external IP? Did that test message you performed earlier end up in the mailbox? A 4.4.7 generally means there is a problem with the recipient's address. *From:* G.Waleed Kavalec [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, June 11, 2008 11:55 AM *To:* MS-Exchange Admin Issues *Subject:* Re: ex2k3 for dummies Two servers, same AD domain, different TLD's to the net. The 4.4.7 happens ONLY on messages going from server to server. On Wed, Jun 11, 2008 at 12:29 PM, Barsodi.John [EMAIL PROTECTED] wrote: Maybe it's me, but the entire setup seems a bit confusing. Are these servers part of the same Exchange org? Why are you using two different TLD's? .net and .com for redundancy opposed to using MX records and cost. Where are you getting the 4.4.7 when you send inbound from the internet? Or between servers? If between servers are you delivering the mail via the internet or the internal MPLS connection? *From:* G.Waleed Kavalec [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, June 11, 2008 11:19 AM *To:* MS-Exchange Admin Issues *Subject:* Re: ex2k3 for dummies Here is where it get's confusing. The following occurs from a command prompt on the City B Exch 2k3 server... TELNET mail.mycompany.com 220 cordoba.mycompany.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Wed, 11 Jun 2008 13:05:49 -0600 helo 250 cordoba.mycompany.local Hello [12.23.178.130] mail from: [EMAIL PROTECTED] 250 2.1.0 [EMAIL PROTECTED] OK rcpt to:kavalec 250 2.1.5 [EMAIL PROTECTED] data 354 Start mail input; end with CRLF.CRLF the quick red fox . 250 2.6.0 [EMAIL PROTECTED] Queued mail for delivery And - of course - I get the email in City A The above works manually, so what - in City B's Ex2k3 server (on the above machine) - is causing the 4.4.7 ? On Wed, Jun 11, 2008 at 9:20 AM, G.Waleed Kavalec [EMAIL PROTECTED] wrote: I do halff-suspect it's a DNS issue (all one domain and all) but I'm not sure of how to go from here. On Wed, Jun 11, 2008 at 8:40 AM, ROBERT WILCOX [EMAIL PROTECTED] wrote: Have a look at the link I included.. the 4.4.7 is coming from the receiving server at the destination domain, because it's having problems looking up the MX record.. (I think). Thanks Rob - Original Message From: G.Waleed Kavalec [EMAIL PROTECTED] To: MS-Exchange Admin Issues exchangelist@lyris.sunbelt-software.com Sent: Wednesday, 11 June, 2008 3:34:34 PM Subject: Re: ex2k3 for dummies Each server has it's own SMTP connector. Part of the idea is redundancy, if City A is under a hurricane, B keeps on ticking. MyCompany.com DNS points to A, MyCompany.net DNS points to B On Wed, Jun 11, 2008 at 7:56 AM, ROBERT WILCOX [EMAIL PROTECTED] wrote: Do you have one SMTP connector setup, and it sits on the server in CityB? Does it have both servers listed as bridgeheads? Try having just CityB listed. This means that when ServerA sends a mail it will travel to ServerB, and ServerB will send it on. Info on 4.4.7 - http://www.123together.com/Support/error_447_non_delivery_message.htm Thanks Rob - Original Message From: G.Waleed Kavalec [EMAIL PROTECTED] To: MS-Exchange Admin Issues exchangelist@lyris.sunbelt-software.com Sent: Wednesday, 11 June, 2008 2:44:27 PM Subject: ex2k3 for dummies I have a Ex2k3 server in city A and city B, connected by MPLS (VPN). They see each other just fine, I can move mailboxes, etc. City B can send to the internet just fine, but an email to a City A mailbox gets a 4.4.7. Where do I start? -- Gregory Waleed Kavalec - Every gun that is made, every warship launched, every rocket fired, represents, in the final analysis, a theft from those who hunger and are not fed, who are cold and are not clothed. This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. Dwight D. Eisenhower -- Gregory Waleed Kavalec - Every gun that is made, every warship launched, every rocket fired, represents, in the final analysis, a theft from those who hunger and are not fed, who are cold and are not clothed. This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. Dwight
RE: Error when moving mailboxes (UNCLASSIFIED)
Well, after running a few rounds of ISINTEG I was able to move off all the mailboxes that were assigned to my local users. The 7 mailboxes that remain are attached to accounts that I do not have directory permissions to. All the move it or loose it messages have gone out. The MDB gets nuked tomorrow night. John H. Matteson, Jr. Systems Administrator/ITT Systems Forward Operating Base Orgun-E Afghanistan DSN - 318 431 8001 VoSIP - (308) 431 - Iridium SatPhone - 717.633.3823 Roshain Mobile - 079 - 736 - 3832 In the first place, we should insist that if the immigrant who comes here in good faith becomes an American and assimilates himself to us, he shall be treated on an exact equality with everyone else, for it is an outrage to discriminate against any such man because of creed, or birthplace, or origin. But this is predicated upon the person's becoming in every facet an American, and nothing but an American... There can be no divided allegiance here. Any man who says he is an American, but something else also, isn't an American at all. We have room for but one flag, the American flag.. We have room for but one language here, and that is the English language... and we have room for but one sole loyalty and that is a loyalty to the American people. Teddy Roosevelt; 1907 -Original Message- From: Steve Szabo [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2008 2:05 PM To: MS-Exchange Admin Issues Subject: RE: Error when moving mailboxes (UNCLASSIFIED) Looking at eventide.net, the first has nothing, but the second event you list, 1008, may have a resolution for you. It gives a few scenarios, with different solutions, so you might want to take a look at it yourself. \\Steve// -Original Message- From: Matteson, John H Jr USA Mr USA 25th SigBN (ITT) [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2008 1:40 AM To: MS-Exchange Admin Issues Subject: RE: Error when moving mailboxes (UNCLASSIFIED) Yes, there are errors in the event log. Source MSEXCHANGEADMIN EVENT ID: 9170 and Event ID: 1008 Source: MSEXCHANGEADMIN John H. Matteson, Jr. Systems Administrator/ITT Systems Forward Operating Base Orgun-E Afghanistan DSN - 318 431 8001 VoSIP - (308) 431 - Iridium SatPhone - 717.633.3823 Roshain Mobile - 079 - 736 - 3832 In the first place, we should insist that if the immigrant who comes here in good faith becomes an American and assimilates himself to us, he shall be treated on an exact equality with everyone else, for it is an outrage to discriminate against any such man because of creed, or birthplace, or origin. But this is predicated upon the person's becoming in every facet an American, and nothing but an American... There can be no divided allegiance here. Any man who says he is an American, but something else also, isn't an American at all. We have room for but one flag, the American flag.. We have room for but one language here, and that is the English language... and we have room for but one sole loyalty and that is a loyalty to the American people. Teddy Roosevelt; 1907 -Original Message- From: Steve Szabo [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 11, 2008 4:02 AM To: MS-Exchange Admin Issues Subject: RE: Error when moving mailboxes (UNCLASSIFIED) Any indication of the error in the Event Logs? \\Steve// From: Matteson, John H Jr USA Mr USA 25th SigBN (ITT) [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 10, 2008 6:53 AM To: MS-Exchange Admin Issues Subject: Error when moving mailboxes (UNCLASSIFIED) Classification: UNCLASSIFIED Caveats: NONE Good day to everyone: I am currently in the process of moving mailboxes from one MDB on an Exchange 2003 server to another in an attempt to recover about 50% whitespace. When running the EXCHANGE TASK of MOVE MAILBOX I will sometimes receive an error on a mailbox. The detailed report records an error of 0x80072020. I've Googled the error and it seems to be related to accessing Active Directory. Does anyone on the list have an idea of how to fix this? Thanks. John H. Matteson, Jr. Systems Administrator/ITT Systems Forward Operating Base Orgun-E Afghanistan DSN - 318 431 8001 VoSIP - (308) 431 - Iridium SatPhone - 717.633.3823 Roshain Mobile - 079 - 736 - 3832 In the first place, we should insist that if the immigrant who comes here in good faith becomes an American and assimilates himself to us, he shall be treated on an exact equality with everyone else, for it is an outrage to discriminate against any such man because of creed, or birthplace, or origin. But this is predicated upon the person's becoming in every facet an American, and nothing but an American... There can be no divided allegiance here. Any man who says he is an American, but something else also, isn't an American at all. We have room for but one flag, the American flag.. We have room for but one language here, and that is the English language... and
RE: Public folder error
With a new profile a new Nickname cache file is created for that profile. I wonder if somehow the client has bad information in their nickname file that could be contributing to this error. Begin typing the Public Folder name in the From field, when Outlook's nickname cache displays the full name highlight and delete it from that list. Then select the folder name from the GAL before sending the message and see if that helps. Thanks, Peter Dahl From: Steve Ens [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 11, 2008 5:37 PM To: MS-Exchange Admin Issues Subject: Re: Public folder error Is there any reason why i could send as a mail enabled public folder when I am not in cached mode? I created a new profile and tested this, and lo and behold, it went through. Changed back to the original profile and it errored out again. Not sure what causes this, but at least I know a solution On Wed, Jun 11, 2008 at 9:46 AM, Steve Ens [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: Looks like all permissions are set properly in both places. She hasn't been added/edited/deleted from any groups. I've tried creating a different public folder and mail enabling it and adding myself as a send as delegate, same error... The only change I've made lately is adding a BES server in the last few weeks. On Wed, Jun 11, 2008 at 9:15 AM, Nikki Peterson - OETX [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] wrote: I would look to see if you have Explicitly denied her the CREATE either by group membership or something similar. Then I would make sure that she really has SEND AS permissions by checking on the properties, permissions tab, Directory rights (using ESM). The other place to check is on the properties of the PF, Administration tab. Make sure that the This folder is available to: is set to All users with access permission and not Owners only. Sometimes you just need to wait for replication. Nikki From: Steve Ens [mailto:[EMAIL PROTECTED]mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 11, 2008 7:02 AM To: MS-Exchange Admin Issues Subject: Public folder error You do not have perm to send to this recipient. For assistance, contact your system administrator I've mail enabled a public folder on E2K3...the user cannot send as (when replying to requests) the public folder address. She has delegate permissions, send as, etc...she as author rights to the public folder. I've googled all day trying to find the answer. Any ideas? Thanks Steve This communication is confidential and may be legally privileged. If you are not the intended recipient, (i) please do not read or disclose to others, (ii) please notify the sender by reply mail, and (iii) please delete this communication from your system. Failure to follow this process may be unlawful. Thank you for your cooperation. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Exchange Certificate
Pardon my jump in here on this old thread but I've been on vacation for a while and just now catching up. Care to elaborate on the comment about wildcard cert problems? We just purchased one and I'd like to start using it but if it is going to cause problems, I'd appreciate any heads-up you can share. Thanks. Glen. From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 28, 2008 1:23 PM To: MS-Exchange Admin Issues Subject: RE: Exchange Certificate There isn't a lot to it. Use the wizard on this page to generate the request: https://www.digicert.com/easy-csr/exchange2007.htm You need to include the real name of the server (server), the FQDN of the server (server.domain.local), the OWA address (owa.domain.com) and the autodiscover (autodiscover.domain.com). Most of the SSL providers allow five domains. I usually recommend that the owa address is the main common name. Once you have generated the request command, paste in to PowerShell on the server. You don't have to use Digicert. You can then take the result and use it with your preferred vendor. http://certificatesforexchange.com/ (disclaimer - that is my site) does the certificates for US$59.99/year which are from GoDaddy but are cheaper than GoDaddy are currently selling the certificates for. Don't be tempted to use a wildcard certificate as there can be some issues with their use. After you get the certificate back from the supplier, you need to import the result: http://technet.microsoft.com/en-us/library/bb124424.aspx Finally you can enable the certificate for the services that you require. For that I tend to use PowerGui (http://www.powergui.org) which makes the process quick and easy. For certificate acceptance you will have to adjust the URLs on some services, and ensure that the clients are using the correct URL for access. This is particularly important with POP3 and IMAP which can often not cope with SSL prompts - for example you are using the IP address for the server. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ From: Ehren Benson [mailto:[EMAIL PROTECTED] Sent: 28 May 2008 17:55 To: MS-Exchange Admin Issues Subject: RE: Exchange Certificate Sorry, exchange 2007 Ehren J. Benson, MCSE Windows Systems Administrator [EMAIL PROTECTED] 517-884-5469 From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 28, 2008 12:47 PM To: MS-Exchange Admin Issues Subject: RE: Exchange Certificate Knowing the version of Exchange would be a great help. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com From: Ehren Benson [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 28, 2008 12:36 PM To: MS-Exchange Admin Issues Subject: Exchange Certificate Hello! I need to get a certificate so that the warnings can go away for IMAP, SMTP and OWA. I have done a bit of reading on this and it seems less than straightforward. Has anyone done this and had an easy or hard time with it? Who did you buy your cert from and do you have any resources that clearly specify how to create the request and then import the cert. I want to have my ducks in a row before I do this because I know just as it can make everything work smoothly it can expediously bring everything to a screeching halt if not done correctly! Thanks Ehren J. Benson, MCSE Windows Systems Administrator Department of Physics and Astronomy Michigan State University 1209 A Biomed Phys Sci [EMAIL PROTECTED] 517-884-5469 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: SBS/Exchange
Funny, I just went through this early this week. Found out it was profile related. Recreate the user's mail profile and try again. Are you trying to send as someone else, or is it a email from the person's account? On Wed, Jun 11, 2008 at 10:10 PM, [EMAIL PROTECTED] wrote: Hi all, I have a user getting this, and I can't seem to track down what's going wrong. Logs show nothing, and message tracker simply shows there was a NDR generated. Any help would be appreciated. _ *From:* System Administrator *Sent:* Wednesday, June 11, 2008 2:08 PM *To:* EMAILADDRESS *Subject* [EMAIL PROTECTED]*:* Undeliverable: pls call me regarding the Space at Your message did not reach some or all of the intended recipients. Subject:pls call me regarding the Space at Sent: 6/11/2008 2:08 PM The following recipient(s) could not be reached: EMAILADDRESS on 6/11/2008 2:08 PM You do not have permission to send to this recipient. For assistance, contact your system administrator. MSEXCH:MSExchangeIS:/DC=local/DC=domainname:SBS Dave Disclaimer and confidentiality note: The contents of this communication are intended/meant only for addressee(s) and may contain information that is privileged or otherwise confidential. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. The contents of this e-mail shall not be forwarded to any third party. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email, so that the sender's address records can be corrected. Views and opinions are solely those of the sender unless clearly indicated as being that of Beach Computers or any of it's affiliated companies. Beach Computers cannot assure that the integrity of this communication has been maintained or that it is free of errors, virus, interception or interference. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Exchange Certificate
It can make using activesync with windows mobile to sync with exchange difficult or impossible, depending on the device/carrier. Glen Johnson wrote: !-- /* Font Definitions */ @font-face {font-family:Cambria Math; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:Arial Rounded MT Bold; panose-1:2 15 7 4 3 5 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:Calibri,sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} p {mso-style-priority:99; mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt; font-family:Times New Roman,serif;} span.EmailStyle18 {mso-style-type:personal; font-family:Calibri,sans-serif; color:windowtext;} span.EmailStyle19 {mso-style-type:personal; font-family:Calibri,sans-serif; color:#1F497D;} span.EmailStyle20 {mso-style-type:personal; font-family:Calibri,sans-serif; color:#1F497D;} span.EmailStyle21 {mso-style-type:personal-reply; font-family:Calibri,sans-serif; color:#1F497D;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.Section1 {page:Section1;} -- Pardon my jump in here on this old thread but I’ve been on vacation for a while and just now catching up. Care to elaborate on the comment about wildcard cert problems? We just purchased one and I’d like to start using it but if it is going to cause problems, I’d appreciate any heads-up you can share. Thanks. Glen. *From:* Simon Butler [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 1:23 PM *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate There isn't a lot to it. Use the wizard on this page to generate the request: https://www.digicert.com/easy-csr/exchange2007.htm You need to include the real name of the server (server), the FQDN of the server (server.domain.local), the OWA address (owa.domain.com) and the autodiscover (autodiscover.domain.com). Most of the SSL providers allow five domains. I usually recommend that the owa address is the main common name. Once you have generated the request command, paste in to PowerShell on the server. You don't have to use Digicert. You can then take the result and use it with your preferred vendor. http://certificatesforexchange.com/ (disclaimer - that is my site) does the certificates for US$59.99/year which are from GoDaddy but are cheaper than GoDaddy are currently selling the certificates for. Don't be tempted to use a wildcard certificate as there can be some issues with their use. After you get the certificate back from the supplier, you need to import the result: http://technet.microsoft.com/en-us/library/bb124424.aspx Finally you can enable the certificate for the services that you require. For that I tend to use PowerGui (http://www.powergui.org) which makes the process quick and easy. For certificate acceptance you will have to adjust the URLs on some services, and ensure that the clients are using the correct URL for access. This is particularly important with POP3 and IMAP which can often not cope with SSL prompts - for example you are using the IP address for the server. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ http://certificatesforexchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ http://domainsforexchange.net/ *From:* Ehren Benson [mailto:[EMAIL PROTECTED] *Sent:* 28 May 2008 17:55 *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate Sorry, exchange 2007 Ehren J. Benson, MCSE *Windows Systems Administrator* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 517-884-5469 *From:* Michael B. Smith [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 12:47 PM *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate Knowing the version of Exchange would be a great help. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com *From:* Ehren Benson [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 12:36 PM *To:* MS-Exchange Admin Issues *Subject:* Exchange Certificate Hello! I need to get a certificate so that the warnings can go away for IMAP, SMTP and OWA. I have done a bit of reading on this and it seems less than straightforward. Has anyone done this and had an easy or hard time with
RE: SBS/Exchange
It turned out, I think, as a user error. Typing the from address instead of to. GRRR Disclaimer and confidentiality note: The contents of this communication are intended/meant only for addressee(s) and may contain information that is privileged or otherwise confidential. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. The contents of this e-mail shall not be forwarded to any third party. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email, so that the sender's address records can be corrected. Views and opinions are solely those of the sender unless clearly indicated as being that of Beach Computers or any of it's affiliated companies. Beach Computers cannot assure that the integrity of this communication has been maintained or that it is free of errors, virus, interception or interference. From: Steve Ens [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2008 10:47 AM To: MS-Exchange Admin Issues Subject: Re: SBS/Exchange Funny, I just went through this early this week. Found out it was profile related. Recreate the user's mail profile and try again. Are you trying to send as someone else, or is it a email from the person's account? On Wed, Jun 11, 2008 at 10:10 PM, [EMAIL PROTECTED] wrote: Hi all, I have a user getting this, and I can't seem to track down what's going wrong. Logs show nothing, and message tracker simply shows there was a NDR generated. Any help would be appreciated. _ From: System Administrator Sent: Wednesday, June 11, 2008 2:08 PM To: EMAILADDRESS mailto:[EMAIL PROTECTED] Subject: Undeliverable: pls call me regarding the Space at Your message did not reach some or all of the intended recipients. Subject:pls call me regarding the Space at Sent: 6/11/2008 2:08 PM The following recipient(s) could not be reached: EMAILADDRESS on 6/11/2008 2:08 PM You do not have permission to send to this recipient. For assistance, contact your system administrator. MSEXCH:MSExchangeIS:/DC=local/DC=domainname:SBS Dave Disclaimer and confidentiality note: The contents of this communication are intended/meant only for addressee(s) and may contain information that is privileged or otherwise confidential. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. The contents of this e-mail shall not be forwarded to any third party. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email, so that the sender's address records can be corrected. Views and opinions are solely those of the sender unless clearly indicated as being that of Beach Computers or any of it's affiliated companies. Beach Computers cannot assure that the integrity of this communication has been maintained or that it is free of errors, virus, interception or interference. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Exchange Certificate
Windows Mobile prior to version 6 do not support wildcard certificates. That will mean you cannot use the certificate to secure Exchange ActiveSync. Simon. From: Glen Johnson [mailto:[EMAIL PROTECTED] Sent: 12 June 2008 15:45 To: MS-Exchange Admin Issues Subject: RE: Exchange Certificate Pardon my jump in here on this old thread but I've been on vacation for a while and just now catching up. Care to elaborate on the comment about wildcard cert problems? We just purchased one and I'd like to start using it but if it is going to cause problems, I'd appreciate any heads-up you can share. Thanks. Glen. From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 28, 2008 1:23 PM To: MS-Exchange Admin Issues Subject: RE: Exchange Certificate There isn't a lot to it. Use the wizard on this page to generate the request: https://www.digicert.com/easy-csr/exchange2007.htm You need to include the real name of the server (server), the FQDN of the server (server.domain.local), the OWA address (owa.domain.com) and the autodiscover (autodiscover.domain.com). Most of the SSL providers allow five domains. I usually recommend that the owa address is the main common name. Once you have generated the request command, paste in to PowerShell on the server. You don't have to use Digicert. You can then take the result and use it with your preferred vendor. http://certificatesforexchange.com/ (disclaimer - that is my site) does the certificates for US$59.99/year which are from GoDaddy but are cheaper than GoDaddy are currently selling the certificates for. Don't be tempted to use a wildcard certificate as there can be some issues with their use. After you get the certificate back from the supplier, you need to import the result: http://technet.microsoft.com/en-us/library/bb124424.aspx Finally you can enable the certificate for the services that you require. For that I tend to use PowerGui (http://www.powergui.org) which makes the process quick and easy. For certificate acceptance you will have to adjust the URLs on some services, and ensure that the clients are using the correct URL for access. This is particularly important with POP3 and IMAP which can often not cope with SSL prompts - for example you are using the IP address for the server. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/http://certificatesforexchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/http://domainsforexchange.net/ From: Ehren Benson [mailto:[EMAIL PROTECTED] Sent: 28 May 2008 17:55 To: MS-Exchange Admin Issues Subject: RE: Exchange Certificate Sorry, exchange 2007 Ehren J. Benson, MCSE Windows Systems Administrator [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] 517-884-5469 From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 28, 2008 12:47 PM To: MS-Exchange Admin Issues Subject: RE: Exchange Certificate Knowing the version of Exchange would be a great help. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com From: Ehren Benson [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 28, 2008 12:36 PM To: MS-Exchange Admin Issues Subject: Exchange Certificate Hello! I need to get a certificate so that the warnings can go away for IMAP, SMTP and OWA. I have done a bit of reading on this and it seems less than straightforward. Has anyone done this and had an easy or hard time with it? Who did you buy your cert from and do you have any resources that clearly specify how to create the request and then import the cert. I want to have my ducks in a row before I do this because I know just as it can make everything work smoothly it can expediously bring everything to a screeching halt if not done correctly! Thanks Ehren J. Benson, MCSE Windows Systems Administrator Department of Physics and Astronomy Michigan State University 1209 A Biomed Phys Sci [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] 517-884-5469 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Exchange Certificate
Thanks. If that is the main problem, we'll be ok for now. No active sync going on here. -Original Message- From: wjh [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2008 11:04 AM To: MS-Exchange Admin Issues Subject: Re: Exchange Certificate It can make using activesync with windows mobile to sync with exchange difficult or impossible, depending on the device/carrier. Glen Johnson wrote: !-- /* Font Definitions */ @font-face {font-family:Cambria Math; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:Arial Rounded MT Bold; panose-1:2 15 7 4 3 5 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:Calibri,sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} p {mso-style-priority:99; mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt; font-family:Times New Roman,serif;} span.EmailStyle18 {mso-style-type:personal; font-family:Calibri,sans-serif; color:windowtext;} span.EmailStyle19 {mso-style-type:personal; font-family:Calibri,sans-serif; color:#1F497D;} span.EmailStyle20 {mso-style-type:personal; font-family:Calibri,sans-serif; color:#1F497D;} span.EmailStyle21 {mso-style-type:personal-reply; font-family:Calibri,sans-serif; color:#1F497D;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.Section1 {page:Section1;} -- Pardon my jump in here on this old thread but I've been on vacation for a while and just now catching up. Care to elaborate on the comment about wildcard cert problems? We just purchased one and I'd like to start using it but if it is going to cause problems, I'd appreciate any heads-up you can share. Thanks. Glen. *From:* Simon Butler [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 1:23 PM *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate There isn't a lot to it. Use the wizard on this page to generate the request: https://www.digicert.com/easy-csr/exchange2007.htm You need to include the real name of the server (server), the FQDN of the server (server.domain.local), the OWA address (owa.domain.com) and the autodiscover (autodiscover.domain.com). Most of the SSL providers allow five domains. I usually recommend that the owa address is the main common name. Once you have generated the request command, paste in to PowerShell on the server. You don't have to use Digicert. You can then take the result and use it with your preferred vendor. http://certificatesforexchange.com/ (disclaimer - that is my site) does the certificates for US$59.99/year which are from GoDaddy but are cheaper than GoDaddy are currently selling the certificates for. Don't be tempted to use a wildcard certificate as there can be some issues with their use. After you get the certificate back from the supplier, you need to import the result: http://technet.microsoft.com/en-us/library/bb124424.aspx Finally you can enable the certificate for the services that you require. For that I tend to use PowerGui (http://www.powergui.org) which makes the process quick and easy. For certificate acceptance you will have to adjust the URLs on some services, and ensure that the clients are using the correct URL for access. This is particularly important with POP3 and IMAP which can often not cope with SSL prompts - for example you are using the IP address for the server. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ http://certificatesforexchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ http://domainsforexchange.net/ *From:* Ehren Benson [mailto:[EMAIL PROTECTED] *Sent:* 28 May 2008 17:55 *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate Sorry, exchange 2007 Ehren J. Benson, MCSE *Windows Systems Administrator* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 517-884-5469 *From:* Michael B. Smith [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 12:47 PM *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate Knowing the version of Exchange would be a great help. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com *From:* Ehren Benson [mailto:[EMAIL
Can Public Folders receive NDR failure reports?
::Exchange 2003 From what I am seeing, the answer is no - but I never would have guesses this would be true. Is there a reghack I need to apply in order to receive server-generated NDR failures? Odd thing is that delay status messages appear to work fine, but failure messages do not. TIA! -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Resource Calendar Issue
I have an Exchange 2003 SP2 Server with clients running Outlook 2003 SP2. I am trying to setup resource calendar for each one of our conference rooms. I have created a user account and mailbox for each resource and logged in with outlook to setup the resource calendar options. I am going to instruct users to choose the conference rooms as a resource, however, I am sure some of them will mess up and choose it as required. My problem is that only one of the resource mailboxes actually send a message back stating that the meeting is accepted or declined if a user does it this way. Is there anyway to configure each resource mailbox to send an e-mail back stating something about the meeting they are trying to book? Chris Pohlschneider Network Administrator [EMAIL PROTECTED] 937-494-2559 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Can Public Folders receive NDR failure reports?
Are you talking mail enabled folders? usually it is the person who sends as that gets the NDR... On Thu, Jun 12, 2008 at 1:50 PM, Micheal Espinola Jr [EMAIL PROTECTED] wrote: ::Exchange 2003 From what I am seeing, the answer is no - but I never would have guesses this would be true. Is there a reghack I need to apply in order to receive server-generated NDR failures? Odd thing is that delay status messages appear to work fine, but failure messages do not. TIA! -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Can Public Folders receive NDR failure reports?
Right. But how about in this case: The message is being originated from a web-app, being sent via an authenticated connection to my Exchange server. Failure NDRs do not seem to be landing back to the return-path (assigned to a public folder). However, status delay NDRs do. Its just the failure replies that seem to not. I'm perplexed to say the least. If a PF can indeed accept a failure NDR, then my next guess is that the 'envelope sender' used by the .NET hook is perhaps different that what the web guys configured as the return-path... On Thu, Jun 12, 2008 at 3:07 PM, Steve Ens [EMAIL PROTECTED] wrote: Are you talking mail enabled folders? usually it is the person who sends as that gets the NDR... On Thu, Jun 12, 2008 at 1:50 PM, Micheal Espinola Jr [EMAIL PROTECTED] wrote: ::Exchange 2003 From what I am seeing, the answer is no - but I never would have guesses this would be true. Is there a reghack I need to apply in order to receive server-generated NDR failures? Odd thing is that delay status messages appear to work fine, but failure messages do not. TIA! -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Can Public Folders receive NDR failure reports?
The ndr is deleted by Exchange. If you turn up logging you can see the basic information about what message was deleted but it is not as detailed as an NDR would be. Check the More information section of this article. http://support.microsoft.com/kb/900088/en-us Thanks, Peter Dahl. -Original Message- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2008 3:19 PM To: MS-Exchange Admin Issues Subject: Re: Can Public Folders receive NDR failure reports? Right. But how about in this case: The message is being originated from a web-app, being sent via an authenticated connection to my Exchange server. Failure NDRs do not seem to be landing back to the return-path (assigned to a public folder). However, status delay NDRs do. Its just the failure replies that seem to not. I'm perplexed to say the least. If a PF can indeed accept a failure NDR, then my next guess is that the 'envelope sender' used by the .NET hook is perhaps different that what the web guys configured as the return-path... On Thu, Jun 12, 2008 at 3:07 PM, Steve Ens [EMAIL PROTECTED] wrote: Are you talking mail enabled folders? usually it is the person who sends as that gets the NDR... On Thu, Jun 12, 2008 at 1:50 PM, Micheal Espinola Jr [EMAIL PROTECTED] wrote: ::Exchange 2003 From what I am seeing, the answer is no - but I never would have guesses this would be true. Is there a reghack I need to apply in order to receive server-generated NDR failures? Odd thing is that delay status messages appear to work fine, but failure messages do not. TIA! -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ This communication is confidential and may be legally privileged. If you are not the intended recipient, (i) please do not read or disclose to others, (ii) please notify the sender by reply mail, and (iii) please delete this communication from your system. Failure to follow this process may be unlawful. Thank you for your cooperation. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Bulk Email Verify Utility
Have an email address list in our CRM I would like to validate before I send a newsletter. I see a lot out there, but looking for a suggestion of past success. I the past I know I have tried a few that I didn't like. But I can't recall the name of any I liked either... Free = better. I would prefer a 2-stage approach, DNS check, and then a 'mailbox exists' check if the domain is valid. Thanks, Sam ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Can Public Folders receive NDR failure reports?
Thank you very much Peter! My Google-Fu is slipping.. I didnt come up with anything close to the KB article. Thanks! On Thu, Jun 12, 2008 at 3:47 PM, Dahl, Peter [EMAIL PROTECTED] wrote: The ndr is deleted by Exchange. If you turn up logging you can see the basic information about what message was deleted but it is not as detailed as an NDR would be. Check the More information section of this article. http://support.microsoft.com/kb/900088/en-us Thanks, Peter Dahl. -Original Message- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2008 3:19 PM To: MS-Exchange Admin Issues Subject: Re: Can Public Folders receive NDR failure reports? Right. But how about in this case: The message is being originated from a web-app, being sent via an authenticated connection to my Exchange server. Failure NDRs do not seem to be landing back to the return-path (assigned to a public folder). However, status delay NDRs do. Its just the failure replies that seem to not. I'm perplexed to say the least. If a PF can indeed accept a failure NDR, then my next guess is that the 'envelope sender' used by the .NET hook is perhaps different that what the web guys configured as the return-path... On Thu, Jun 12, 2008 at 3:07 PM, Steve Ens [EMAIL PROTECTED] wrote: Are you talking mail enabled folders? usually it is the person who sends as that gets the NDR... On Thu, Jun 12, 2008 at 1:50 PM, Micheal Espinola Jr [EMAIL PROTECTED] wrote: ::Exchange 2003 From what I am seeing, the answer is no - but I never would have guesses this would be true. Is there a reghack I need to apply in order to receive server-generated NDR failures? Odd thing is that delay status messages appear to work fine, but failure messages do not. TIA! -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ This communication is confidential and may be legally privileged. If you are not the intended recipient, (i) please do not read or disclose to others, (ii) please notify the sender by reply mail, and (iii) please delete this communication from your system. Failure to follow this process may be unlawful. Thank you for your cooperation. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ -- ME2 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Removing Full Access permissions from a user
In Exchange 2007, a user has been granted special permissions, which gives them full access to every mailbox, including any new ones. How can this access be removed in EMC? Thanks, Bob ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Removing Full Access permissions from a user
thanks all, got it from MsExchange TechNet; Remove-ADPermission -Identity Mailbox Store -User UnTrusted User -ExtendedRights Receive-As, Send-As On Thu, Jun 12, 2008 at 4:17 PM, Robert Smith [EMAIL PROTECTED] wrote: In Exchange 2007, a user has been granted special permissions, which gives them full access to every mailbox, including any new ones. How can this access be removed in EMC? Thanks, Bob ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Resource Calendar Issue
The default will pop up a message in Outlook stating whether or not the resource has been booked. What we have done in the past is to setup a rule to auto-reply when the resource is TO: or CC:'d on a message stating you did it wrong, check this link and try again or just add as a resource, then the invite is deleted. -alex On Thu, Jun 12, 2008 at 11:49 AM, Chris Pohlschneider [EMAIL PROTECTED] wrote: I have an Exchange 2003 SP2 Server with clients running Outlook 2003 SP2. I am trying to setup resource calendar for each one of our conference rooms. I have created a user account and mailbox for each resource and logged in with outlook to setup the resource calendar options. I am going to instruct users to choose the conference rooms as a resource, however, I am sure some of them will mess up and choose it as required. My problem is that only one of the resource mailboxes actually send a message back stating that the meeting is accepted or declined if a user does it this way. Is there anyway to configure each resource mailbox to send an e-mail back stating something about the meeting they are trying to book? Chris Pohlschneider Network Administrator [EMAIL PROTECTED] 937-494-2559 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Exchange Certificate
Only one I've seen is WM5 devices don't like it On Thu, Jun 12, 2008 at 7:44 AM, Glen Johnson [EMAIL PROTECTED] wrote: Pardon my jump in here on this old thread but I've been on vacation for a while and just now catching up. Care to elaborate on the comment about wildcard cert problems? We just purchased one and I'd like to start using it but if it is going to cause problems, I'd appreciate any heads-up you can share. Thanks. Glen. *From:* Simon Butler [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 1:23 PM *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate There isn't a lot to it. Use the wizard on this page to generate the request: https://www.digicert.com/easy-csr/exchange2007.htm You need to include the real name of the server (server), the FQDN of the server (server.domain.local), the OWA address (owa.domain.com) and the autodiscover (autodiscover.domain.com). Most of the SSL providers allow five domains. I usually recommend that the owa address is the main common name. Once you have generated the request command, paste in to PowerShell on the server. You don't have to use Digicert. You can then take the result and use it with your preferred vendor. http://certificatesforexchange.com/ (disclaimer - that is my site) does the certificates for US$59.99/year which are from GoDaddy but are cheaper than GoDaddy are currently selling the certificates for. Don't be tempted to use a wildcard certificate as there can be some issues with their use. After you get the certificate back from the supplier, you need to import the result: http://technet.microsoft.com/en-us/library/bb124424.aspx Finally you can enable the certificate for the services that you require. For that I tend to use PowerGui (http://www.powergui.org) which makes the process quick and easy. For certificate acceptance you will have to adjust the URLs on some services, and ensure that the clients are using the correct URL for access. This is particularly important with POP3 and IMAP which can often not cope with SSL prompts - for example you are using the IP address for the server. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ http://certificatesforexchange.com/for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/http://domainsforexchange.net/ -- *From:* Ehren Benson [mailto:[EMAIL PROTECTED] *Sent:* 28 May 2008 17:55 *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate Sorry, exchange 2007 Ehren J. Benson, MCSE *Windows Systems Administrator* [EMAIL PROTECTED] 517-884-5469 *From:* Michael B. Smith [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 12:47 PM *To:* MS-Exchange Admin Issues *Subject:* RE: Exchange Certificate Knowing the version of Exchange would be a great help. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com *From:* Ehren Benson [mailto:[EMAIL PROTECTED] *Sent:* Wednesday, May 28, 2008 12:36 PM *To:* MS-Exchange Admin Issues *Subject:* Exchange Certificate Hello! I need to get a certificate so that the warnings can go away for IMAP, SMTP and OWA. I have done a bit of reading on this and it seems less than straightforward. Has anyone done this and had an easy or hard time with it? Who did you buy your cert from and do you have any resources that clearly specify how to create the request and then import the cert. I want to have my ducks in a row before I do this because I know just as it can make everything work smoothly it can expediously bring everything to a screeching halt if not done correctly! Thanks Ehren J. Benson, MCSE *Windows Systems Administrator* Department of Physics and Astronomy Michigan State University 1209 A Biomed Phys Sci [EMAIL PROTECTED] 517-884-5469 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~