SBS 2008: using cert and dyndns.info and Outlook anywhere

Discussion in 'Windows Small Business Server' started by GARETT - TVGTECH, Apr 15, 2009.

  1. In SBS 2003, we could generate a cert based on need.

    Now upgraded from 03 to 08. Client has dynamic DNS that points to their
    server: xxx.dyndns.info

    MX still point to xxx.dyndns.info.
    Mail works fine just like in 03
    If you goto: xxx.dyndns.info/remote or owa - it works

    NS have a Cname that points remote.xxx.com to xxx.dyndns.info/remote
    (also a redirect in the NS control Panel)

    On LAN, outlook anywhere works fine(assuming that the server pushes out the
    cert when logging into mobile laptop)

    PROBLEM:
    From Remote for mobile laptop, outlook anywhere does not connect.

    says server not available.(tried correct auth )
    Tried the test exchange site and it times out and cert fails.

    Question:
    How can I generate my own unique cert like sbs 2003 for xxx.dyndns.info?
    or
    What other options should we do?

    Thanks.

    GC
     
    GARETT - TVGTECH, Apr 15, 2009
    #1
    1. Advertisements

  2. You need to physically have the cert on the remote computer. With SBS 03,
    you could install the cert while remote, but not with SBS 08.

    But you can still generate your own certificate, which you've probably done
    already.

    In the SBS console, Network > Connectivity tab - click under Web Server
    Certificate, and then on the right hand side, Open Certificate Installation
    Package. You'll see a zip file - put that on a USB key and run it on the
    remote computer to install the certificate.

    There's an "announcement" on your companyweb with full details.
     
    Les Connor [SBS MVP], Apr 15, 2009
    #2
    1. Advertisements

  3. Thanks Les.

    Remote user said they installed. (we uploaded to a secure FTP and they dload
    it and ran it.)

    That cert says installed.

    Is the problem the fact that xxx.dyndns.info is the external server and the
    internal is remote.xxx.com and that's where the cert is having an issue?

    What else can I do?

    Thanks Les.


     
    GARETT - TVGTECH, Apr 15, 2009
    #3
  4. The cert name must match what you use to access the site, so if you built
    your cert for remtote.whatever.whatever, you'd need a matching dns record
    and would use that to access the site. If that's not the case, then you can
    create a dns record that matches the name in the cert, or, create a new cert
    that matches a dns record you already have - like mail.whatever.whatever.

    If you don't want to use the default of remote., you need to click
    'advanced' (I think it is) in the wizard and you can then specify an
    alternate name.

    --
    -----------------------------------------------
    Les Connor [SBS MVP]

     
    Les Connor [SBS MVP], Apr 15, 2009
    #4
  5. Thanks Les.

    Tried that but when advanced option, had difficult time figuring out what
    option.

    NOTICED:
    Cert enrollment requests - actually had the cert I needed. xxx.dyndns.info
    Intended purpose: ALL

    I copied to trusted, then to personal certificates.
    Now it still says intended purpose - all

    The original remote.xxx.com says IP: server

    QUESTION:
    For this to work, it's now in trusted and root, do I have to change it to
    server only, or will this work?

    Do i just have to run FIX network and will include that in the sbs cert for
    installing?

    Thanks alot Les.

     
    GARETT - TVGTECH, Apr 15, 2009
    #5
  6. Hello,

    Thanks for your post and Les's input.

    In addition, to use Office Outlook 2003 or Outlook 2007 for "Outlook Anywhere" in SBS 2008 domain, you may also refer to the following articles for detailed
    information:

    Using "Outlook Anywhere" in Small Business Server 2008
    http://technet.microsoft.com/en-us/library/cc794265.aspx

    Windows Small Business Server 2008 Client Computer Help
    http://technet.microsoft.com/en-us/library/cc546096.aspx

    More Information
    ======================
    Configuring Internet Mail in Windows Small Business Server 2008
    http://technet.microsoft.com/en-us/library/cc527480.aspx

    Hope this helps.


    Best regards,
    Robbin Meng(MSFT)
    Microsoft Online Newsgroup Support
     
    Robbin Meng [MSFT], Apr 16, 2009
    #6
  7. Thanks Robbin: Didn't see what I was looking for.

    Here is what I am looking for(I think):

    Location and how(steps) to setup a new CERT, that authenticates
    xxx.dyndns.info pass-through to the server?

    Do I choose server or webserver?
    What encryption?
    How to publish it so it precedes the remote.xxx.com certificate?

    I have been searching and need something so I don't screw it up when
    creating a new cert on SBS 2008 that overrides the remote.xx.com native cert
    so it works with non common url authentication using dyndns.info?

    Does this help clear up my question or completely no?

    Thanks all.
     
    GARETT - TVGTECH, Apr 16, 2009
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.