Changing a UCC/SAN Certificate and Re-Issuing from GoDaddy

Scenario

When initially setting up the Unified Communications Certificate (UCC) certificate for Exchange, autodiscover.domain.com was not added as a Subject Alternative Name (SAN).

You need to enable autodiscover in Exchange 2010 for external devices (iOS, laptop Outlook etc.) without a security warning.

Solution

The certificate needs to be updated with autodiscover.domain.com as a SAN.

These instructions pertain to a GoDaddy certificate – other providers will likely be different.

An A record had already been created in the domain’s DNS zone pointing autodiscover.domain.com to the public IP address of the router.

As it turns out, GoDaddy offer the opportunity to drop and replace SANs from their UCC certificates at will – with domain ownership validation required if any are added, of course.

Here are the steps:

[Read more…]

Issuing a certificate to Exchange 2010 using an Internal Certificate Authority (CA)

Scenario

You’ve installed Active Directory Certificate Services and need to issue a certificate to Exchange 2010.

[Read more…]

Migrate from Exchange 2007 to Exchange 2010

Scenario

You’ve just installed Exchange 2010 and now you want to migrate from Exchange 2007 to Exchange 2010.

Here’s the steps I took.

[Read more…]

Move the Database Path in Exchange 2010

Scenario

You have installed Exchange 2010 but have realised that you need more space for the database files.

You need to move these database files to another drive.

[Read more…]

Installing Exchange 2010

Scenario

You want to install Exchange 2010 on a Win2008 R2 server.

Here’s how:

[Read more…]

How to find out the Service Pack and Update Rollup versions in Exchange 2007 2010

To find out the version and build number of Exchange 2007/2010, you can do one of the following:

  1. Run the Get-ExchangeServer | fl name,edition,admindisplayversion cmdlet in the Exchange Management Shell (EMS):
  2. Navigate to Server Configuration in the Exchange Management Console (EMC):

This will give you the major version and service pack version numbers – in my case it major version 8 (aka Exchange 2007) and Service Pack 3.

To find out the Update Rollup version, navigate to Control Panel > Programs > View Installed updates on your Exchange Server:

Disable POP and IMAP for all users in Exchange 2007 2010

Although the POP and IMAP services are disabled by default in Exchange 2007, every mailbox will have the features enabled. This means everyone will be able to use POP and IMAP if you enable the services. What if you only want a few users to use them?

Use this PowerShell cmdlet to disable POP and IMAP for all users in Exchange 2007/2010:

Get-CASMailbox | Set-CASMailbox -PopEnabled $false -ImapEnabled $false

You can then enable the POP and IMAP features for specific users via the GUI or by using this cmdlet:

Set-CASMailbox -Identity adam.rush -PopEnabled $true -ImapEnabled $true