I have a client with a new Exchange 2013 server that was migrated from Exchange 2007. Everything was working fine. They still co exist. Windows Essentials Experience was installed on the new exchange server. I have uninstalled the Windows Essentials Experience and users can get email but there are a few lingering problems. Primarily, there is no access to OutlookAnywhere or ECP.
Get-OutlookAnywhere returns the following:
[PS] C:\Windows\system32>get-outlookanywhere
WARNING: Warning: "Rpc (Default Web Site)" was not found. Please ensure that the RPC over HTTP Proxy feature has been added to server "A08".
RunspaceId : 07081ab0-858b-4574-b823-7a23f0938781
ServerName :A08
SSLOffloading : False
ExternalHostname : remote.associatedengineers.com
InternalHostname : remote.associatedengineers.com
ExternalClientAuthenticationMethod : Basic
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm, Negotiate}
XropUrl :
ExternalClientsRequireSsl : True
InternalClientsRequireSsl : True
MetabasePath :IIS://A08.aei.local/W3SVC/1/ROOT/Rpc
Path :
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 8.3 (Build 83.6)
Server : A08
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Rpc (Default Web Site)
DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=A08,CN=Servers,CN=Exchange
Administrative Group (FYDIBOHF23SPDLT),CN=Administrative
Groups,CN=AEI,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=aei,DC=local
Identity : A08\Rpc (Default Web Site)
Guid : e240f899-98b1-4aed-bff0-d9e0c1f92538
ObjectCategory : aei.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged : 9/4/2014 2:15:23 PM
WhenCreated : 12/2/2008 7:13:37 AM
WhenChangedUTC : 9/4/2014 7:15:23 PM
WhenCreatedUTC : 12/2/2008 1:13:37 PM
OrganizationId :
OriginatingServer : A14.aei.local
IsValid : True
ObjectState : Changed
RunspaceId : 07081ab0-858b-4574-b823-7a23f0938781
ServerName : A14
SSLOffloading : True
ExternalHostname : remote.associatedengineers.com
InternalHostname : remote.associatedengineers.com
ExternalClientAuthenticationMethod : Basic
InternalClientAuthenticationMethod : Ntlm
IISAuthenticationMethods : {Basic, Ntlm, Negotiate}
XropUrl :
ExternalClientsRequireSsl : True
InternalClientsRequireSsl : True
MetabasePath : IIS://A14.aei.local/W3SVC/1/ROOT/Rpc
Path : D:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\rpc
ExtendedProtectionTokenChecking : None
ExtendedProtectionFlags : {}
ExtendedProtectionSPNList : {}
AdminDisplayVersion : Version 15.0 (Build 847.32)
Server : A14
AdminDisplayName :
ExchangeVersion : 0.20 (15.0.0.0)
Name : Rpc (Default Web Site)
DistinguishedName : CN=Rpc (Default Web Site),CN=HTTP,CN=Protocols,CN=A14,CN=Servers,CN=Exchange
Administrative Group (FYDIBOHF23SPDLT),CN=Administrative
Groups,CN=AEI,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=aei,DC=local
Identity : A14\Rpc (Default Web Site)
Guid : cb886cd7-dd5c-4976-83e2-790c263193c7
ObjectCategory : aei.local/Configuration/Schema/ms-Exch-Rpc-Http-Virtual-Directory
ObjectClass : {top, msExchVirtualDirectory, msExchRpcHttpVirtualDirectory}
WhenChanged : 9/4/2014 2:15:38 PM
WhenCreated : 8/30/2014 10:04:48 AM
WhenChangedUTC : 9/4/2014 7:15:38 PM
WhenCreatedUTC : 8/30/2014 3:04:48 PM
OrganizationId :
OriginatingServer : A14.aei.local
IsValid : True
ObjectState : Changed
When a user tries to login remotely to outlook anywhere they are presented with a certificate that is not the correct certificate.
The certificate information says
Issued to: e89a2f3098a5a0d0
Issued byL Token Signing Public Key
Get-ExchangeCertificate returns the following:
[PS] C:\Windows\system32>Get-ExchangeCertificate |fl
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {remote.associatedengineers.com, www.remote.associatedengineers.com, associatedengineers.com,
webmail.associatedengineers.com, autodiscover.webmail.associatedengineers.com,
autodiscover.associatedengineers.com}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/,
O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter : 8/31/2017 11:10:45 AM
NotBefore : 8/31/2014 11:10:45 AM
PublicKeySize : 2048
RootCAType : ThirdParty
SerialNumber : 27DE8143691709
Services : IMAP, POP, IIS, SMTP
Status : Valid
Subject : CN=remote.associatedengineers.com, OU=Domain Control Validated
Thumbprint : 0AC739F727C1BE8A1A7D4E7F210EDD6263F97121
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {A14}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=aei-A14-CA
NotAfter : 8/29/2019 5:19:49 PM
NotBefore : 8/30/2014 5:19:49 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 3F00000003A9D7CC948AF550E9000000000003
Services : SMTP
Status : Valid
Subject : CN=A14
Thumbprint : F6FF6B35A7DBFD1457C41F47485943073F278648
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=Microsoft Exchange Server Auth Certificate
NotAfter : 8/4/2019 9:51:13 AM
NotBefore : 8/30/2014 9:51:13 AM
PublicKeySize : 2048
RootCAType : None
SerialNumber : 27232CBCD18185B546FBE5793AEF5645
Services : SMTP
Status : Valid
Subject : CN=Microsoft Exchange Server Auth Certificate
Thumbprint : 0A36707585CC0BC4C8662E58E986F8F05DEE81B7
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {WMSvc-A14}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=WMSvc-A14
NotAfter : 8/27/2024 8:56:34 AM
NotBefore : 8/30/2014 8:56:34 AM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 514EAEBED77CD5BF483F9C7077036B83
Services : None
Status : Valid
Subject : CN=WMSvc-A14
Thumbprint : 39940C9EF9AB475A7D144C83EFEF17C7B2053157
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {aei-A14-CA}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=aei-A14-CA
NotAfter : 8/21/2054 12:19:40 PM
NotBefore : 8/29/2014 12:19:40 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 7C5FD94CFED4EDA244B701291565C4F8
Services : None
Status : Valid
Subject : CN=aei-A14-CA
Thumbprint : 11D09686FEBED4ED4908497E6E71AA15DF5DEC23
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule,
System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {A14.aei.local}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=aei-A08-CA
NotAfter : 8/27/2015 2:58:04 PM
NotBefore : 8/27/2014 2:58:04 PM
PublicKeySize : 2048
RootCAType : Enterprise
SerialNumber : 1B529423000100000036
Services : IIS, SMTP
Status : Valid
Subject : CN=A14.aei.local
Thumbprint : 7E1073385BE7C716A3E0410AA7335DA6F05B5DEB
Can anyone help me fix this?
Thanks