Issue 1:
Ever since I introduced Exchange 2013 SP1 into my Active Directory, end users (Outlook 2013) have been getting Certificate warnings for the Exchange 2013 SP1 servers, even though they are all on Exchange 2010 SP3 still. It seemed to go away after I added a server1.domain.local cert from our domain CA, but on server2, it doesnt help. I get a warning for "The name on the security certificate is invalid or does not match the name of the site."
The warning has the server2 FQDN at the top and the name of the certificate is the FQDN with an external CA I use for all the autodiscover, OWA etc. The 3rd party CA cert is installed for IIS and SMTP and its selected in IIS for HTTPS on both Default Web Site and Exchange Back End.
Issue 2:
End users are getting prompted for credentials in Outlook 2013, some seem to go away and not come back, some users have reoccurring prompts for credentials through out the day. They donot have any relevant entries in the Control Panel/Credential Manager.
Issue 3:
I've migrated a test account to 2013, trying to setup Outlook for the account, but:
The name cannot be resolved. The connection to Microsoft Exchange is unavailable....
I believe all the Autodiscover stuff should be fine, but I dont have a seperate GAL/OAB for Exchange 2013 yet, honestly this confuses me. How do I migrate my 2010 GAL to 2013? Do I need seperate GALs for 2010 and 2013?
Very happy to take replies for the individual issues separately, although they are probably linked.
I followed the Exchange Deployment Assistant but theres no GAL step in there and the certificate instructions in there are dubious, some other sources say assign the 3rd party cert to everything, other sources say dont touch the default certs at all.