I am building an Exchange 2013 environment to co-exist with my existing Exchange 2010 server and to migrate users over. I think I have everything correct but just wanted to get a sanity check.
Our environment is fairly simple, we have an Exchange 2010 server that hosts all the roles, it has ActiveSync enabled for mobile devices, internal clients (Outlook 2007 and up) are domain joined, we have a few external clients connecting to Exchange via Outlook
over the public internet.
Currently we do not use Split DNS, our internal clients resolve to mail-server.domain.com and we have a Enterprise Certificate Authority that issues a certificate that our clients trust.
Externally (and mobile) access the Exchange server via webmail.domian.com and the certificate is a 3rd party SSL (GoDaddy).
Moving forward with Exchange 2013 i'd like to use Split DNS and use webmail.domain.com for both internal and external and use the 3rd party SSL for both internal and external (inc. mobile) clients just to keep things simple and not have to worry about different
CA SSLs and different DNS for internal/external clients.
Is there any issues with the above plan? Using 3rd party SSL for internal/external clients and moving away from using our Enterprise CA SSL for internal clients and sticking to webmail.domain.com for both? As I understand Microsoft suggest using Split DNS for
Exchange deployments.
Because I am changing this to Split DNS will there be any interruption to my internal clients when they do Autodiscover?
Also attached is a picture of my current Exchange configuration and also the configuration in the Lab with the current Exchange 2010 (mail-server) and exchange 2013 (new-server) configuration for all the various virtual directories and their authentication.
http://s22.postimg.org/qaggl1fwv/cfg.png
This outlines where I am trying to go with this, does anyone see any issues with it? I am shooting to not break autodiscover and any exchange services to end users, trying to make the upgrade/migration "seamless".
Thank you