If you have the environment with Windows XP + Office 2007 or 2010 and Exchange 2013, you can expect some problems from the beginning. There is a problem because computers with Windows XP will not be able to connect to the new Exchange server. The nature of the problem is simple: Windows XP looks at the certificate using only the first SAN, but the internal name of Exchange is not in this line. This is the reason of the problem. Now, what can we do to solve the problem? In this situation, we can adopt two possible solutions:
- We can force Exchange to use a determinate certificate for internal AutoDiscover. This is simple to do with one PowerShell command: Set-OutlookProvider EXPR -CertPrincilalName:”msstd:mail.company.com” (mail.company.com is the name of your certificate).
- We can internally publish OutlookAnywhere with the same name as the external. Set the Authentication method for External clients to NTLM or Basic. In this case, you have to configure properly also the internal DNS servers, because this address must be available also from the internal network.