Certificate Error When Opening Outlook
-
Outlook doesn't need an MX record to communicate with Exchange.
Maybe the old IP is still in your DNS cache. Try to flush the cash.
-
Outlook doesn't need an MX record to communicate with Exchange.
Maybe the old IP is still in your DNS cache. Try to flush the cash.
I deleted the MX record. back to where we were. I also flushed the DNS cache.
-
Outlook doesn't need an MX record to communicate with Exchange.
Maybe the old IP is still in your DNS cache. Try to flush the cash.
Since deleting the MX record and flushing the cache, tracert is resolving mail.domain.com to server.domain.local now. Not sure if this will hold. Going to test Outlook now.
-
Outlook doesn't need an MX record to communicate with Exchange.
Maybe the old IP is still in your DNS cache. Try to flush the cash.
Still getting the error. Its so random too. It does not come up everytime you open outlook and its not all users. It will jump around. One user will have an issue while another will not. All connected to same network. Any help is much appreciated.
-
"tracert is resolving mail.domain.com to server.domain.local now"
Huh?? What is the client using to access outlook.. an IP address a fqdn? Your saying this fqdn resolves to different IPs?
What are you clients using for dns? Here is the thing its is bad idea to point a client to multiple dns that could resolve things differently.. So for example pointing client to both a local dns and a public dns is BAD idea.. You are never going to be sure which dns a client does or gets a response from.
So if your asking for www.yourlocal.tld, public dns sure and the hell not going to know about that.. So if your clients need to resolve stuff that only resolves locally then only thing they should point to for dns is dns that can resolve that local stuff.
If your saying it pops up here or there sounds like to me you have an issue to where your clients are going..
-
"tracert is resolving mail.domain.com to server.domain.local now"
Huh?? What is the client using to access outlook.. an IP address a fqdn? Your saying this fqdn resolves to different IPs?
What are you clients using for dns? Here is the thing its is bad idea to point a client to multiple dns that could resolve things differently.. So for example pointing client to both a local dns and a public dns is BAD idea.. You are never going to be sure which dns a client does or gets a response from.
So if your asking for www.yourlocal.tld, public dns sure and the hell not going to know about that.. So if your clients need to resolve stuff that only resolves locally then only thing they should point to for dns is dns that can resolve that local stuff.
If your saying it pops up here or there sounds like to me you have an issue to where your clients are going..
Outlook is pointing to server.domain.local. Not sure where to begin. What is the first thing I should check?
-
"server.domain.local"
so what does that client use for dns? .local is only going to resolve with a local dns that has record for that.. that sure is not going to work on public internet.
-
"server.domain.local"
so what does that client use for dns? .local is only going to resolve with a local dns that has record for that.. that sure is not going to work on public internet.
IP config shows local server for DNS and google for secondary which is how it has always been. Never had an issue with this before. But yes, DNS is pointing to local DC.
-
and it also points to google.. So if client asks google for your server name.. What is it going to get back.. server.domain.local is not going to resolve on google..
As I stated before its BAD BAD BAD idea to use dns that can not resolve the same stuff to the same IPs.. You can not be sure what the client is going to use.. Be it you hadn't run into issues before is besides the point..
Lets say I am using server.somedomain.com, but I do not own this somedomain.com on the public.. Or lets say I do even. But my local dns points to 192.168.1.100, if I ask google for it what gets returned… It sure and the hell not going to be 192.168.1.100.. It might be the pubic IP, but then for me to access that it has to be a nat reflection, etc.
Or maybe it points me to some other server since I don't own somedomain.com
Pointing to name servers that can not return the same data is BAD idea!!! If you want 2, then point to 2 local ones that both resolve all your local stuff to the same IP. Public is going to be public - but pointing to a local server that resolves you local stuff and having a secondary server that does not resolve your local stuff is just BAD with issues waiting to happen.
-
and it also points to google.. So if client asks google for your server name.. What is it going to get back.. server.domain.local is not going to resolve on google..
As I stated before its BAD BAD BAD idea to use dns that can not resolve the same stuff to the same IPs.. You can not be sure what the client is going to use.. Be it you hadn't run into issues before is besides the point..
Lets say I am using server.somedomain.com, but I do not own this somedomain.com on the public.. Or lets say I do even. But my local dns points to 192.168.1.100, if I ask google for it what gets returned… It sure and the hell not going to be 192.168.1.100.. It might be the pubic IP, but then for me to access that it has to be a nat reflection, etc.
Or maybe it points me to some other server since I don't own somedomain.com
Pointing to name servers that can not return the same data is BAD idea!!! If you want 2, then point to 2 local ones that both resolve all your local stuff to the same IP. Public is going to be public - but pointing to a local server that resolves you local stuff and having a secondary server that does not resolve your local stuff is just BAD with issues waiting to happen.
Ok, I have removed the secondary DNS server from DHCP scope. Testing Outlook now.
-
validate the fqdn your trying to go to resolves to what its suppose to resolve too server.domain.local
simple ping, nslookup, dig, drill whatever your fav dns query tool is so you can see the answer. Ping works in a pinch to what the name resolves too. Be it answers or not.
