Creating a wildcard webserver certificate with your internal Microsoft CA

Robbie Roberts Blog OCS, Exchange & Technology

It is sometimes necessary to issue a wildcard certificate from your internal Microsoft CA, I had such a requirement this week and thought it would make a nice blog post.

The post assumes you have a Enterprise CA already deployed and a web server template deployed and available for enrolment.

First we need to create the certificate request that will be issued to your CA.

1. Logon to a Windows 2008 R2 or Windows 7 domain member

2. Open the certificates MMC snap-in






Now create the certificate request

3. Right click the Certificates folder which is found under the personal folder

4. Select All Tasks > Advanced Options > Create Custom Request


5. In the Certificate Enrolment Wizard Click Next


6. In the Certificate Enrollment Page select Custom Request > Proceed without enrolment Policy and then select Next


7. In the Custom Request Page select (No template) Legacy Key from…

View original post 379 more words

Exchange 2010 SP3 sets AllowCrossSiteRPCClientAccess back to false

Jason (Izzy) Sherry's Blog

If you have any scripts, like those used during the failover process, that use this cmdlet for Exchange 2010 you need to update them to set this value each time.

Just add “–AllowCrossSiteRPCClientAccess $True” to the cmdlet line when calling Set-DatabaseAvailabilityGroup, this assumes  you want to allow cross site RPC access without requiring your users to restart Outlook when their active database is moved to another AD Site.

Set-DatabaseAvailabilityGroup –AllowCrossSiteRPCClientAccess $True.

I’m pretty sure  I’ve seen this value reset back to $False with SP2 (RU unknown) also, so this “bug” might have existed before SP3. This switch was added, or really it started working, in SP2 RU3.

See this blog post for more details:

For general Exchange 2013 questions or to discuss non-support topics join the “Microsoft Exchange 2013” Facebook group I admin:

For community based support goto TechNet forums:

View original post