A special shout out to The Exchange Ninjas for this script for Exchange 2007. http://www.exchangeninjas.com/set-allvdirs
I have modified that script to work with Exchange 2010. Enjoy. Copy and paste into a .ps1 file and run from the Exhange Comand Shell.
# Script to allow you to set all virtual directories to a common name like mail.company.com
Start-Transcript
# Variables
[string]$UMExtend = “/UnifiedMessaging/Service.asmx”
[string]$OWAExtend = “/OWA”
[string]$OABExtend = “/OAB”
[string]$SCPExtend = “/Autodiscover/Autodiscover.xml”
[string]$EWSExtend = “/EWS/Exchange.asmx”
[string]$ECPExtend = “/ECP”
[string]$ConfirmPrompt = “Set this Value? (Y/N)”
[string]$NoChangeForeground = “white”
[string]$NoChangeBackground = “red”
Write-host “This will allow you to set the virtual directories associated with setting up a single SSL certificate to work with Exchange 2010.”
Write-host “”
[string]$base = Read-host “Base name of virtual directory (e.g. mail.company.com)”
write-host “”
# =======================================================
# Validate if a third party trusted certificate is being used
# because BITS won’t use untrusted certificates
[string]$set = Read-host “Is the certificate being used an internally generated certificate? (Y/N)”
Write-host “”
if ($set -eq “Y”) {
[string]$OABprefix = “http://”
} else {
[string]$OABprefix = “https://”
}
# =======================================================
# Build the Autodiscover URL and set the SCP Value
Write-host “Setting Autodiscover Service Connection Point” -foregroundcolor Yellow
write-host “”
$SCPURL = “https://” + $base + $SCPExtend
[array]$SCPCurrent = Get-ClientAccessServer
Foreach ($value in $SCPCurrent) {
Write-host “Looking at Server: ” $value.name
Write-host “Current SCP value: ” $value.AutoDiscoverServiceInternalUri.absoluteuri
Write-host “New SCP Value: ” $SCPURL
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-ClientAccessServer -id $value.identity -AutoDiscoverServiceInternalUri $SCPURL
} else {
write-host “Autodiscover Service Connection Point internal value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
}
# =======================================================
# Build the EWS URL and set the internal Value
Write-host “Setting Exchange Web Services Virtual Directories” -foregroundcolor Yellow
write-host “”
$EWSURL = “https://” + $base + $EWSExtend
[array]$EWSCurrent = Get-WebServicesVirtualDirectory
Foreach ($value in $EWSCurrent) {
Write-host “Looking at Server: ” $value.server
Write-host “Current Internal Value: ” $value.internalURL
Write-host “New Internal Value: ” $EWSUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-WebServicesVirtualDirectory -id $value.identity -InternalURL $EWSURL
} else {
write-host “Exchange Web Services Virtual Directory internal value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
Write-host “Looking at Server: ” $value.server
Write-host “Current External Value: ” $value.externalURL
Write-host “New External Value: ” $EWSUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-WebServicesVirtualDirectory -id $value.identity -ExternalURL $EWSURL
} else {
write-host “Exchange Web Services Virtual Directory external value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
}
# ======================================================
# Build the OAB URL and set the internal Value
Write-host “Setting OAB Virtual Directories” -foregroundcolor Yellow
write-host “”
$OABURL = $OABprefix + $base + $OABExtend
[array]$OABCurrent = Get-OABVirtualDirectory
Foreach ($value in $OABcurrent) {
Write-host “Looking at Server: ” $value.server
Write-host “Current Internal Value: ” $value.internalURL
Write-host “New Internal Value: ” $OABUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-OABVirtualDirectory -id $value.identity -InternalURL $OABURL
} else {
write-host “OAB Virtual Directory internal value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
Write-host “Looking at Server: ” $value.server
Write-host “Current External Value: ” $value.externalURL
Write-host “New External Value: ” $OABUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-OABVirtualDirectory -id $value.identity -ExternalURL $OABURL
} else {
write-host “OAB Virtual Directory external value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
}
# =======================================================
# Build the UM URL and set the internal Value
Write-host “Setting UM Virtual Directories” -foregroundcolor Yellow
write-host “”
$UMURL = “https://” + $base + $UMExtend
[array]$UMCurrent = Get-UMVirtualDirectory
foreach ($value in $UMCurrent) {
Write-host “Looking at Server: ” $value.server
Write-host “Current Internal Value: ” $value.internalURL
Write-host “New Internal Value: ” $UMUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-UMVirtualDirectory -id $value.identity -InternalURL $UMURL
} else {
write-host “UM Virtual Directory internal value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
Write-host “Looking at Server: ” $value.server
Write-host “Current External Value: ” $value.externalURL
Write-host “New External Value: ” $UMUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-UMVirtualDirectory -id $value.identity -ExternalURL $UMURL
} else {
write-host “UM Virtual Directory external value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
}
# =======================================================
# Build the ECP URL and set the internal Value
Write-host “Setting ECP Virtual Directories” -foregroundcolor Yellow
write-host “”
$ECPURL = “https://” + $base + $ECPExtend
[array]$ECPCurrent = Get-ECPVirtualDirectory
foreach ($value in $ECPCurrent) {
Write-host “Looking at Server: ” $value.server
Write-host “Current Internal Value: ” $value.internalURL
Write-host “New Internal Value: ” $ECPUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-ECPVirtualDirectory -id $value.identity -InternalURL $ECPURL
} else {
write-host “ECP Virtual Directory internal value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
Write-host “Looking at Server: ” $value.server
Write-host “Current External Value: ” $value.externalURL
Write-host “New External Value: ” $ECPUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-ECPVirtualDirectory -id $value.identity -ExternalURL $ECPURL
} else {
write-host “ECP Virtual Directory external value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
}
# =======================================================
# Build the OWA URL and set the internal Value
Write-host “Setting OWA Virtual Directories” -foregroundcolor Yellow
write-host “”
$OWAURL = “https://” + $base + $OWAExtend
[array]$OWACurrent = Get-OWAVirtualDirectory
foreach ($value in $OWACurrent) {
Write-host “Looking at Server: ” $value.server
Write-host “Current Internal Value: ” $value.internalURL
Write-host “New Internal Value: ” $OWAUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-OWAVirtualDirectory -id $value.identity -InternalURL $OWAURL
} else {
write-host “OWA Virtual Directory internal value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
Write-host “Looking at Server: ” $value.server
Write-host “Current External Value: ” $value.externalURL
Write-host “New External Value: ” $OWAUrl
[string]$set = Read-host $ConfirmPrompt
write-host “”
if ($set -eq “Y”) {
Set-OWAVirtualDirectory -id $value.identity -ExternalURL $OWAURL
} else {
write-host “OWA Virtual Directory external value NOT changed” -foregroundcolor $NoChangeForeground -backgroundcolor $NoChangeBackground
}
}
End-Transcript
Very handy – thanks for the tip!
[...] Quelle: http://virtualbarrymartin.me/2009/12/29/how-to-setup-exchange-2010-to-use-a-single-certificate-for-i… [...]
Perfect! Worked great and much easier. Thanks.
The exchangeninja site is down, will your script still work on exchange 2007?
Unfortunately no it will not. I do still have the old 2007 version of the script. I can post that one as well on my blog but it will take me a few days.
That would be great, thanks.
Sorry for the long delay. Here it is.
http://virtualbarrymartin.me/2012/08/04/how-to-setup-exchange-2007-to-use-a-single-certificate-for-internal-and-external-use/
Are there any additional requirements to make autodiscovery work externally?
First of all, I just want to say, you are a GOD! Anyway, I was wondering if you might have time to read this post and possibly give me a couple of quick thoughts or answers. I have read your script and looked up the commands, and from what I can tell, this should do the trick for me. However, This is my situation. I have taken over management of a 20 mailbox exchange 2010 system, fully patched, and in current use. My BOSS (go figure) purchased a single name SSL cert, and had the client billed, before i had the chance to tell him i needed a UC cert. yada yada. so, i obviously cannot install the cert because it will break outlook internally, etc. (the cert is for ‘mail.mydomain.com’)…..I already have my firewall configured to allow intenal access to the external ip of my mail server and everything resolves correctly to mail.mydomain.com inside… so all good there. SO, I am about to run your script, but I was wondering if you might give your opinion on the following questions….. 1. Since I havent installed the single name cert into exchange yet, should I do that first, or run your script first. 2. I have 20 users internally connected to exchange, will these changes automatically be reflected on their outlook clients, or will i have to rebuild the accounts in outlook? 2a. This couldn’t possibly hurt anyone’s account data could it? mail, addresses, etc… 3. I will still have to create an external SRV record for autodiscover to make outlook anywhere work, correct? THANKS SO MUCH FOR YOUR TIME!!!!! -a
Please do post that 2007 version! That site is still down…
I have posted it here.
http://virtualbarrymartin.me/2012/08/04/how-to-setup-exchange-2007-to-use-a-single-certificate-for-internal-and-external-use/
Wow – +1. Especially helpful now that trusted certs won’t be issued (and will be revoked in 2016) for .local domains. I presume the thing to do is answer ‘N’ for any currently blank entries?
yes
Hi,
This is exactly what I have been looking for!! I do have a quick question. Do I have to make any modifications to this or is it a straight copy and paste? I’m taking it that I just have to enter in the external name of the virtual directory here in quotations and that should be it right?
[string]$base = Read-host “Base name of virtual directory (e.g. mail.company.com)”
so for example mine would be:
[string]$base = Read-host “webmail.hollaback.com”
And this will be the only change i have to make?
you do not have to make any modifications. it takes the domain name as a parameter.
Can I ask, My customer has in .local domain and I need to set up there server to respond to http://www.companyname.com. Can your script do this. I have set up the external and it responds fine, but now all Internal traffic when loggin in gets certificate error as server1.domain.local has SSL of http://www.companyname.com
This script set the internal and external names to be the same so you can use one certificate. You will need to setup split-brain DNS to make sure the FQDN resolves to the proper internal IPs.
I have a DNS forwarder set up on the DNS server so it knows the exchange server as http://www.companyname.com. and it still has serverxyz.domainname.local. Where in your script would I need to put this information.
That’s so cool. Thanks. My Outlook + Exchange are working fine now.
will this script work on Exchange 2013
I have not tested it yet.
Fantastic script!
I was getting *very* frustrated with Exchange – more so than usual
I was able to check the Outlook Autodiscover.xml before and after using https://www.testexchangeconnectivity.com
It took a few minutes (15?) for the changes to take affect. Probably waiting for AD to replicate the changes across the internal domain controllers.
I ran the script twice so noticed that the last line of the script should probably read:
Stop-Transcript
rather than End-Transcript
Obviously for Autodiscovery to work you need the following record in your domain’s Internet accessible DNS:
_autodiscover._tcp.YourDomainName.com. 1800 IN SRV 0 0 443 remote.YourDomainName.com.
remote.YourDomainName.com being the Common Name of your paid for SSL cert and also resolving to the IP address where your firewall is port forwarding HTTPS port 443 to your internal Exchange Server with the Client Access Role. And you’ve added your SSL Cert to IIS and chosen it as the one to use in Bindings.
I’m getting an error. Any ideas?
[PS] C:\>.\exchange2010singlecert.ps1
Unexpected token ‘https://’ in expression or statement.
At C:\exchange2010singlecert.ps1:30 char:35
+ [string]$OABprefix = “https:// <<<< ”
+ CategoryInfo : ParserError: (https://:String) [], ParseException
+ FullyQualifiedErrorId : UnexpectedToken
Did you edit the script? If so, don’t. just give it the input it needs.
So is this correct? It is complaining about ”
if ($set -eq “Y”) {
[string]$OABprefix = “http://”
} else {
[string]$OABprefix = “https://”
I have fixed the post. WordPress was changing the ending quote to the html values.
I have fixed the post. WordPress was changing the ending quote to the html values.
Seems like the ” replaces the ” in the code.
“https://”
I have fixed the post. WordPress was changing the ending quote to the html values.
I am having the same problem. Are you using Exchange 2010 SP3?