+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 31
Cloud Services Thread, Office 365 hybrid DNS records in Technical; Originally Posted by sukh you shouldn't have to do that. The hcw does it all for you. I assume you ...
  1. #16
    ful56_uk's Avatar
    Join Date
    Mar 2008
    Location
    Essex
    Posts
    554
    Thank Post
    105
    Thanked 23 Times in 21 Posts
    Rep Power
    17
    Quote Originally Posted by sukh View Post
    you shouldn't have to do that. The hcw does it all for you. I assume you have sp3 on hybrid server?

    when you send do you get an ndr? where iz it queued? check trace on o365?
    Yup hybrid is at sp3 level
    Don't get a ndr yet, I can see all the messages on the office365 trace pending/defer

  2. #17

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,046
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Quote Originally Posted by ful56_uk View Post
    Yup hybrid is at sp3 level
    Don't get a ndr yet, I can see all the messages on the office365 trace pending/defer
    I have things to try, but I'm stuck at the moment I can't write it all on my phone. :-)

    Do you have remote access the server...

    James.

  3. #18

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    can you post your outbound connector on o365

    can you also up logging on hybrid o365 connector (receive) & see if a connection is being made and the status. I.e protocol logging

  4. Thanks to sukh from:

    ful56_uk (10th October 2013)

  5. #19
    ful56_uk's Avatar
    Join Date
    Mar 2008
    Location
    Essex
    Posts
    554
    Thank Post
    105
    Thanked 23 Times in 21 Posts
    Rep Power
    17
    Quote Originally Posted by EduTech View Post
    I have things to try, but I'm stuck at the moment I can't write it all on my phone. :-)

    Do you have remote access the server...

    James.
    Hi James

    I do have remote access, it's a very kind offer, only thing I can think of is I am using a wild card ssl cert

    Mark

  6. #20

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,046
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Quote Originally Posted by ful56_uk View Post
    Hi James

    I do have remote access, it's a very kind offer, only thing I can think of is I am using a wild card ssl cert

    Mark
    Yes I believe that will be your problem. You cannot use a wildcard certificate in a hybrid deployment. The Subject Name needs to be specified such as (exch2010.domain.co.uk) in order got the TLS to authenticate etc. you also need your autodiscover.domain.co.uk in the SANs.

    James.

  7. #21

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    wild certs are supported with sp3 was an old issue pre sp3. thr hcw wouldn't complete if cert was an issue.

  8. #22

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,046
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Quote Originally Posted by ful56_uk View Post
    Hi James

    I do have remote access, it's a very kind offer, only thing I can think of is I am using a wild card ssl cert

    Mark
    Read this - http://blogs.technet.com/b/danielken...izard-hcw.aspx

    James.

  9. #23
    ful56_uk's Avatar
    Join Date
    Mar 2008
    Location
    Essex
    Posts
    554
    Thank Post
    105
    Thanked 23 Times in 21 Posts
    Rep Power
    17
    I thought you could use wild card ssl, I'll look again tomorrow

  10. #24

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    I'd look at protocol logging as mentioned & try opportunistic tls for the outbound connector.

  11. #25
    jamesbmarshall's Avatar
    Join Date
    Feb 2010
    Location
    Reading, UK
    Posts
    516
    Thank Post
    26
    Thanked 228 Times in 158 Posts
    Rep Power
    85

  12. #26
    ful56_uk's Avatar
    Join Date
    Mar 2008
    Location
    Essex
    Posts
    554
    Thank Post
    105
    Thanked 23 Times in 21 Posts
    Rep Power
    17
    Opportunistic tls seems to have done the trick, thanks guys

  13. #27

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,046
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Just got home, and glad to see you managed to sort it!.... :-) I was in the middle of driving on the motorway so my hands were pretty tied!

    It's quite a common thing people having issues with receiving email between O365 & Hybrid Exchange Server when setting this up, always down to 1 setting being out of place! :-) and it's generally down to the configuration of the receive connector

    James.
    Last edited by EduTech; 11th October 2013 at 12:25 AM.

  14. #28
    jamesbmarshall's Avatar
    Join Date
    Feb 2010
    Location
    Reading, UK
    Posts
    516
    Thank Post
    26
    Thanked 228 Times in 158 Posts
    Rep Power
    85
    Quote Originally Posted by ful56_uk View Post
    Opportunistic tls seems to have done the trick, thanks guys
    Doesn't this pose a security risk?

  15. #29

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Potential, only if you're concerned data not being sent via TLS.

    If you are then I would work on the issue and enforce TLS.

  16. #30

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,046
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Quote Originally Posted by sukh View Post
    Potential, only if you're concerned data not being sent via TLS.

    If you are then I would work on the issue and enforce TLS.
    It is recommended that you enforce TLS so that when you send/receive between your On-Premise & Cloud Recipients the communication is secure, just like if it was internal. You wouldn't allow mail to be routed around your internal infrastructure unsecure would you? so why do it in this scenario.

    I would look into the reasons as to why you have an issue using TLS, I would imagine it's something to do with the SSL Certificate being used as in FOPE it will have a rule which states...

    The Security.. which generally is setup as follows (certificate Subject Name Matches X)
    Image11.PNG

    and it routes email via smarthost (which points to the Public IP of your Hybrid Server)
    Image12.png

    James.

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Office 365 hybrid deployment
    By ful56_uk in forum Cloud Services
    Replies: 4
    Last Post: 5th July 2013, 08:46 AM
  2. Office 365 MX records and local Exchange
    By dcwhitworth in forum Cloud Services
    Replies: 0
    Last Post: 30th April 2013, 09:28 AM
  3. Is it possible to setup live@ / office 365 without dns or mx changes.
    By edutech4schools in forum How do you do....it?
    Replies: 15
    Last Post: 7th March 2012, 01:40 PM
  4. Question about DNS records
    By Kyle in forum Windows
    Replies: 1
    Last Post: 20th May 2007, 11:21 AM
  5. Replies: 2
    Last Post: 20th February 2007, 04:39 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •