Update 10/4/2007: Since this post has been published, we've updated the Exchange 2007 Autodiscover Service whitepaper to include this information. Please consult the whitepaper for most up-to-date ...
Updated Jul 01, 2019
Version 2.0
Blog Post
Thanks Matthew, David and others.
Matthew: I have realised that the problem I reported above appears to occur exclusively on Outlook 2003. Outlook 2007 appears to work fine without the server's real name in the certificate. It is not related to autodiscovery. I also tried the exchangeninja's
script changes without success.
To use the exchange2007demo.com setup as an example: Set up an Exchange server, rottweiler.exch2007demo.loc. Set up Outlook Anywhere in the usual fashion, with external name mail.exchange2007demo.com. Sit outside your network and try setting up a profile
with Outlook utilising Outlook Anywhere in the usual fashion, as described here:
https://signmeup.exchange2007demo.com/exchange2007demo/supp/faq.htm#_Toc159739999
https://signmeup.exchange2007demo.com/exchange2007demo/supp/faq.htm#_Toc159739999. If your server uses a cert which contains the name mail.exchange2007demo.com but not rottweiler.exch2007demo.loc you will find that with Outlook 2007 it works, but that
Outlook 2003 will complain that you are not online and refuse to connect. Use a cert with both the above mentioned names in it and both versions of Outlook will work OK. That's why if you check out the cert they are using on exchange2007demo.com you will
see in contains rottweiler.exch2007demo.loc as an alternative name (along with others like autodiscover).
The fact that this internal server name is required seems to be poor design to me.
David: Thanks for your link. I've seen a few sites going along these lines now. I messed around and concluded I'll just buy cert with multiple names - you can get them for $200/year and no doubt increasing competition in future will drive the price down further.
Thanks Christopher for your comment on this - obviously exchange2007demo.com managed to get one!