Forum

Exhange 2007 de Se...
 
Bildirimler
Hepsini Temizle

Exhange 2007 de Sertifika problemi

5 Yazılar
2 Üyeler
0 Reactions
572 Görüntüleme
(@Alaaddin)
Gönderiler: 4
Active Member
Konu başlatıcı
 

Merhaba


Hakan bey çalıtığım şirkette exchane server da 3 adet domain  [email protected] [email protected]  [email protected] gibi ve exchange üzerinde şuan geçerli bir sertifika yoktur bu 3 farklı domain için sertifika nasıl alabilirim alsam da sertifika ile ilgili herhangi bir sorun çıkartırmı . Son sorum 20 kişinin mail adresini tek bir mail adresine yönlendirmek istiyorum departmanın güvenliği için  yardımlarınız için  Şimdi den TEŞŞEKÜR EDERİM 


 

 
Gönderildi : 30/12/2008 20:29

(@bugrakeskin)
Gönderiler: 5088
Illustrious Member
 

Merhaba

Öncelikle Hakan bey değilim ancak yardımcı olmak isterim.

Eğer default ayarlar ile oynamadıysanız, sertifika zaten şirket içindeki kullanıcılar için geçerlidir.

Ofis dışından Exchange server a (OWA, Outlook Anywhere) olarak bağlanmaları durumunda sertifika kullanabilirsiniz. Eğer firewall olarak ISA Server kullanıyorsanız yine SSL kullanarak sertifikayı publish ederek daha güvenli hale getirebilirsiniz.

Öncelikle ne için kullanacağınıza bağlı.

 
Gönderildi : 30/12/2008 20:50

(@Alaaddin)
Gönderiler: 4
Active Member
Konu başlatıcı
 

Buğra bey


Teşşekürler yardımınız için Exchange server şirket içi ve şirket dışı aktif olarak kullanılmakta dışarıdan mail server a bağlanıldığı zaman sertifika hatası veriyor ve clientler hiç bir şekilde şiflrelerini değiştiremiyorlar  en buyuk sıkıntı bu ve exchange server aynı çatı altında üç ayrı firmaya hizmet veriyor. bu yüzden 3 ayrı domain adı barındırıyor owa bağlantısı kurulurken örnek olarak https://cicek.com/owa https://papatya.com/owa https://firma.com/owa   yazar şirketteki kullanıcı kendi şirket domain adını yazarak bağlanıyor  


 

 
Gönderildi : 30/12/2008 23:51

(@Alaaddin)
Gönderiler: 4
Active Member
Konu başlatıcı
 

Cevap beklediğim konu Nasıl bir sertifika almalıyım ve herhangi bir sorun yaşanırmı ?

 
Gönderildi : 02/01/2009 19:13

(@bugrakeskin)
Gönderiler: 5088
Illustrious Member
 

Merhaba

OWA üzerinden şifre değiştirmeyi enable yapmalısınız alttaki yönergeleri izleyin lütfen. Takıldıgınız bir yeri olursa cevaplarım

Warning If you edit the metabase incorrectly, you can cause
serious problems that may require that you reinstall any product that
uses the metabase. Microsoft cannot guarantee that problems that result
if you incorrectly edit the metabase can be solved. Edit the metabase
at your own risk.

Note Always back up the metabase before you edit it.

After you apply this hotfix, follow these steps
to configure the Password Change functionality:

  1. 1.
    Apply the hotfix to update the files on the computer that is running
    IIS or install service pack 1 for Windows 2003. The hotfix will
    automatically register the module and you can proceed to step 3. If
    Service Pack 1 has been installed without the hotfix, you must manually
    register the module.
  2. Register the IISpwchg.dll file in the Iisadmpwd directory:
    1. Click Start, and then click
      Run.
    2. In the Open box, type the following,
      and then press ENTER:

      regsvr32
      c:\windows\system32\inetsrv\iisadmpwd\iispwchg.dll
  3. Configure the PasswordChangeFlags property in the metabase to make sure that the Password Change
    functionality is enabled:

    1. Click Start, and then click
      Run.
    2. In the Open box, type
      cmd, and then press ENTER.
    3. Locate the C:\Inetpub\Adminscripts
      directory.
    4. Type the following command, and then press ENTER:
      cscript.exe adsutil.vbs set
      w3svc/passwordchangeflags Value

      Note In this sample command, Value is a
      placeholder for the value that you want to set for the PasswordChangeFlags property.

  4. The following list includes the possible values for the PasswordChangeFlags property. You can use a combination of these values.
    • 0: This is the default value. This
      value indicates that you must use a Secure Sockets Layer (SSL) connection when
      you change the password.
    • 1: This value permits password changes on non-secure ports. This
      value is useful if SSL is not enabled.
    • 2: This value disables the Password Change
      functionality.
    • 4: This value disables the advance notification of password
      expiration.
  5. Make sure that the virtual directory for the Iisadmpwd
    directory is correctly created and that it points to the correct location. The
    correct location is System32\Inetsrv\Iisadmpwd.

    To create a virtual directory for the Iisadmpwd directory, follow these steps:

    1. Click Start, click Programs, click Administrative Tools, and then click Internet Information Services (IIS) Manager.
    2. In Internet Information Services (IIS) Manager, right-click the Web site where you want the Iisadmpwd folder, click New, and then click Virtual Directory.
    3. When
      the Virtual Directory Creation Wizard starts, follow the instructions
      to create the virtual directory with the alias that is named
      "IISADMPWD." Make sure that the path points to the
      Windows\System32\Inetsrv\Iisadmpwd directory. Make sure that both
      "Read" permissions and "Run Scripts (such as ASP)" permissions are
      selected.
  6. Make sure that the Iisadmpwd virtual directory runs in the
    same application pool as the Web site that uses the Password Change
    functionality. For example, if the Password Change functionality is used in
    your Microsoft Outlook Web Access (OWA) Web site, the Iisadmpwd virtual
    directory must run inside the Exchange application pool where the OWA site
    resides.

    Note We recommend that the authentication for IISADMPWD is the same as
    the application that is using this functionality. Anonymous Authentication is
    not required to be enabled on this virtual directory.

  7. Verify that the following metabase entries are set
    correctly.

    Note
    If the metabase is manually changed by using an XML Editor to edit any
    of these metabase entries and values, the XML editor will automatically
    insert the tag for a double-quote character. This will result in two
    double-quote characters in the metabase. To work around this, either
    edit the Metabase.xml file in a non-XML editor (Notepad.exe, for
    example) or use the XML tag for the double-quote character. The XML tag
    for the double-quote character is ". After you edit the
    Metabase.xml file, review the changes to verify that " does
    not appear as a opening tag and a closing tag in the changes. The
    "" and "" syntax causes a failure.

    Collapse this tableExpand this table
    Metabase entry and value Description
    AuthChangeURL = "/iisadmpwd/achg.asp" This page
    does the actual password change work.
    AuthExpiredURL = "/iisadmpwd/aexp.asp" This page
    displays the password change form for a user whose password has expired. Make
    sure that you type the account name in the "domain\username" format.
    AuthExpiredUnsecureURL="/iisadmpwd/aexp3.asp" This
    page displays the password change form when SSL is not used.
    AuthNotifyPwdExpURL = "/iisadmpwd/anot.asp" This
    page appears when a user's password expires earlier than the number of days
    that are specified in the PasswordExpirePreNotifyDays entry.
    AuthNotifyPwdExpUnsecureURL =
    "/iisadmpwd/anot3.asp"
    This page appears if a user's password expires
    earlier than the number of days that are specified in the
    PasswordExpirePreNotifyDays entry when SSL is not used.
    PasswordExpirePreNotifyDays This metabase entry
    specifies the number of days that remain before the client's password expires.
    This metabase entry also indicates when a password pre-notification message is
    sent.
  8. By default, these metabase entries are located at the
    W3SVC level in the metabase. You can use the Adsutil.vbs script to configure
    these metabase entries. The Adsutil.vbs script is located in the
    Inetpub\Adminscripts directory on your system. To use the Adsutil.vbs script to
    configure these metabase entries, follow these steps:

    1. At a command prompt, locate the C:\Inetpub\Adminscripts
      directory.
    2. Type the following command, and then press ENTER:
      cscript.exe adsutil.vbs set
      w3svc/MetabaseEntry Value

      For example, type the following:

      cscript.exe adsutil.vbs set
      w3svc/PasswordExpirePreNotifyDays 4

 

 
Gönderildi : 02/01/2009 19:43

Paylaş: