Exchange Server 2010: Namespace Planning & Deployment

"Namespace planning is a serious topic that must take place relatively early in the Exchange 2010 planning and deployment process. Many companies choose to purchase certificates from a 3rd party certificate authority rather than deploy a certificate generated from an internal CA, as this ensures the majority of devices have a trusted root certificate. Deploying […]

"Namespace planning is a serious topic that must take place relatively early in the Exchange 2010 planning and deployment process. Many companies choose to purchase certificates from a 3rd party certificate authority rather than deploy a certificate generated from an internal CA, as this ensures the majority of devices have a trusted root certificate. Deploying a certificate with incorrect namespace values can be costly as you'll have to generate a new CSR and thus repurchase a new certificate with correct namespace values because you didn't plan correctly. Some CAs will allow you to resubmit a CSR and issue you a new certificate at no charge.)"

In this Robert's Rules of Exchange" series we take a fictitious company, describe their existing Exchange implementation, and then walk through the design, installation, and configuration of their Exchange 2010 environment.

For our purposes, we'll purchase a single SAN cert, and include following subject alternative names:

  • mail.robertsrules.ms
  • mailLFH.robertsrules.ms
  • legacy.robertsrules.ms
  • autodiscover.robertsrules.ms
  • failbackHSV.robertsrules.ms
  • failbackLFH.robertsrules.ms

We'll designate mail.robertsrules.ms as Subject Name. We'll talk more about how to order a certificate, the impacts of using a single certificate when using Outlook Anywhere, and many other things related to our namespace decisions as we move through the upcoming posts in this series.

More Info: Robert's Rules of Exchange: Namespace Planning

There're some great documentation written around namespace planning for your CAS deployment: