Hi, Due to licencing changes to our Microsoft Enterprise Agreement, I'm looking to restrict access to either remote COMPUTERS which are joined to our domain OR the USERS are members of an AD group. The first I can do in a Host Checker registry rule, the second I can do in a role mapping rule, however in this case the clients would need to satisfy both. Does anyone know if there's a way of granting access based on a computer rule OR a user rule? Thanks Russell ... View more

Hi, We have an existing Ex2K7 CAS server at a distant site connected to the Internet.  It provides OWA using urls like webmail.domain.uk as well as Autodiscovery and Outlook Anywhere. However there are performance problems and we also need to start Host Checking the clients which connect. Therefore I would like to start using our new local Ex2K7 in conjunction with our Juniper SA4500, and I've created DNS entries internally and externally for a new url - mail.domain.uk - which point to the new CAS server. I think I need to purchase a 3rd party SSL certificate for mail.domain.uk and install it on the OWA IIS CAS server. Do I also need to install it on the SA4500 for OWA to work? There's already a certificate on the Juniper for a different domain, so they should co-exist ok? If the domains did conflict would it be best to remove the older one? Any advice on whether to purchase a wildcard or multiple domain certificate? Thanks ... View more