We had a single exchange 2016 server. Our internal domain is a .local while email is a .com. We setup internal DNS with .com having the autodiscover and mail DNS. We had no issues, with the user being internal on the office network or external on the internet. We brought up a 2nd exchange server and all seemingly went well. We imported the UCC SSL certificate, applied it to the services and updated all the internal and external URLs to the same as the first server. All URLs are either autodiscover.xxxxxxxxx.com or exch.xxxxxxxxxx.com We updated DNS to use round-robin selection. The issue we have is people on the internal network, when they start Outlook, get a security prompt. The prompt is the server server2.xxxxxxxxx.local has an invalid certificate. If you look at the certificate, it is for the correct exch.xxxxxxxxxx.com I can even see in the Outlook connection status, it is reaching out for the .local server name. But the MAPI URLs are exch.xxxxxxxx.com
If you accept, everything works, if you say no, it eventually fails over to the .com address.
I'm not 100% sure what Mailbox1@Piepel .com is. Mailbox1 is the name of the 1st exchange server's database. mailbox1.edb I tried searching for a mailbox1 account or mailbox but have had no luck. I can send an email to mailbox1@X .com but no idea where it went. Maybe its a public folder, which we have, but the email didn't appear there.
I want to continue with a DAG setup, but this worries me.