MicrosoftWhen running the HCW for additional tenants on the same on-prem Exchange 2016, we experienced the following issues:
- If using a multi-SAN certificate, the SMTP mail flow is interrupted, because HCW appears to update the certificate on both the on-prem Receive Connector and the EXO Outbound Connector. A solution should be by switching to a single-SAN certificate, which we will verify for the next tenant.
- HCW changed the EXO Outbound connector (From O365 to on-prem EXH), and we had to update the connector with the correct smart host and certificate SAN FQDN.
- HCW replaced the certificate on the on-prem EXH Send Connector, and we had to revert it back to restore SMTP mail flow.
- HCW add and enables a new intra-organization connector but at the same time disables existing intra-organization connectors, witch interferes with authentication. So after running the HCW for the second tenant, we had to re-enable the original connectors both on-prem and in EXO
(Get-IntraOrganizationConnector | Set-IntraOrganizationConnector -Enabled $True).
We are aware that Microsoft recommends using a separate on-prem Exchange server for each tenant, but have agreed with MS to try out using shared servers instead.
