Solved

Members of certain OUs periodically bouncing from Distribution List emails

Posted on 2006-11-28
14
813 Views
Last Modified: 2008-01-16
Hi All,

First off, I'm running a Windows 2003 Server with Exchange 2003 (Both latest SP and fully patched) in a two tier domain (parent and child domains) and I'm having an intermittent problem where members of certain organisational units in the AD have emails sent to them via distribution lists bounce (but direct send to that user does work correctly).  Interestingly the bounce always indicates it tried to send to the name as you would navigate to it via ADSI or AD (there's a term for that but I can't think of it).

e.g.

The following recipient(s) could not be reached:

      CN=<name removed>,OU=Call Centre,OU=Users,OU=Department,DC=dpt,DC=dialectgroup,DC=internal on 29/11/2006 2:24 PM
            The message could not be delivered because the recipient's destination email system is unknown or invalid. Please check the address and try again, or contact your system administrator to verify connectivity to the email system of the recipient.
            <bn100wexmsv01.dialectgroup.internal #5.1.2>

An email that does this will bounce to all other members of that particular OU (sometimes several OUs) but distribute fine to many other OUs, and will continue bouncing until I delete the sender's outlook address book and rebuild after which it will send fine for a few weeks then the problem resurfaces (often on a different users PC).

Interestingly when I look at the distribution list via AD Users and Computers after being told of one of these bounces, the members in question appear slightly greyed out in the list but nothing has changed about their account or the list itself, in fact after the most recent one the system had been static for nearly three weeks with only monitoring tasks having happened.

This one has got me really stumped, so if anybody can point me in the direction of what i can do to diagnose cause, or better yet if somebody else has encountered and solved, I'd really appreciate it.

Cheers,

Brett.
0
Comment
Question by:sethale
  • 8
  • 5
14 Comments
 
LVL 1

Author Comment

by:sethale
ID: 18034751
Some further investigation has shown that if I preview the global address list (Default Global Address List) and open one of the bounced users I get a failure of:

The operation failed
ID no: 80004005
Microsoft Active Directory - Exchange Extension

I checked out some of the more common causes of this and it does seem that my RUS and OAB are homed correctly, the server itself is the first exchange 2003 in the domain but it was populated by a 5.5 migration of data if that could be involved.
0
 
LVL 12

Expert Comment

by:aa230002
ID: 18035860
What type of distribution groups are they? These all should be Universal Distribution Groups and not the Global groups.
Also check the expansion server on the DL properties. By default - its any server in the organisation.

Regards,
Amit Aggarwal.
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 18036857
The error in your reply could be that you may be running ESM on a machine that has Outlook on it.

Where is your Global Catalog server residing? In a situation like yours, I would have GCs in each domain, and one at your root that is the master of all. If GC replication is impedded anywhere, you can have major routing issues. Are any of the senders having issues using cached mode? If so, I've also had an issue when the OAB generation wasn't completing properly again because of GC issues. Once that was fixed, those users issues disappeared although had to clear the contact info from Outlook.
0
 
LVL 1

Author Comment

by:sethale
ID: 18041438
In answer to your question Amit, yes they are Universal Groups and the expansion server is set to the default (I must confess not knowing anything about the expansion server role but I presume the default is fine?).

Darkstar, when exchange was being configured by my predecessor he did install Outlook 2003 on the server itself though I have long since removed it and this problem has only just surfaced so while I definitely can't rule that out it seems unlikely?

I'll check out the Global Catalogs in more detail, but currently there are two DCs in each domain, one acting at a GC and the other as the infrastructure master (this was changed to that format about two to three weeks ago to stop a role conflict reported by the DCs when all DCs were GCs also.).

Cached mode could well be involved as the folks who encounter it most frequently are our exec and sales teams who work on laptops in cached mode.  How would I best go about troubleshooting Global Catalogs (I really only know how to set which server is one unfortunately), and I presume clearing the contact info is best done by deleting all their .oab files and letting Outlook create new ones once its fixed?
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 18042069
You may have removed Outlook, but you need to correct the mapi issues. This discusses how to fully repair Exchange in this instance. http://www.microsoft.com/technet/prodtechnol/exchange/Analyzer/642157a9-d1a7-4dd5-aa09-36892dbbe040.mspx?mfr=true

If you have a small org, then you can start typing an address, then use the arrow keys to highlight the desired one, then hit the Delete key.

Here is how to completely reset it
http://support.microsoft.com/kb/287623

This may work (I haven't used it)
http://www.ingressor.com/officemarketplace.htm

On the GCs, how is their replication set up? Fix Exchange first and then the computers. Maybe there isn't any problems with GC replication.
0
 
LVL 1

Author Comment

by:sethale
ID: 18082762
MAPI appears clean according to the exchange analyzer tools and clearing the user caches didn't fix.

GC replication is currently showing no problems on dcdiag and is set up as follows:

Parent domain DC1 (global catalog) replicating to all other DCs.

Child domain DC1 (global catalog) replicating to all other DCs.

The secondary DCs in both domains replicate to the 1st DC of both domains.
0
 
LVL 1

Author Comment

by:sethale
ID: 18082765
0
The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

 
LVL 23

Expert Comment

by:Stacy Spear
ID: 18084569
Good deal on the GCs. I think the only way to rule out MAPI is to get the version numbers and dates of the files. I could be wrong though.

So, GCs good, which means that the GAL should be good, now you need to look at the OAB generation process. Is being completed, is it rebuilt everynight (default), and when you go look at it in ESM (Org/Admin Groups/(your group)/Folders/Public Folders(right click and choose System Folders)/Offline Address Book/(your org)

Should be various OAB versions in there. If you click on one, then the Content Tab on the right. Should be a full one (that was generated last night for instance) and 3-7 partial ones that contain only the updates.

Are they there, and were any errors in the logs? Hopefully someone else with more OAB knowledge chimes in.
0
 
LVL 1

Author Comment

by:sethale
ID: 18089475
Event viewer with maximum OAB logging turned on only shows the 3 usual informational (started, stopped etc..) events having occured on the scheduled and a manually triggered rebuild.

My public (system) folders have:

/o=Dialect Group/cn/addrlists/cn=oabs/cn=Default Offline Address List
           - OAB Version 2
           - OAB Version 3a
           - OAB Version 4


One thing I did just notice which I don't think will make a difference but somebody more experienced than me may know about, it appears at some point in the systems creation the 2nd administrative group has been mispelled and correct but not everywhere.  The 2nd admin group is called "Front End" but under the offline address book folder its DN is: "EX:/o=Dialect Group/ou=Fornt End"

That shouldn't be a criticial flaw given I don't replicate public folders to the front end should it?
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 18089993
Once created, its there, misspelllings and all. :)

Click on OAB v4 for instance and under content on the right you should see them (OWA style window).

These OUs where the problem is, do they have a different recipient policy than the OUs that are not having issues? I am just wondering if this is a RUS issue. If it isn't stamping the addresses properly, then the address in the GAL isn't right either.
0
 
LVL 1

Author Comment

by:sethale
ID: 18090161
Content tab shows the last 13 days worth of 5am rebuild posts (all those .oab attachments), which I presume is normal behaviour.

I've got 3 RUS entries but they work at a domain/company level, nothing down to the user or group level.

Would it be worth manually deleting the offline address book and associated public folders and creating entirely new ones?
0
 
LVL 1

Author Comment

by:sethale
ID: 18119628
Only other symptom I can find is that when I go the mailboxes of the affected staff in ESM and attempt to do "Exchange Tasks" I am getting the error:


There is no such object on the server

Facility: LDAP Provider
ID no: 80072030
Microsoft Active Directory - Exchange Extension


I can successfully go to exchange tasks on othe mailboxes within the same IS...


Becoming convinced the AD in my domain was really badly implemented.
0
 
LVL 23

Accepted Solution

by:
Stacy Spear earned 500 total points
ID: 18119956
Generally (but not always) those errors are the result of Outlook and Exchange on the same machine. To be sure, take a fresh machine that has never had Outlook (of any variety) on it, install ESM and the admin pack, then try the exact same sequence of steps.
0
 
LVL 1

Author Comment

by:sethale
ID: 18211179
Repair install failed to address the problem, so I'm going to try the ever entertaining fresh build of the server.

Awarding you the points darkstar since you've helped me rule out a bunch of possible causes.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now