• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 397
  • Last Modified:

Exchange 2003, Exchange 2007, and etrust SCM. its a party

hello all:

i've been on a 24 hour binge of google and nada thus far, even though this topic has been hammered so many times.

So we have a exchange 2003 box with etrust Secure Content manager on it. All mail outbound, and inbound go through SCM. the SCM listens on port 25 (external and internal) and exchange 2003 listens on 2525 and sends on port 25.

the exchange 2007 (sp1) was installed using an excellent punch list (http://www.msexchange.org/tutorials/Transitioning-Exchange-2000-2003-Exchange-Server-2007-Part1.html) to the T with no problems along the way. moving mailboxes was fine (just moved a couple) but was getting the infamous "451 5.7.3 cannot acheive exchange server authentication". Quick google pointed to the intergrated windows auth. on the 2003 default SMTP virtual server, which i did. no change.

i rebuilt the routing connectors several times (currently have a interop rgc) which can be seen in the 2003 ESM.  and eventually email was able to go from exchange 2003 to 2007.

So, outside people can email to the one user on the 2007 server. Inside people on the 2003 can email to the user on the 2007. 2007 can send to people outside (using the smarthost on the 2003 SCM server), but cannot send to local users.

OWA does switch over (internally, haven't changed the outside DNS settings yet) for the 2007 user.

any suggestions?
0
deomega22
Asked:
deomega22
  • 4
  • 3
1 Solution
 
deomega22Author Commented:
also, i did make a send connector for the email domain to send on port 2525 and it is currently set to use dns settings, not smarthost.
0
 
gupnitCommented:
Hi,
Great lets take it up step by step...I need some pointers !!
Are both 2k3 & 2k7 users in same domain. Single ORG right...as there is not mention of forests here..>!!
When you say that User in 2k7 cannot send to Internal Users, you mean to users on 2k3 box. right ? Well, can you recreate the Connector that shoots mails from 2k7 to 2k3 and tell me how has it been configured.
Thanks
Nitin
0
 
deomega22Author Commented:
single domain

correct, 07 users cannot send to 03 users.

i have two send connectors on the 07 box. one is to internet ( smtp * 1) it's being routed to the smarthost.

the other is for internal (smtp mydomain.com 1). currently i have its using mx/dns records to route. i did try setting the ip of the exchange 2003 box in the smarthost and sending on port 2525. neither worked. though finding the server isn't the problem, it authentication.

here's a fl on the conectors:

[PS] U:\>Get-SendConnector | fl


AddressSpaces                : {SMTP:*;1}
AuthenticationCredential     :
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : False
DomainSecureEnabled          : False
Enabled                      : True
ForceHELO                    : False
Fqdn                         : mail.mydomain.com
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : ex07
Identity                     : To internet
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
LinkedReceiveConnector       :
MaxMessageSize               : 10MB
Name                         : To internet
Port                         : 25
ProtocolLoggingLevel         : None
RequireTLS                   : False
SmartHostAuthMechanism       : None
SmartHosts                   : {[192.168.150.10]}
SmartHostsString             : [192.168.150.10]
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {ex07}
UseExternalDNSServersEnabled : False

AddressSpaces                : {SMTP:mydomain.com;1}
AuthenticationCredential     :
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : True
DomainSecureEnabled          : False
Enabled                      : True
ForceHELO                    : False
Fqdn                         : mail.mydomain.com
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : ex07
Identity                     : To Local
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
LinkedReceiveConnector       :
MaxMessageSize               : unlimited
Name                         : To Local
Port                         : 2525
ProtocolLoggingLevel         : None
RequireTLS                   : False
SmartHostAuthMechanism       : None
SmartHosts                   : {}
SmartHostsString             :
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {ex07}
UseExternalDNSServersEnabled : False
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
gupnitCommented:
Hi,
Yu do not need a seperate Connector from 2007 to 2003, create a new RG Connector between the RGs that will the birdirectional....!!
Leave the Internet SMTP Connector as it is
Here are steps: http://technet.microsoft.com/en-us/library/aa997292(EXCHG.80).aspx
Let me know
Cheers
Nitin
0
 
deomega22Author Commented:
after the installation, and things were failing i went a google rampage. i wound up deleting the original rgc's that were made at install. i did find that article and copied it, replacing server names of course.

the rgc's show up in both the power shell and 2003 ESM.

do i need to get anything from the original install that i deleted?
0
 
deomega22Author Commented:
Solution found, though it was never really lost....

there are no port settings on rgc's. so when my exchange2003 box was listening on port 2525 and sending on 25, it could send mail to exchange2007, but since exchange2007 was not communicating with port 25 it was failing.

Microsoft: if you are reading this, why was exchange 2007 saying that another exchange server was throwing the "451 5.7.3 cannot acheive exchange server authentication"? perhaps saying "no connection could be made" would be better. just a thought.

thank you gupnit for your efforts. points awarded.
0
 
gupnitCommented:
My Pleasure :-) !
Good to see you got it, actually sometime with no access it is diffcult to pin point exact configs
Thanks
Nitin
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now