Solved

Exchange 2003, Exchange 2007, and etrust SCM. its a party

Posted on 2008-10-02
7
389 Views
Last Modified: 2010-05-18
hello all:

i've been on a 24 hour binge of google and nada thus far, even though this topic has been hammered so many times.

So we have a exchange 2003 box with etrust Secure Content manager on it. All mail outbound, and inbound go through SCM. the SCM listens on port 25 (external and internal) and exchange 2003 listens on 2525 and sends on port 25.

the exchange 2007 (sp1) was installed using an excellent punch list (http://www.msexchange.org/tutorials/Transitioning-Exchange-2000-2003-Exchange-Server-2007-Part1.html) to the T with no problems along the way. moving mailboxes was fine (just moved a couple) but was getting the infamous "451 5.7.3 cannot acheive exchange server authentication". Quick google pointed to the intergrated windows auth. on the 2003 default SMTP virtual server, which i did. no change.

i rebuilt the routing connectors several times (currently have a interop rgc) which can be seen in the 2003 ESM.  and eventually email was able to go from exchange 2003 to 2007.

So, outside people can email to the one user on the 2007 server. Inside people on the 2003 can email to the user on the 2007. 2007 can send to people outside (using the smarthost on the 2003 SCM server), but cannot send to local users.

OWA does switch over (internally, haven't changed the outside DNS settings yet) for the 2007 user.

any suggestions?
0
Comment
Question by:deomega22
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:deomega22
ID: 22628220
also, i did make a send connector for the email domain to send on port 2525 and it is currently set to use dns settings, not smarthost.
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22628650
Hi,
Great lets take it up step by step...I need some pointers !!
Are both 2k3 & 2k7 users in same domain. Single ORG right...as there is not mention of forests here..>!!
When you say that User in 2k7 cannot send to Internal Users, you mean to users on 2k3 box. right ? Well, can you recreate the Connector that shoots mails from 2k7 to 2k3 and tell me how has it been configured.
Thanks
Nitin
0
 

Author Comment

by:deomega22
ID: 22629073
single domain

correct, 07 users cannot send to 03 users.

i have two send connectors on the 07 box. one is to internet ( smtp * 1) it's being routed to the smarthost.

the other is for internal (smtp mydomain.com 1). currently i have its using mx/dns records to route. i did try setting the ip of the exchange 2003 box in the smarthost and sending on port 2525. neither worked. though finding the server isn't the problem, it authentication.

here's a fl on the conectors:

[PS] U:\>Get-SendConnector | fl


AddressSpaces                : {SMTP:*;1}
AuthenticationCredential     :
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : False
DomainSecureEnabled          : False
Enabled                      : True
ForceHELO                    : False
Fqdn                         : mail.mydomain.com
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : ex07
Identity                     : To internet
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
LinkedReceiveConnector       :
MaxMessageSize               : 10MB
Name                         : To internet
Port                         : 25
ProtocolLoggingLevel         : None
RequireTLS                   : False
SmartHostAuthMechanism       : None
SmartHosts                   : {[192.168.150.10]}
SmartHostsString             : [192.168.150.10]
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {ex07}
UseExternalDNSServersEnabled : False

AddressSpaces                : {SMTP:mydomain.com;1}
AuthenticationCredential     :
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : True
DomainSecureEnabled          : False
Enabled                      : True
ForceHELO                    : False
Fqdn                         : mail.mydomain.com
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : ex07
Identity                     : To Local
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
LinkedReceiveConnector       :
MaxMessageSize               : unlimited
Name                         : To Local
Port                         : 2525
ProtocolLoggingLevel         : None
RequireTLS                   : False
SmartHostAuthMechanism       : None
SmartHosts                   : {}
SmartHostsString             :
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {ex07}
UseExternalDNSServersEnabled : False
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 32

Accepted Solution

by:
gupnit earned 500 total points
ID: 22631960
Hi,
Yu do not need a seperate Connector from 2007 to 2003, create a new RG Connector between the RGs that will the birdirectional....!!
Leave the Internet SMTP Connector as it is
Here are steps: http://technet.microsoft.com/en-us/library/aa997292(EXCHG.80).aspx
Let me know
Cheers
Nitin
0
 

Author Comment

by:deomega22
ID: 22638839
after the installation, and things were failing i went a google rampage. i wound up deleting the original rgc's that were made at install. i did find that article and copied it, replacing server names of course.

the rgc's show up in both the power shell and 2003 ESM.

do i need to get anything from the original install that i deleted?
0
 

Author Comment

by:deomega22
ID: 22655862
Solution found, though it was never really lost....

there are no port settings on rgc's. so when my exchange2003 box was listening on port 2525 and sending on 25, it could send mail to exchange2007, but since exchange2007 was not communicating with port 25 it was failing.

Microsoft: if you are reading this, why was exchange 2007 saying that another exchange server was throwing the "451 5.7.3 cannot acheive exchange server authentication"? perhaps saying "no connection could be made" would be better. just a thought.

thank you gupnit for your efforts. points awarded.
0
 
LVL 32

Expert Comment

by:gupnit
ID: 22657192
My Pleasure :-) !
Good to see you got it, actually sometime with no access it is diffcult to pin point exact configs
Thanks
Nitin
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question