Solved

Exchange 2007 errors, how to solve?

Posted on 2010-08-29
4
853 Views
Last Modified: 2012-05-10
This is using Windows 2003 ad domain, with 2 exchange 2007 servers. Only one exch server - exch003 is join ad domain, holds 3 roles - CA, Mailbox, and hub transport. The other one is edge transport server - exch002. Recently, found that there is some delay for mail sending internally and externally. 3 major errors were found in application log in exch003 server:

   1. Source:MsexchangeSA
       EventID: 9513

       Microsoft Exchange System attendant reported an error '0x80072020' when sending DS notificaiton.

    2. Source: MsExchangeTransport
        EventID: 12019

        The remote internal transport certificate expired. Certificate subject: cn=exch002

    3. Source: MsExchangeTransport
        EventID: 12014


What's went wrong? How to solve it?
0
Comment
Question by:Balack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 6

Expert Comment

by:craig_j_Lawrence
ID: 33555839
Hi Balack,

from the information posted it appears that the certuficate on your edge server has expired. Here is an article to describe how to update your certificate: http://msmvps.com/blogs/andersonpatricio/archive/2009/10/02/how-to-renew-the-self-signed-certificate-using-exchange-2010.aspx

Hope that helps

Craig
0
 
LVL 2

Accepted Solution

by:
greenasp earned 500 total points
ID: 33555848
It expires every year, this is how to issue a new cert...... it is easy..

First open up the exchange shell and type the command Get-ExchangeCertificate | List

This will show the current certificate and you can see the expiry date of it

Create a new certificate with the command
New-ExchangeCertificate
It will prompt to overwrite SMTP, say Yes

Now if you run
Get-ExchangeCertificate | List
You will see both certificates listed. They each have a thumbprint which is their unique identifier.

You will also see that the old certificate is still being used for IIS.

Enable the new certificate for IIS with the command
Enable-ExchangeCertificate -Thumbprint (new certificate's thumprint) -Service IIS

Now remove the old certificate
Remove-ExchangeCertificate -Thumbprint (old certificate's thumbprint)

And you're done
0
 

Author Comment

by:Balack
ID: 33556835
Hi greenasp,

After renewing all the certs, will it run into the ms outlook certificate error issue?
0
 

Author Closing Comment

by:Balack
ID: 33698000
Good
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question