Solved

Exchange 2007 errors, how to solve?

Posted on 2010-08-29
4
849 Views
Last Modified: 2012-05-10
This is using Windows 2003 ad domain, with 2 exchange 2007 servers. Only one exch server - exch003 is join ad domain, holds 3 roles - CA, Mailbox, and hub transport. The other one is edge transport server - exch002. Recently, found that there is some delay for mail sending internally and externally. 3 major errors were found in application log in exch003 server:

   1. Source:MsexchangeSA
       EventID: 9513

       Microsoft Exchange System attendant reported an error '0x80072020' when sending DS notificaiton.

    2. Source: MsExchangeTransport
        EventID: 12019

        The remote internal transport certificate expired. Certificate subject: cn=exch002

    3. Source: MsExchangeTransport
        EventID: 12014


What's went wrong? How to solve it?
0
Comment
Question by:Balack
  • 2
4 Comments
 
LVL 6

Expert Comment

by:craig_j_Lawrence
ID: 33555839
Hi Balack,

from the information posted it appears that the certuficate on your edge server has expired. Here is an article to describe how to update your certificate: http://msmvps.com/blogs/andersonpatricio/archive/2009/10/02/how-to-renew-the-self-signed-certificate-using-exchange-2010.aspx

Hope that helps

Craig
0
 
LVL 2

Accepted Solution

by:
greenasp earned 500 total points
ID: 33555848
It expires every year, this is how to issue a new cert...... it is easy..

First open up the exchange shell and type the command Get-ExchangeCertificate | List

This will show the current certificate and you can see the expiry date of it

Create a new certificate with the command
New-ExchangeCertificate
It will prompt to overwrite SMTP, say Yes

Now if you run
Get-ExchangeCertificate | List
You will see both certificates listed. They each have a thumbprint which is their unique identifier.

You will also see that the old certificate is still being used for IIS.

Enable the new certificate for IIS with the command
Enable-ExchangeCertificate -Thumbprint (new certificate's thumprint) -Service IIS

Now remove the old certificate
Remove-ExchangeCertificate -Thumbprint (old certificate's thumbprint)

And you're done
0
 

Author Comment

by:Balack
ID: 33556835
Hi greenasp,

After renewing all the certs, will it run into the ms outlook certificate error issue?
0
 

Author Closing Comment

by:Balack
ID: 33698000
Good
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
how to add IIS SMTP to handle application/Scanner relays into office 365.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now