Solved

Exchange 2007 errors, how to solve?

Posted on 2010-08-29
4
852 Views
Last Modified: 2012-05-10
This is using Windows 2003 ad domain, with 2 exchange 2007 servers. Only one exch server - exch003 is join ad domain, holds 3 roles - CA, Mailbox, and hub transport. The other one is edge transport server - exch002. Recently, found that there is some delay for mail sending internally and externally. 3 major errors were found in application log in exch003 server:

   1. Source:MsexchangeSA
       EventID: 9513

       Microsoft Exchange System attendant reported an error '0x80072020' when sending DS notificaiton.

    2. Source: MsExchangeTransport
        EventID: 12019

        The remote internal transport certificate expired. Certificate subject: cn=exch002

    3. Source: MsExchangeTransport
        EventID: 12014


What's went wrong? How to solve it?
0
Comment
Question by:Balack
  • 2
4 Comments
 
LVL 6

Expert Comment

by:craig_j_Lawrence
ID: 33555839
Hi Balack,

from the information posted it appears that the certuficate on your edge server has expired. Here is an article to describe how to update your certificate: http://msmvps.com/blogs/andersonpatricio/archive/2009/10/02/how-to-renew-the-self-signed-certificate-using-exchange-2010.aspx

Hope that helps

Craig
0
 
LVL 2

Accepted Solution

by:
greenasp earned 500 total points
ID: 33555848
It expires every year, this is how to issue a new cert...... it is easy..

First open up the exchange shell and type the command Get-ExchangeCertificate | List

This will show the current certificate and you can see the expiry date of it

Create a new certificate with the command
New-ExchangeCertificate
It will prompt to overwrite SMTP, say Yes

Now if you run
Get-ExchangeCertificate | List
You will see both certificates listed. They each have a thumbprint which is their unique identifier.

You will also see that the old certificate is still being used for IIS.

Enable the new certificate for IIS with the command
Enable-ExchangeCertificate -Thumbprint (new certificate's thumprint) -Service IIS

Now remove the old certificate
Remove-ExchangeCertificate -Thumbprint (old certificate's thumbprint)

And you're done
0
 

Author Comment

by:Balack
ID: 33556835
Hi greenasp,

After renewing all the certs, will it run into the ms outlook certificate error issue?
0
 

Author Closing Comment

by:Balack
ID: 33698000
Good
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question