ChocolateRain
asked on
Post-Exmerge Inter-Forest Exchange2003 Migration Reply Problem
We've migrated many of our users using Exmerge and now when they reply to a message it gives looks like it is going to work but fails with an undeliverable message. If you click on the username in the "To..." field it is blank in SMTP and fails. If they create a new email it works just fine and they can send no problem. It appears that the Distinguished name of of the old emails contacts (To.., From..., etc) are still referencing the old forest and therefore when the user is trying to reply to these old emails it is 'looking' in the wrong forest, hence the undeliverable. We've looked at TONS of articles regarding migration with Exmerge and never even heard of this, is this a failure of Exmerge, how it works normally or something we are doing wrong? Thanks!
ASKER
NK2 file has been nuked on each profile, we encountered this snafu earlier.
NDR is as follows:
Your message did not reach some or all of the intended recipients.
Subject: RE: my autoarchive message
Sent: 2/21/2011 2:27 PM
The following recipient(s) cannot be reached:
'Joe Smith' on 2/21/2011 2:27 PM
The message could not be delivered because the recipient's destination email system is unknown or invalid. Please check the address and try again, or contact your system administrator to verify connectivity to the email system of the recipient.
<exchangebe1.domainname.lc
Cached mode is on.
OWA doesn't work either, same NDR.
NDR is as follows:
Your message did not reach some or all of the intended recipients.
Subject: RE: my autoarchive message
Sent: 2/21/2011 2:27 PM
The following recipient(s) cannot be reached:
'Joe Smith' on 2/21/2011 2:27 PM
The message could not be delivered because the recipient's destination email system is unknown or invalid. Please check the address and try again, or contact your system administrator to verify connectivity to the email system of the recipient.
<exchangebe1.domainname.lc
Cached mode is on.
OWA doesn't work either, same NDR.
Could you please provide me detail from where to where you migrated users? Before migration what was the scenario and what is the environment in new messaging system? Was there any relation between both one?
The only way i can think of to fix this would be to add the old domain to the mail server as a 2nd email address. IE if you moved from stuff.local to otherstuff.com when they repy to a old email it goes to joe@stuff.com if you add joe@stuff.com to joe@otherstuff.com mail account if should route it correctly. There is a way to apply a second domain to all accounts at one shot but I don't have an exchange server to test on anymore.
Let me go through the whole page you just mentioned above. I will get back to you soon.
ASKER
It was an inter-forest migration and we retained the same naming space for the email addresses (@companyname.com). The email address domain is separate from either forest domain name, for these purposes we'll call them @domainold.com and !@domainnew.lcl. This error NDR only occurs when trying to reply to Exmerged mail to internal users, new emails that come in they can reply to them just fine as well as externals.
I think this may be related to why nobody can change, cancel or do anything to any previously scheduled meetings or calendar items, but we'll see.
If you click on the name of the email it doesn't show you anything underneath "Email address" it is totally blank. In addition, the distinguished name is still referencing the domainold.com.
I think this may be related to why nobody can change, cancel or do anything to any previously scheduled meetings or calendar items, but we'll see.
If you click on the name of the email it doesn't show you anything underneath "Email address" it is totally blank. In addition, the distinguished name is still referencing the domainold.com.
Here is an excerpt from our support files we provide to customers of our Exchange add on products of which you can see more about in my profile. Anyway....
This issue is caused by the LegacyExchangeDn parameter. see more here. http://support.microsoft.com/kb/555197
Best practice would be to add the old legacy Exchange DN in as an additional x.500 address so that replies to old messages and preexisting meeting information doesn't bounce.
1. What they need to do is use ADSI Edit to edit the mailbox LegacyExchangeDn properties back to the old value.
NOTE: this will only be a problem for historic emails and meetings, not new ones so eventually the LegacyExchangeDn attribute will not be used, but for now they would need to change the attribute to ensure they can be answered etc.
A. Look the historic users LegacyExchangeDn to get the prefix before the mailbox name and then act accordingly
B. WARNING: ADSI Edit is a very powerful utility that should be used with extreme caution.
i. Lucid8 is providing the information herein as sample reference material as a courtesy and does not recommend or warrant the use of ADSI Edit.
ii. If you use the ADSI Edit snap-in to make modifications and incorrectly modify the attributes of Active Directory objects, you can cause serious problems.
iii. If you choose to utilize ADSI Edit to modify attributes of objects within Active Directory you do so at your own risk
2. We highly recommend them creating a sample mailbox and testing this before they do it to a production user just because as referenced above ADSI Edit is a powerful tool. That said what they will want to do is
a. Copy the existing LegacyExchangeDn to create as an x.500 address
b. then modify the existing value to reflect the proper name and add the address.
Example
Source user LegacyExchangeDn: /o=L8/ou=First Administrative Group/cn=Recipients/cn=Use
Target email address to be added: X500: /o=L8/ou=First Administrative Group/cn=Recipients/cn=Use
This issue is caused by the LegacyExchangeDn parameter. see more here. http://support.microsoft.com/kb/555197
Best practice would be to add the old legacy Exchange DN in as an additional x.500 address so that replies to old messages and preexisting meeting information doesn't bounce.
1. What they need to do is use ADSI Edit to edit the mailbox LegacyExchangeDn properties back to the old value.
NOTE: this will only be a problem for historic emails and meetings, not new ones so eventually the LegacyExchangeDn attribute will not be used, but for now they would need to change the attribute to ensure they can be answered etc.
A. Look the historic users LegacyExchangeDn to get the prefix before the mailbox name and then act accordingly
B. WARNING: ADSI Edit is a very powerful utility that should be used with extreme caution.
i. Lucid8 is providing the information herein as sample reference material as a courtesy and does not recommend or warrant the use of ADSI Edit.
ii. If you use the ADSI Edit snap-in to make modifications and incorrectly modify the attributes of Active Directory objects, you can cause serious problems.
iii. If you choose to utilize ADSI Edit to modify attributes of objects within Active Directory you do so at your own risk
2. We highly recommend them creating a sample mailbox and testing this before they do it to a production user just because as referenced above ADSI Edit is a powerful tool. That said what they will want to do is
a. Copy the existing LegacyExchangeDn to create as an x.500 address
b. then modify the existing value to reflect the proper name and add the address.
Example
Source user LegacyExchangeDn: /o=L8/ou=First Administrative Group/cn=Recipients/cn=Use
Target email address to be added: X500: /o=L8/ou=First Administrative Group/cn=Recipients/cn=Use
ASKER
Ok so I've used ASDI Edit and compared users that are having no problem sending or being a recipient of old emails (email prior to the move) with ones that are having problems and they are identical. I've seen users that are having problems with those that aren't with identically formatted X400 and X500 addresses.
Yet although these users are identical in ASDI Edit and ADUC for their X400 and X500 addresses when I reply to an old email to some users it identifies this info (X400 and X500 addresses) when i reply to a message and other users it does not. When i reply to a functioning user it shows their info if I click on their name from the GAL or OAB. But other users the area of "Email Addresses" on their GAL/OAB "card" is showing as completely blank. Any idea why certain users would not have any info being populated to these fields?
Yet although these users are identical in ASDI Edit and ADUC for their X400 and X500 addresses when I reply to an old email to some users it identifies this info (X400 and X500 addresses) when i reply to a message and other users it does not. When i reply to a functioning user it shows their info if I click on their name from the GAL or OAB. But other users the area of "Email Addresses" on their GAL/OAB "card" is showing as completely blank. Any idea why certain users would not have any info being populated to these fields?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Figured out that this and another symptom we were having were actually the same underlying problem. We 'fixed' this as illustrated on the other ticket the avoid link points to.
- Did you move users on new machine and new profile or you also migrated user's Windows Profile? If this is the case, user might have picking names from Cache. To disable this, you need to either delete .nk2 file from every machine or need to disable "Auto Suggestion" by Group Policy.
- What is the NDR Message?
- Did you try Non-Exchaneg Cached Mode?
- Did you give a try to OWA?
Provide me answers in details so so that i can provide you exact solution in one shot......