Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies. Only from Platform Scholar.
Course Of The Month
9 days, 3 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Mail flows one way from one 2007 box, but not vice versa
Posted on 2011-03-09
Hi,
I currently have two exchange servers in two sites. The plan is to move all mailboxes from Site A to Site B so we can decomission the server, but this is a project that will take a few months to complete so both servers need to send mail back and forth depending on where users mailboxes are.
Site A is old site, Site B is the new.
Site A has User A in its mailbox DB
Site B has User B in its mailbox DB
User A can send mail to User B, external can send to User B
BUT
User B cannot send to anyone at Site A, but can to others at Site B
The messages sit in the queue and report "4.4.0 Primary target IP address responded with: “454.4.7.0 Temporary authentication failure.” Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts or deliver failed to all alternate hosts. "
In the eventlogs the Transport Service throws Error 2017 "Outbound authentication failed with error TargetUnknown for Send connector Intra-Organization SMTP Send Connector. The authentication mechanism is ExchangeAuth. The target is SMTPSVC/externalFQDN.domai
externalFQDN.domain.com is what users use for connecting to OWA etc so has been changed for security.
What I dont understand is why it appears to want to go the external route, and not through the internal route to server.domain.local at Site A.
Any help that anyone can suggest would be greatly appreciated as this is holding up a project.
CHeers,
RIch.
I currently have two exchange servers in two sites. The plan is to move all mailboxes from Site A to Site B so we can decomission the server, but this is a project that will take a few months to complete so both servers need to send mail back and forth depending on where users mailboxes are.
Site A is old site, Site B is the new.
Site A has User A in its mailbox DB
Site B has User B in its mailbox DB
User A can send mail to User B, external can send to User B
BUT
User B cannot send to anyone at Site A, but can to others at Site B
The messages sit in the queue and report "4.4.0 Primary target IP address responded with: “454.4.7.0 Temporary authentication failure.” Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts or deliver failed to all alternate hosts. "
In the eventlogs the Transport Service throws Error 2017 "Outbound authentication failed with error TargetUnknown for Send connector Intra-Organization SMTP Send Connector. The authentication mechanism is ExchangeAuth. The target is SMTPSVC/externalFQDN.domai
externalFQDN.domain.com is what users use for connecting to OWA etc so has been changed for security.
What I dont understand is why it appears to want to go the external route, and not through the internal route to server.domain.local at Site A.
Any help that anyone can suggest would be greatly appreciated as this is holding up a project.
CHeers,
RIch.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2-
2
4 Comments
In Site A Please check the permission on default receive connectors on each Hub Servers.
Get-ReceiveConnector -Identity "SERVERNAME\Default SERVERNAME" | fl PermissionGroups
Make sure "Exchange servers" are listed in the permissionGroups.
PermissionGroups : AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers, Custom
Get-ReceiveConnector -Identity "SERVERNAME\Default SERVERNAME" | fl PermissionGroups
Make sure "Exchange servers" are listed in the permissionGroups.
PermissionGroups : AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers, Custom
Hi,
In site A on the Exchange server permission are Anonymous, Exchange users, Exchange Servers, Exchange Legacy Servers.
Site B is Exchange Users, Exchange Servers, Exchange Legacy Servers.
So both have Exchange servers set in permissions.
Rich.
In site A on the Exchange server permission are Anonymous, Exchange users, Exchange Servers, Exchange Legacy Servers.
Site B is Exchange Users, Exchange Servers, Exchange Legacy Servers.
So both have Exchange servers set in permissions.
Rich.
I think this applied to your scenario. Sorry I did not notice Error 2017 in your original question.
http://www.microsoft.com/products/ee/transform.aspx?ProdName=Exchange&ProdVer=8.0.685.18&EvtID=2017&EvtSrc=MSExchangeTransport&FileVer=8.0.685.18&FileName=Microsoft.Exchange.Transport.EventLog.dll&EvtType=Fehler&LCID=
http://www.microsoft.com/products/ee/transform.aspx?ProdName=Exchange&ProdVer=8.0.685.18&EvtID=2017&EvtSrc=MSExchangeTransport&FileVer=8.0.685.18&FileName=Microsoft.Exchange.Transport.EventLog.dll&EvtType=Fehler&LCID=
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.:
Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
The video tutorial explains the basics of the Exchange server Database Availability groups.
The components of this video include:
1. Automatic Failover
2. Failover Clustering
3. Active Manager
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month9 days, 3 hours left to enroll
615 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.