aconway
asked on
Exchange 2003 to 2010 new forest migration 'bug' - replying to Outlook internal emails poisons NK2 file
I am just finishing up a migration to a new Exchange 2010 server, from an old 2003 system. It wasn't a "normal" migration, actually -- I created a separate new forest and totally new mailboxes and then manually exported/imported PST files into each mailbox on the new Exchange 2010 server...
More important details:
The old 2003 server was an GC + Exchange 2003, for 'olddomain.com' and also hosted email for a second "newdomain.com"... which was to become our NEW name/company re-brand... but we didn't have new servers yet, so we just hosted newdomain.com on the Exchange 2003 box in the mean time...
So we get new servers going finally, and set them up for the new forest as 'office.newdomain.com' -- 2 servers: exchange.office.newdomain.
We still want to get emails for olddomain.com (for legacy purposes) so I add that as a second accepted domain into Exchange 2010 and all seemed to be working...
Until someone "replies" to an old INTERNAL email (any internal email that was imported from the 2003 server), it somehow corrupts the outlook NK2 file and from that point forward, ALL INTERNAL emails bounce! External SMTP still works, but ALL internal bounces... if I delete the Outlook NK2 file, it fixes the problem and users can send internal emails once again!
It seems like it's reading some sort of Active Directory attributes from the old emails.. or something.. I don't know enough at this point to further track down the problem and was hoping for some advice!.. here is the bounce error:
Delivery has failed to these recipients or groups:
'UserExample1'
The e-mail address you entered couldn't be found. Please check the recipient's e-mail address and try to resend the message. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: EXCHANGE.office.newdomain.
IMCEAEX-_O=OLDDOMAIN_OU=FI
#550 5.1.1 RESOLVER.ADR.ExRecipNotFou
(^^^^^^^^^ it references the old domain here at the beginning of this line, then the new domain at the end???)
Original message headers:
Received: from EXCHANGE.office.newdomain.
([fe80::900a:2390:8831:dba
([fe80::900a:2390:8831:dba
09:07:11 -0700
Content-Type: application/ms-tnef; name="winmail.dat"
Content-Transfer-Encoding:
From: UserExample2 <userexample2@newdomain.co
To: 'UserExample1' <userexample1@newdomain.co
Subject: test
Thread-Topic: test
Thread-Index: AcwI4v7gNrIlpE8CSFCV9dh8ku
Date: Mon, 2 May 2011 09:07:10 -0700
Message-ID: <FE5329F5007D6E4896997D0B4
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <FE5329F5007D6E4896997D0B4
MIME-Version: 1.0
X-Originating-IP: [192.168.1.152]
More potentially important info: I have a 2 way trust between the 2 forests, and I have DHCP set to assign Primary DNS as the newdomain DNS IP, and the Secondary DNS as the olddomain.com DNS IP. The new servers are also configured with their secondary DNS set as the olddomain DNS server. I wasn't planning on totally retiring the olddomain server for another couple weeks and wanted it online at the same time as the new system and have them talking to each other... but I am not sure if this is contributing to the problem or if it's just some weird active directory thing?
More important details:
The old 2003 server was an GC + Exchange 2003, for 'olddomain.com' and also hosted email for a second "newdomain.com"... which was to become our NEW name/company re-brand... but we didn't have new servers yet, so we just hosted newdomain.com on the Exchange 2003 box in the mean time...
So we get new servers going finally, and set them up for the new forest as 'office.newdomain.com' -- 2 servers: exchange.office.newdomain.
We still want to get emails for olddomain.com (for legacy purposes) so I add that as a second accepted domain into Exchange 2010 and all seemed to be working...
Until someone "replies" to an old INTERNAL email (any internal email that was imported from the 2003 server), it somehow corrupts the outlook NK2 file and from that point forward, ALL INTERNAL emails bounce! External SMTP still works, but ALL internal bounces... if I delete the Outlook NK2 file, it fixes the problem and users can send internal emails once again!
It seems like it's reading some sort of Active Directory attributes from the old emails.. or something.. I don't know enough at this point to further track down the problem and was hoping for some advice!.. here is the bounce error:
Delivery has failed to these recipients or groups:
'UserExample1'
The e-mail address you entered couldn't be found. Please check the recipient's e-mail address and try to resend the message. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: EXCHANGE.office.newdomain.
IMCEAEX-_O=OLDDOMAIN_OU=FI
#550 5.1.1 RESOLVER.ADR.ExRecipNotFou
(^^^^^^^^^ it references the old domain here at the beginning of this line, then the new domain at the end???)
Original message headers:
Received: from EXCHANGE.office.newdomain.
([fe80::900a:2390:8831:dba
([fe80::900a:2390:8831:dba
09:07:11 -0700
Content-Type: application/ms-tnef; name="winmail.dat"
Content-Transfer-Encoding:
From: UserExample2 <userexample2@newdomain.co
To: 'UserExample1' <userexample1@newdomain.co
Subject: test
Thread-Topic: test
Thread-Index: AcwI4v7gNrIlpE8CSFCV9dh8ku
Date: Mon, 2 May 2011 09:07:10 -0700
Message-ID: <FE5329F5007D6E4896997D0B4
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <FE5329F5007D6E4896997D0B4
MIME-Version: 1.0
X-Originating-IP: [192.168.1.152]
More potentially important info: I have a 2 way trust between the 2 forests, and I have DHCP set to assign Primary DNS as the newdomain DNS IP, and the Secondary DNS as the olddomain.com DNS IP. The new servers are also configured with their secondary DNS set as the olddomain DNS server. I wasn't planning on totally retiring the olddomain server for another couple weeks and wanted it online at the same time as the new system and have them talking to each other... but I am not sure if this is contributing to the problem or if it's just some weird active directory thing?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
At the time of moving mailbox from old domain to new domain, Did you manually stamped Legacy Exchagne DN of the old domain as an SMTP address in the new domain?
Cheers
Shaba
Cheers
Shaba
ASKER
I created fresh mailboxes on the new server...and added an SMTP address for the old domain to each user, yes... (then imported PST's manually, logged in as each user through Outlook).
What I mentioned is the legacy exchange dn attribute which outlook uses by default while replying to old emails. See if you can get that value from old domain and add it on proxy address attribute on the users you created on the new domain.
Tx
Shaba
Tx
Shaba
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Whats the easiest way to find the correct DN? ADSIedit on the old server for each user? What am I looking for, exactly?
ASKER
Ok, I found "Distinguished Name" in ADSI edit:
CN=User Example1,OU=Users,DC=olddo
So I would set up an X500 "custom" address for the mailbox on Exchange 2010, and the input would be exactly that?
CN=User Example1,OU=Users,DC=olddo
So I would set up an X500 "custom" address for the mailbox on Exchange 2010, and the input would be exactly that?
ASKER
Oh wait, I need LegacyExchangeDN.. I just found it.. working on it now...
Yea.. You did it.
Hope this issue is fixed :)
Cheerio
Shaba
Hope this issue is fixed :)
Cheerio
Shaba
ASKER
YES, I believe it is fixed! That was it! Thanks so much for your guidance. It totally makes sense now.
ASKER
I tried adding in an X500 a few times, in different variations, but I think I'm not getting the syntax exactly right... will try again tomorrow after sleep.