• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1109
  • Last Modified:

EX2007 on Windows server 2008 R2 can't send mail to Exchange 2003 on either Windows 2000 Server SP4 or windows 2003 R2 Server

Dear Experts,

I really got a big problem. I have been running two windows 2000 servers as domain controllers PDC, BDC for a longer time. Alongside an exchange 2003 was running on the basis of a windows 2000 server. Now we decided it was time to upgrade the server landscape.

We installed two core domain controllers based on windows 2008 R2 server and a server running Exchange 2007.

We then intended to move the mailboxes and public folders from exchange 2003 to exchange 2007. The move of a mailbox was smooth. When we tried to send email from user with his mailbox on ex2003 to the moved user on ex2007 it was successful. But answering this email back to the user on ex2003 did not work.

Next was to try a telnet session on port 25 from ex2003 to ex2007 and vice versa. This worked well. Each user could see the email in his mailbox.

Now what I assume is that exchange 2007 tries to authenticate at the ex2003 with a ticket that was issued from the windows 2008 R2 domain controller with a higher encryption level.

My admin tells me that we simply need to move the mailboxes and export the public folder and reimport them afterwards.

But I wonder if there is a way to bring Exchange 2007 to send mail to exchange 2003?

I appreciate any help!

Regards,
Bernd
0
Mar00k
Asked:
Mar00k
  • 14
  • 10
  • 5
1 Solution
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Do you have any Send connector with smarthost ?
What do you find if you do a message tracking of the email.
Is the RGC created between E2k3 and E2k7 ... Bidirectional ?

- Rancy
0
 
Exchange_GeekCommented:
Run the cmdlet and provide details

Get-RoutingGroupConnector | FL

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
Get-RoutingGroupConnector | FL result is as follows:


TargetRoutingGroup           : Erste Routinggruppe
Cost                         : 100
TargetTransportServers       : {EX3}
ExchangeLegacyDN             : /o=MyCompany/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=
                               Connections/cn=Interop-RGC
PublicFolderReferralsEnabled : True
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {EX7}
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : EX7
MaxMessageSize               : unlimited
AdminDisplayName             :
ExchangeVersion              : 0.1 (8.0.535.0)
Name                         : Interop-RGC
DistinguishedName            : CN=Interop-RGC,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Gro
                               ups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Meine
                               rs Druck,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=My-Local-Domain,DC
                               =de
Identity                     : Interop-RGC
Guid                         : ffc213a7-2d27-4af1-8da3-a3801bc328cd
ObjectCategory               : corp.My-Local-Domain.de/Configuration/Schema/ms-Exch-Routing-Group-Connector
ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}
WhenChanged                  : 18.07.2012 18:37:48
WhenCreated                  : 18.07.2012 18:37:48
OriginatingServer            : DCA.corp.My-Local-Domain.de
IsValid                      : True

TargetRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
Cost                         : 100
TargetTransportServers       : {EX7}
ExchangeLegacyDN             : /o=MyCompany/ou=Erste administrative Gruppe/cn=Configuration/cn=Connections/cn=Inter
                               op-RGC
PublicFolderReferralsEnabled : True
SourceRoutingGroup           : Erste Routinggruppe
SourceTransportServers       : {EX3}
HomeMTA                      : Microsoft MTA
HomeMtaServerId              : EX3
MaxMessageSize               : unlimited
AdminDisplayName             :
ExchangeVersion              : 0.1 (8.0.535.0)
Name                         : Interop-RGC
DistinguishedName            : CN=Interop-RGC,CN=Connections,CN=Erste Routinggruppe,CN=Routing Groups,CN=Erste administ
                               rative Gruppe,CN=Administrative Groups,CN=MyCompany,CN=Microsoft Exchange,CN=Service
                               s,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de
Identity                     : Interop-RGC
Guid                         : 618d5c4e-3a3e-4aa8-b64d-fe1f342e1f33
ObjectCategory               : corp.My-Local-Domain.de/Configuration/Schema/ms-Exch-Routing-Group-Connector
ObjectClass                  : {top, msExchConnector, msExchRoutingGroupConnector}
WhenChanged                  : 18.07.2012 18:37:48
WhenCreated                  : 18.07.2012 18:37:48
OriginatingServer            : DCA.corp.My-Local-Domain.de
IsValid                      : True

Regards,
Bernd
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Are you able to telnet from E2k7 server to E2k3 and drop an email ? can you please check and share your feedback with us.

Also check free space on E2k7 disk and services are running ?
What is the AV on the server ?
Message tracking ?
Also if you have any Send connector share details ?
Get-Sendconnector |fl

- Rancy
0
 
Exchange_GeekCommented:
Help us with any error / warning related to transport / mail submission service in app logs AND AND AND shut any AV you've got that might have its bad teeth hooked on to your transport service.

Message Track is important as it'll tell us whats wrong with the queues.

Lastly, can E2k7 mailbox email to themselves?

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
Are you able to telnet from E2k7 server to E2k3 and drop an email ? can you please check and share your feedback with us.
-----
220 es.corp.My-Local-Domain.de Microsoft ESMTP MAIL Service, Version: 5.0.2195.67
13 ready at  Sun, 12 Aug 2012 19:29:48 +0200
ehlo
250-es.corp.My-Local-Domain.de Hello [192.168.10.72]
250-TURN
250-ATRN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
MAIL from: administrator@My-Local-Domain.de
250 2.1.0 administrator@My-Local-Domain.de....Sender OK
rcpt to: bernd@My-Local-Domain.de
250 2.1.5 bernd@My-Local-Domain.de
data subject: test
354 Start mail input; end with <CRLF>.<CRLF>
that's it already
.
250 2.6.0 <ESVidqwU3I7aVJa7a1E00000005@es.corp.My-Local-Domain.de> Queued mail fo
r delivery
-----
This email arrived in the mailbox located at the exchange2003 server. Just as it should be.

>Also check free space on E2k7 disk and services are running ?
I've got several GB free on e2k7. Which services should run?

>What is the AV on the server ?
Huh? I am sorry but I do not understand. Please be aware I am not the administrator, just the one who cares for the "normal things" except from exchange. If you mean Anti virus: There is none right now.

>Message tracking ?
Any specific location where I can look for?

>Also if you have any Send connector share details ?
There is no send connector

>Get-Sendconnector |fl
No results in display. My admin told it is send internally via DNS and we won't need a send connector.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Check if SMTP Virtual Server on E2k3 has the "Anonymous, basic and integrated" checkboxes or not.

- Rancy
0
 
Exchange_GeekCommented:
>Also check free space on E2k7 disk and services are running ?
Can you provide a number to the free disk space? Also the disk needs to be the one where you've got Exchange installed.

>What is the AV on the server ?
AV as you guess is right, its Anti Virus, glad you don'y have one now.

>Message tracking ?
You'll need to track it on E2k7 box so run the cmdlet

Get-MessageTrackingLog -sender "Email address of mailbox on E2k7" -recipients "email address of mailbox on E2k3" | FL

>Get-Sendconnector |fl
No results in display. My admin told it is send internally via DNS and we won't need a send connector.

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
>Check if SMTP Virtual Server on E2k3 has the "Anonymous, basic and integrated"
>checkboxes or not.
Yes anonymous, standard and integrated are checked
0
 
Mar00kAuthor Commented:
>Help us with any error / warning related to transport / mail submission service in app logs

Ok, on the Exchange 2007 I checked the events: I got several Kerberos Issues with KDC_ERR_BADOPTION

e.g.:
------
Eine Kerberos-Fehlermeldung wurde auf
 Anmeldesitzung  empfangen:
 Clientzeit:
 Serverzeit: 18:51:22.0000 8/12/2012 Z
 Fehlercode: 0xd KDC_ERR_BADOPTION
 Erweiterter Fehler: 0xc00000bb KLIN(0)
 Clientbereich:
 Clientname:
 Serverbereich: CORP.My-Local-Domain.DE
 Servername: ex7$@CORP.My-Local-Domain.DE
 Zielname: ex7$@CORP.My-Local-Domain.DE@CORP.My-Local-Domain.DE
 Fehlertext:
 Datei: 9
 Zeile: f09
 Die Fehlerdaten stehen in den Berichtdaten.
------

I've checked C:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\ProtocolLog\SmtpSend where I would assume to find some info on sending to Exchange 2003 but the directory is empty.
0
 
Mar00kAuthor Commented:
About Message Tracking:
I just tried to send another email from administrator's outlook with mailbox on Exchaneg 2007 to myself with mailbox on Exchange 2003

result of
Get-MessageTrackingLog -sender "administrator@my-local-domain.de" -recipients "bernd@my-local-domain.de" | FL
is
-----------
Timestamp               : 12.08.2012 21:25:15
ClientIp                : fe80::ad8e:5f68:93e:be69
ClientHostname          : EX7.corp.my-local-domain.de
ServerIp                : fe80::ad8e:5f68:93e:be69%11
ServerHostname          : EX7
SourceContext           :
ConnectorId             :
Source                  : STOREDRIVER
EventId                 : RECEIVE
InternalMessageId       : 161
MessageId               : <1687703D2DF3E349AEE6F648367DEADB3CF526B39E@EX7.corp.my-local-domain.de>
Recipients              : {bernd@myinternet-domain.de}
RecipientStatus         : {}
TotalBytes              : 4309
RecipientCount          : 1
RelatedRecipientAddress :
Reference               :
MessageSubject          : Testmail
Sender                  : Administrator@myinternet-domain.de
ReturnPath              : Administrator@myinternet-domain.de
MessageInfo             : 03I:
-----------
0
 
Mar00kAuthor Commented:
>>Also check free space on E2k7 disk and services are running ?
>Can you provide a number to the free disk space?

Exchange is installed on a disk in total 50GB with 26GB free
0
 
Mar00kAuthor Commented:
Also found in the application event protocol of the Exchange 2007 server:

Protokollname: Application
Quelle:        MSExchangeTransport
Datum:         12.08.2012 19:42:46
Ereignis-ID:   5016
Aufgabenkategorie:(4)
Ebene:         Fehler
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      EX7.corp.My-Local-Domain.de
Beschreibung:
Die Beschreibung für die Ereignis-ID "5016" aus der Quelle "MSExchangeTransport" wurde nicht gefunden. Entweder ist die Komponente, die dieses Ereignis auslöst, nicht auf dem lokalen Computer installiert, oder die Installation ist beschädigt. Sie können die Komponente auf dem lokalen Computer installieren oder reparieren.

Falls das Ereignis auf einem anderen Computer aufgetreten ist, mussten die Anzeigeinformationen mit dem Ereignis gespeichert werden.

Die folgenden Informationen wurden mit dem Ereignis gespeichert:

CN=FAXmaker:i386 (HS),CN=Connections,CN=Erste Routinggruppe,CN=Routing Groups,CN=Erste administrative Gruppe,CN=Administrative Groups,CN=MyCompany,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de
12.08.2012 17:42:46

Die Meldungressource ist vorhanden, aber die Meldung wurde nicht in der Zeichenfolge-/Meldungstabelle gefunden

Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchangeTransport" />
    <EventID Qualifiers="49156">5016</EventID>
    <Level>2</Level>
    <Task>4</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2012-08-12T17:42:46.000000000Z" />
    <EventRecordID>61532</EventRecordID>
    <Channel>Application</Channel>
    <Computer>EX7.corp.My-Local-Domain.de</Computer>
    <Security />
  </System>
  <EventData>
    <Data>CN=FAXmaker:i386 (HS),CN=Connections,CN=Erste Routinggruppe,CN=Routing Groups,CN=Erste administrative Gruppe,CN=Administrative Groups,CN=MyCompany,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de</Data>
    <Data>12.08.2012 17:42:46</Data>
  </EventData>
</Event>

Protokollname: Application
Quelle:        MSExchangeTransport
Datum:         12.08.2012 19:42:46
Ereignis-ID:   5015
Aufgabenkategorie:(4)
Ebene:         Fehler
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      EX7.corp.My-Local-Domain.de
Beschreibung:
Die Beschreibung für die Ereignis-ID "5015" aus der Quelle "MSExchangeTransport" wurde nicht gefunden. Entweder ist die Komponente, die dieses Ereignis auslöst, nicht auf dem lokalen Computer installiert, oder die Installation ist beschädigt. Sie können die Komponente auf dem lokalen Computer installieren oder reparieren.

Falls das Ereignis auf einem anderen Computer aufgetreten ist, mussten die Anzeigeinformationen mit dem Ereignis gespeichert werden.

Die folgenden Informationen wurden mit dem Ereignis gespeichert:

CN=Microsoft MTA\0ADEL:322e456d-9ed4-49bd-af9b-f6a8403b669f,CN=Deleted Objects,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de
CN=FAXmaker:i386 (HS),CN=Connections,CN=Erste Routinggruppe,CN=Routing Groups,CN=Erste administrative Gruppe,CN=Administrative Groups,CN=MyCompany,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de
12.08.2012 17:42:46

Die Meldungressource ist vorhanden, aber die Meldung wurde nicht in der Zeichenfolge-/Meldungstabelle gefunden

Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchangeTransport" />
    <EventID Qualifiers="49156">5015</EventID>
    <Level>2</Level>
    <Task>4</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2012-08-12T17:42:46.000000000Z" />
    <EventRecordID>61531</EventRecordID>
    <Channel>Application</Channel>
    <Computer>EX7.corp.My-Local-Domain.de</Computer>
    <Security />
  </System>
  <EventData>
    <Data>CN=Microsoft MTA\0ADEL:322e456d-9ed4-49bd-af9b-f6a8403b669f,CN=Deleted Objects,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de</Data>
    <Data>CN=FAXmaker:i386 (HS),CN=Connections,CN=Erste Routinggruppe,CN=Routing Groups,CN=Erste administrative Gruppe,CN=Administrative Groups,CN=MyCompany,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de</Data>
    <Data>12.08.2012 17:42:46</Data>
  </EventData>
</Event>

CN=FAXmaker:i386 (HS) makes me some worries: We had installed GFI Faxmaker in ancient times and uninstalled. We tried to get rid of it but I have no idea where this residual information might reside in...

Regards,
Bernd
0
 
Exchange_GeekCommented:
Questions that were unanswered

Also check free space on E2k7 disk and services are running ?
No details on the exact size of free space available.


Message tracking ?
We need entire logs, the log that you provided was only for SMTP Store Drive Receive, post receive there would be another log - that states - SMTP Store Driver Submit.


 <Data>CN=Microsoft MTA\0ADEL:322e456d-9ed4-49bd-af9b-f6a8403b669f,CN=Deleted Objects,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de</Data>
    <Data>CN=FAXmaker:i386 (HS),CN=Connections,CN=Erste Routinggruppe,CN=Routing Groups,CN=Erste administrative Gruppe,CN=Administrative Groups,CN=MyCompany,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=corp,DC=My-Local-Domain,DC=de

You'll need to take assistance using ADSIEDIT and go to the location => Connections => FAXMaker:i386 - go to its properties and search got MS Exchange MTA, check its properties and remove its details from it.

Lastly,
can E2k7 mailbox email to themselves? I never received answer for this one.
can E2k3 mailbox email to themselves? I never received answer for this one.

Are Exchange services started on E2k3 and E2k10. Name the ones that aren't.


Regards,
Exchange_Geek
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Hope all Mail Submissions and other Microsoft Services are running on the Exchange 2010 server to be able to receive emails.

No Smarthost is mentioned on the SMTP VS ?

- Rancy
0
 
Mar00kAuthor Commented:
Questions that were unanswered

>>Also check free space on E2k7 disk and services are running ?
>Can you provide a number to the free disk space?
Exchange is installed on a disk in total 50GB with 26GB free

>No details on the exact size of free space available.
Do you mean the number of bytes?

>Message tracking ?
>We need entire logs, the log that you provided was only for SMTP Store Drive Receive, post receive there would be another log - that states - SMTP Store Driver Submit.
The posted was the answer to [PS] C:\Windows\system32>Get-MessageTrackingLog -sender "administrator@my-local-domain.de" -recipients "bernd@my-local-domain.de" | FL
How would I get the Store Driver Submit Log?

>can E2k7 mailbox email to themselves? I never received answer for this one.
Yes the admin can send email to himself.

>can E2k3 mailbox email to themselves? I never received answer for this one.
Yes, I can email to myself, too-

>Are Exchange services started on E2k3 and E2k10. Name the ones that aren't.
You mean in Exchange2007?

I've attached a view of the Microsoft Exchange services.

The only errors found in the system eventlog are the two in ID: 38285814 above.
Ex3Services-2000.PNG
Ex7Services-2008.PNG
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Pretty much the services seem to be running and its just issue with E2k7 users unable to send email to E2k3 users ........

Do we have any send connector if so hope 2k7 server isnt a part and no Smarthost on it.

Also is this server holding all roles and I guess we did a message tracking as well ... right

- Rancy
0
 
Exchange_GeekCommented:
Get-MessageTrackingLog -sender "administrator@my-local-domain.de" -recipients "bernd@my-local-domain.de" | FL

This only gave 1 log in it that only showed.

Source                  : STOREDRIVER
EventId                 : RECEIVE

Try sending another log between E2k7 and E2k3.

Run the above command once more, considering admin is on E2k7 and Bernd is on E2k3.

Apart from that run Get-Queue | FL

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
Get-Queue | FL yields:
----------
Identity         : EX7\4
DeliveryType     : SmtpRelayToTiRg
NextHopDomain    : cn=erste routinggruppe,cn=routing groups,cn=erste administrative gruppe,cn=administrative groups,cn=
                  My company,cn=microsoft exchange,cn=services,cn=configuration,dc=corp,dc=my-local-domain,dc=de
NextHopConnector : ffc213a7-2d27-4af1-8da3-a3801bc328cd
Status           : Retry
MessageCount     : 340
LastError        : 451 4.4.0 Primary target IP address responded with: "535 5.7.3 Authentication unsuccessful.." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
LastRetryTime    : 13.08.2012 19:50:41
NextRetryTime    : 13.08.2012 20:00:41
IsValid          : True
ObjectState      : Unchanged

Identity         : EX7\Submission
DeliveryType     : Undefined
NextHopDomain    : Übermittlung
NextHopConnector : 00000000-0000-0000-0000-000000000000
Status           : Ready
MessageCount     : 0
LastError        :
LastRetryTime    :
NextRetryTime    :
IsValid          : True
ObjectState      : Unchanged
----------

I would guess from what I've been reading that I might have a problem with kerberos. Windows 2008 R2 handles default encryption and key length in another way than windows 2003 server does. Since I only have superficial knowledge: Could this be another starting point?
0
 
Exchange_GeekCommented:
You've given us the magic wand, hand on and let me give you the magic words

Regards,
Exchange_Geek
0
 
Exchange_GeekCommented:
You'll need to check Domain Security Policy  and and Local Security Policy of that computer

Please Verify whether Everyone, Administrators, Authenticated users added all the
below policy.

Domain Security Policy >> Users Rights Assignment >> Access This Computer From the
Network.

Domain Controller Security Policy >> Users Rights Assignment >> Access This
Computer From the Network.

Local Security Policy>> Users Rights Assignment >> Access This Computer From the Network.

Force AD Replication and restart SMTP and Routing Engine Service on E2003 and Transport on E2007 Server.

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
You'll need to check Domain Security Policy  and and Local Security Policy of that computer


Please Verify whether Everyone, Administrators, Authenticated users added all the
below policy.

>Domain Security Policy >> Users Rights Assignment >> Access This Computer From the
Network.

here we have
---------------
Administrators
MyDomain\Administrator
MyDomain\Bernd
MyDomain\Domain-Users
MyDomain\AnotherUser1
MyDomain\AnotherUser2
---------------
Should I add Authenticated Users here?


>Domain Controller Security Policy >> Users Rights Assignment >> Access This
Computer From the Network.
Ugh I can't figure out where I can find this Domain Controller Policy

>Local Security Policy>> Users Rights Assignment >> Access This Computer From the Network.
nothing defined here

>Force AD Replication and restart SMTP and Routing Engine Service on E2003 and Transport on E2007 Server.
I will know how I restart the services but how do I force AD Replication?

Regards,
Bernd
0
 
Exchange_GeekCommented:
Should I add Authenticated Users here?

==> Yes you'l need to add it here.

If Exchange isn't on a DC - avoid the setting for Domain Controller Security Policy

Local Security Policy>> Users Rights Assignment >> Access This Computer From the Network. nothing defined here

==> Add the rights for "Everyone, Administrators, Authenticated users"

I will know how I restart the services but how do I force AD Replication?
You'll need to do this using AD Sites and Services.

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
Should I add Authenticated Users here?

==> Yes you'l need to add it here.

>If Exchange isn't on a DC - avoid the setting for Domain Controller Security Policy
It is on a separate server. So I don't change anything.

>Local Security Policy>> Users Rights Assignment >> Access This Computer From the Network.
nothing defined here
==> Add the rights for "Everyone, Administrators, Authenticated users"

Sorry, There is a lock next to the setting, I can't change anything. Do I need to log on as local administrator to change it?

Ok, services restartet as stated above.

Get-Queue | FL yields:
----------
Identity         : EX7\4
DeliveryType     : SmtpRelayToTiRg
NextHopDomain    : cn=erste routinggruppe,cn=routing groups,cn=erste administrative gruppe,cn=administrative groups,cn=
                   My Company,cn=microsoft exchange,cn=services,cn=configuration,dc=corp,dc=my-local-domain,dc=de
NextHopConnector : ffc213a7-2d27-4af1-8da3-a3801bc328cd
Status           : Retry
MessageCount     : 411
LastError        : 451 4.4.0 Primary target IP address responded with: "535 5.7.3 Authentication unsuccessful.." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
LastRetryTime    : 13.08.2012 22:35:08
NextRetryTime    : 13.08.2012 22:36:08
IsValid          : True
ObjectState      : Unchanged

Identity         : EX7\Submission
DeliveryType     : Undefined
NextHopDomain    : Übermittlung
NextHopConnector : 00000000-0000-0000-0000-000000000000
Status           : Ready
MessageCount     : 0
LastError        :
LastRetryTime    :
NextRetryTime    :
IsValid          : True
ObjectState      : Unchanged
----------

By the way: Thank you for your help so far. I really appreciate it very much, thank you!
0
 
Exchange_GeekCommented:
>Domain Security Policy >> Users Rights Assignment >> Access This Computer From the
Network.

here we have
---------------
Administrators
MyDomain\Administrator
MyDomain\Bernd
MyDomain\Domain-Users
MyDomain\AnotherUser1
MyDomain\AnotherUser2
---------------
Should I add Authenticated Users here? ==> Yes.


>Local Security Policy>> Users Rights Assignment >> Access This Computer From the Network.
nothing defined here
==> Add the rights for "Everyone, Administrators, Authenticated users"

Sorry, There is a lock next to the setting, I can't change anything. Do I need to log on as local administrator to change it?

==> Possibly yes.

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
Did not work to change the local setting. I am going to try something else tomorrow and will let you know if that worked.

Regards,
Bernd
0
 
Mar00kAuthor Commented:
Something works. Additionally I've set the default domain policy regarding allowed kerberos encryption to RH4. I can send now email back and forth. The replication between the storages seems to have started, too. I have no idea how to find out if everything is fine.

I have a time problem with further investigating the next days and will care for this problem during the weekend again. Thank you again so far for your cooperation.

Regards,
Bernd
0
 
Exchange_GeekCommented:
Finally some good news :) Congrats.

Regards,
Exchange_Geek
0
 
Mar00kAuthor Commented:
Very thoroughly elaborated way to the solution and respsonses fast as lightning. Thank you for your help!
0

Featured Post

Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

  • 14
  • 10
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now