We help IT Professionals succeed at work.
Get Started

Exchange Server 2010 Event Error 1020 using Powershell

Thomas Grassi
Thomas Grassi asked
on
29 Comments
5 Solutions
1,404 Views
Last Modified: 2015-07-26
Windows 2008 R2 Server
Exchange 2010 Enterprise RU10

Created a PowerShell script to send email

$body = netsh advfirewall firewall show rule name="Block_IP" | Out-String
$PSEmailServer = "SERV025.FQDN.COM"
Send-MailMessage -From "no-reply@mydom.com" -To "support@mydom.com" -Subject "SERV025 Firewall Rule BlockIP Updated" -Body $body -smtpserver $PSEmailServer

Open in new window


I run this on my computer using powershell after I do this Enter-pssession -computername serv025

It works great.

Now I try to run the same script on my SERV025 (Windows 2008 R2 with Exchange 2010)

I get this event error

Log Name:      Application
Source:        MSExchangeTransport
Date:          7/22/2015 7:32:49 PM
Event ID:      1020
Task Category: SmtpReceive
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      SERV025.FQDN.com
Description:
The account 'mydom\administrator' provided valid credentials, but is not authorized to use the server; failing authentication.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchangeTransport" />
    <EventID Qualifiers="32772">1020</EventID>
    <Level>3</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-07-22T23:32:49.000000000Z" />
    <EventRecordID>206601</EventRecordID>
    <Channel>Application</Channel>
    <Computer>SERV025.FQDN.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>MYDOM\administrator</Data>
    <Data>Default SERV025</Data>
  </EventData>
</Event>

Found this

The suggested resolution is to verify that the account that is specified in the event text has the MS-Exch-SMTP-Submit permission assigned to it on the appropriate Receive connectors on the Hub Transport server or Edge Transport server.


and I did this

PS] C:\Windows\system32>Add-ADPermission "Client SERV025" -User "mydom\Administrator" -ExtendedRights ms-Exch-SMTP-Accept
-Authoritative-Domain-Sender

Identity             User                 Deny  Inherited
--------             ----                 ----  ---------
SERV025\Client SER... mydom\administrator    False False


[PS] C:\Windows\system32>Add-ADPermission "Client SERV025" -User "mydom\Administrator" -ExtendedRights ms-Exch-SMTP-Accept
-Any-Sender

Identity             User                 Deny  Inherited
--------             ----                 ----  ---------
SERV025\Client SER... mydom\administrator    False False

Still getting the event 1020


What am I missing here
Comment
Watch Question
SQL Expert/Infrastructure Architect
CERTIFIED EXPERT
Commented:
This problem has been solved!
Unlock 5 Answers and 29 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE