Solved

Not able to send to cross trusted Exchange forest due to the recipient addresses turning into IMCEAEX-_O.......

Posted on 2016-09-27
4
40 Views
Last Modified: 2016-10-17
We have two trusted Exchange forests -- domain1 and domain2. We tried to use a utility (Forefront Identity Management) to sync the AD user accounts/contacts and by accident caused duplicate email accounts/contacts in both forests. It prevented users from sending email cross the forests with the error:  
"More than one user has this e-mail address. #550 5.1.4 RESOLVER.ADR.Ambiguous; ambiguous address ##"

So we got into AD to delete all the sync-ed accounts/contacts in the destination domains, and thought that should be it. Unfortunately, the issue remained except the error is different:
"The e-mail address you entered couldn't be found."

Further investigation found the recipient email address we carefully typed out in the recipient field is correct for sure as we can see but from the bounced NDR we can see after sending the recipient address being altered to an ExchangeLegacyDN such as:

IMCEAEX-_O=DOMAIN2_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+28FYDIBOHF23SPDLT+29_CN=RECIPIENTS_CN=Frank+20Gaines625@domain2.com

And that's why got the "address not found" error.
Again, it only happens while trying to send cross the forest. There is no issue while using OWA.
And the most strange thing is, it only happens to many but NOT all users, whether it is in cached mode or not. We suspected it is cache issue so we did update OAB, GAL, redownloading OAB, etc. But the issue still remains.

Any help is appreciated.
0
Comment
Question by:Castlewood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
Todd Nelson earned 500 total points (awarded by participants)
ID: 41818533
I hate those annoying X400/X500 addresses but at times they are necessary and must be added the the accounts as a proxy address.

Take a look at this article and the associated references ... https://oddytee.wordpress.com/2014/08/22/imceaex-ndrs-after-migrating-psts-to-office-365/

Hopefully it provides you a direction to head.
0
 

Author Comment

by:Castlewood
ID: 41819928
Thanks Todd.
The MS support article in the above link states that the auto-complete cache in Outlook or OWA uses  LegacyExchangeDN to route internal emails. Still very confused about how the "translation" works from SMTP to LegacyDN. Look, in our case, all accounts do have at least one proper X.500 in place and I understand the internal recipient SMTP we entered in Outlook will be translated to a LegacyDN for internal routing, according to the above MS support article.
But the problem is, say, the user in domain1 wants to send an email cross forest to jsmith@domain2.com. So he entered the correct SMTP address in Outlook. We verified it was the correct spelling before hitting Send. Right after sending we got the NDR where we can see the translated LegacyDN is with the wrong domain -- @domain1.com. We entered @domain2.com in SMTP, which was translated to @domain1.com in LegacyDN. How could this happen?

Lastly, even more mysterious is, the issue disappeared on the second day around 10:40am EST. Does it mean a LegacyDN has a time to live or what?
0
 

Author Comment

by:Castlewood
ID: 41820277
Spoken too early. There was still one user running into this issue. But this time, I empty the Auto-Complete cache list on his Outlook 2013 and fixed his issue. So the issue seems to become randomly in individual users. But what could cause this issue in the Exchange server side?
0
 
LVL 16

Expert Comment

by:Todd Nelson
ID: 41846320
Sufficuent information provided that resolved issue.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month4 days, 9 hours left to enroll

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question