Skip to main content

451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled)

I have faced a problem at a cusomter site;mails  cannot flow from an Exchange 2010 server to a specific Exchange 2003 server , while it can flow to other Exchange 2003 servers.

Exchange 2010 servers were in AD domain: ChildA.parent.com and Exchange 2003 server was in ADdomain : ChildB.parent.com.

Domain controllers of domain ChildB.parent.com only existed at the site of Exchange 2003.

The queue viewer gave the following message :
"451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled)"
 and the application log gave the following error:

Outbound authentication failed with error -2146892976 for Send connector Intra-Organization SMTP Send Connector. The authentication mechanism is Gssapi. The target is SMTPSVC/Exchange2003ServerFQDN
i have checked the SPN , using Setspn -l Exchange2003ServerName aother posts on the Internet suggested, the SPN was not in place so i had to add it using :


setspn -a SMTPSVC/Exchange2003ServerFQDN Exchange203ServerName
But the problem still persisted, later we found out it was related to netowrk traffic being bloked, in addition to Posrt 25 for SMTP traffic , you still need Ports 389 and 88 for authentication between Exchange 2010 servers and domain controllers for ChildB.parent.com AD domain. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Upgrade from Lync Evaluation edition to Lync RTM.

If you have installed Lync Server using the 180 Day  trial bits  you can upgrade to the RTM bits nsing the following easy steps: Run setup.exe on your Lync server Volume License media. Click on "Install or Update Lync server system" Click on "Setup or remove Lync server components" Open CMD and  navigate to \Setup\amd64\setup and then run msiexec.exe /fvomus server.msi EVALTOFULL=1 /qb  Open Lync Server Management Shell and then run Enable-CSComputer and then you are done !
7 comments
Read more

Exchange 2010 - EMC "RBAC authorization returns Access Denied"

I was doing an Upgrade for Exchange 2003 to Exchange 2010 and after i installed the first CAS server and opened the EMC an error appeared that i have no permissions... while i was logged in with the setup account and it was a memeber of the Organization Managemnet Group. and i founbd this in the Applicaiton Log  "(Process w3wp.exe, PID 6716) "RBAC authorization returns Access Denied for user Udomain.Local/Users/AccountName. Reason: No role assignments associated with the specified user were found on Domain Controller XXXXX" " After alot of searches i was pulling my remaining hair out :)  I  found this post ( http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/fc568cc6-8691-4127-b70b-bcc82f9b1f7f?prof=required ) The issue was with 2 things : Allow inheritable permissions check Box was not enabled on the Exchange  Microsoft Exchange Organzaiton container inside the Configuration partition. The value for the attributes msExchRoleLink ...
Post a Comment
Read more

the networkmanager has not yet been initialized

I faced a very strange case with Exchange DAG, I was doing a site resiliency test I failed over to the DR site successfully and then I failed back to the main site, after failing back I found that the DAG was in a state that looks like split brain syndrome although the DAG was running in DAC mode. the symptoms were as follows: From the DR mailbox server: Cluster Console only showed this node while the active nodes were not present. From EMC the copies on the DR server were healthy. From the Main site mailbox servers: Cluster console showed the three nodes but the DR node was stopped, and the option to start it was grayed out. From EMC the copies on the DR server were failed. The fix was as follows:  run the following command: Cluster       /forcecleanup Then run the following: Start-DatabaseAvailabilityGroup "DAGname" -MailboxServer  "DRNodeName" After the first command you will find that the DR node can see the oth...
Post a Comment
Read more