451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled)

I have faced a problem at a cusomter site;mails cannot flow from an Exchange 2010 server to a specific Exchange 2003 server , while it can flow to other Exchange 2003 servers.

Exchange 2010 servers were in AD domain: ChildA.parent.com and Exchange 2003 server was in ADdomain : ChildB.parent.com.

Domain controllers of domain ChildB.parent.com only existed at the site of Exchange 2003.

The queue viewer gave the following message :

"451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled)"

and the application log gave the following error:

Outbound authentication failed with error -2146892976 for Send connector Intra-Organization SMTP Send Connector. The authentication mechanism is Gssapi. The target is SMTPSVC/Exchange2003ServerFQDN

i have checked the SPN , using Setspn -l Exchange2003ServerName aother posts on the Internet suggested, the SPN was not in place so i had to add it using :

setspn -a SMTPSVC/Exchange2003ServerFQDN Exchange203ServerName

But the problem still persisted, later we found out it was related to netowrk traffic being bloked, in addition to Posrt 25 for SMTP traffic , you still need Ports 389 and 88 for authentication between Exchange 2010 servers and domain controllers for ChildB.parent.com AD domain.

Comments

Upgrade from Lync Evaluation edition to Lync RTM.

If you have installed Lync Server using the 180 Day trial bits you can upgrade to the RTM bits nsing the following easy steps: Run setup.exe on your Lync server Volume License media. Click on "Install or Update Lync server system" Click on "Setup or remove Lync server components" Open CMD and navigate to \Setup\amd64\setup and then run msiexec.exe /fvomus server.msi EVALTOFULL=1 /qb Open Lync Server Management Shell and then run Enable-CSComputer and then you are done !

Attack Surface Reduction Rules (ASR) reporting using Microsoft 365 Security Center

This is my forst post since very long time I have decied to come back and blog about some of my findings. If you have an E5 License you can use the Microsoft 365 Security portal (security.microsoft.com) to access reports for ASR configuration and detection. As far as I remember last time I want to access the reports they were in a different placce , it took me a while to figure out where they are locate , so I thought to blog about this. To access the ASR report , From the home page of security.microsoft.com , scroll down use the navigation pane on the left and select Reports Then under General click on Security Report Scroll down till you find the Attack Surface reduction rules section, click on the title and it will tack you to a another page to view more details From the configuration tab you can get an overview of the configuration and which machines has ASR rules off, enforced or in audit mode. If you click on the name of a specific machine it will sho...

No static address matched networks "Cluster Network Name" . Specified static addresses: x.x.x.x

While I was working on a DAG with separate MAPI and Replication Networks whenever I make any changes to DAG like running start-DatabaseAvailabilityGroup or Set-DatabaseAvailabilityGroup I get the following warning message: "No static address matched networks "Cluster Network ". Specified static addresses: x.x.x.x". The Cluster Network was the Replication Network whose subnet is different than that of the DAG IP addresses. Seems that Exchange wanted to utilize this network for MAPI traffic. Although When I run the command get-DatabaseAvailabilityGroupNetwork I find that MAPIEnabled is false on the replication network. when I compared the cluster networks of this DAG with another healthy DAG I found that the checkbox "allow clients to connect through this network" was checked. when I uncheck it, it gets checked by itself again !. The reason was that one of the DAG members had the "register this connection's address in dns" che...

Mektozo , Just another Contoso ! :)

Search This Blog