The first error we ran into after the installation and change of DNS addresses was the backup of the mail queues on the 2010 server because it was unable to send mail to the 2007 exchange HUB server to be delivered to mailboxes. The Queue was a next hop domain of hub version 8, Delivery type of SMTP Relay in Active Directory Site, the last error was 451 4.4.0 DNS query failed. The last error was:SMTPSEND.DNS.NonExisentDomain; nonexistent domain.
We ran the Mailflow Trouble shooting tool and it gave a couple of warnings regarding no pointer records that had not propagated yet.
The solution ended up being related to the receive connectors. The basic concept is to ensure you have a receive connector on each exchange server that is configured to only include the other exchange server. DO NOT have any other of your receive connectors able to receive from an IP address scope that contains within it the other Exchange server AND has Anonymous Users not selected. An example of our receive connector on the Exchange 2007 server can be seen below.
The resolution is to run the command
Get-ActiveSyncVirtualDirectory -Server E2007CA | Set-ActiveSyncVirtualDirectory -ExternalURL:$null
 |
| Figure 5 |
This essentially sets up a proxy for the Activesync clients to the 2007 server. The URL folder from Server Configuration > Client Access > Server > ActiveSync will look like the figure 5.
- Authentication was set to Ignore Client Certificates and not allow Basic Authentication from the settings of the Client
- In the IIS folder settings we have Integrated Windows authentication enabled.
- We did temporarily enabled Basic authentication to set a default domain and disabled it; however I am not sure if this had any effect on the final solution.
One final note is that in the process of this some mobile clients updated server settings to legacy.domain.edu. On those few clients they might need to manual change their servers to webmail.domain.edu.
No comments:
Post a Comment