none
Exchange 2007 is not sending message to exchange 2010 server

    Question

  • hi

    i have two child domains and there is no exchange server in parent domain. 

    domain B has 5 exchange 2007 servers and exchange A has 2 exchange 2007 servers and one exchange 2010 server.

    all servers except one server (exchange 2007) of domain B can send email to domain servers including exchange 2010 as well.

    i am getting following error on exchange 2007

    NoAuthenticatingAuthority Intra-Organization SMTP Send Connector ExchangeAuth SMTPSVC\servername

    it was working after transition and it will stop automatically.

    thanks 

    Tuesday, January 01, 2013 3:15 AM

Answers

  • Hi

    the problem solved. It was not SPN issue.

    its because that server was unable to access the Parenet domain controllers, after fixing routing problem, the issue was resolved.

    thanks everyone.

    • Marked as answer by GRaNaG Thursday, January 03, 2013 5:15 PM
    Thursday, January 03, 2013 5:15 PM

All replies

  • On Tue, 1 Jan 2013 03:15:37 +0000, GRaNaG wrote:
     
    >i have two child domains and there is no exchange server in parent domain.
    >
    >domain B has 5 exchange 2007 servers and exchange A has 2 exchange 2007 servers and one exchange 2010 server.
    >
    >all servers except one server (exchange 2007) of domain B can send email to domain servers including exchange 2010 as well.
    >
    >i am getting following error on exchange 2007
    >
    >NoAuthenticatingAuthority Intra-Organization SMTP Send Connector ExchangeAuth SMTPSVC\servername
    >
    >it was working after transition and it will stop automatically.
     
    Have you changed the FQDN on the default receive connector? If you did
    you must add the server name and FQDN as SPNs to the computer account.
     
    To see the SPNs on the computer's account:
    setspn -L computer
     
    To add SPNs to the cmomputer's account:
    setspn -A SMTPSCV\<FQDN>
    setspn -A SMTPSVC\<computer name>
    setspn -A SMTP\<FQDN>
    setspn -A SMTP\<computer name>
     
    Another possibility is that the date/time on the machine is incorrect.
    The servers will use Kerberos authentication and for that to work the
    time differences between machines cannot be greater than 5 minutes.
     
    Also, port 88/udp and port 88/tcp msut not be blocked by any firewall
    between the servers.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, January 01, 2013 3:53 AM
  • Hi

    thanks for your reply.

    i have checked SPN's on all servers and they exist. Time issue is also not present. we are using VPN and no fixup is already done on cisco firewalls.

    i also verified that the FQDN is present in default receive connector on both sides.

    we have one send connector which is for barracuda and it added two HT servers in that.

    there are 4 other 2007 exchange servers on same location and they are sending emails to 2010 server, only this HT server is not sending mails to 2010 servers, it is sending mails to all other users in organization.

    please let me know if anything you need.

    thanks

    Tuesday, January 01, 2013 1:40 PM
  • On Tue, 1 Jan 2013 13:40:55 +0000, GRaNaG wrote:
     
    >thanks for your reply.
    >
    >i have checked SPN's on all servers and they exist.
     
    No doubt that SPNs exist, but to they match the FQDN on your receive
    connectors?
     
    >Time issue is also not present. we are using VPN and no fixup is already done on cisco firewalls.
    >
    >i also verified that the FQDN is present in default receive connector on both sides.
     
    And is that FQDN present in the set of SPNs on the computer account
    for the serveice SMTP and SMTPSCV?
     
    >we have one send connector which is for barracuda and it added two HT servers in that.
     
    The send connector isn't used to transport messages between hub
    transport servers. A "dynamic" send connector is created for that
    purpose.
     
    >there are 4 other 2007 exchange servers on same location and they are sending emails to 2010 server, only this HT server is not sending mails to 2010 servers, it is sending mails to all other users in organization.
     
    If this HT server can receive e-mail from other HT servers then this
    server probably isn't the problem.
     
    Have a look at the SMTP Receive protocol log on the other HT servers
    and the SMTP Send protocol log on this HT server. Verify that you see
    the same information, especially the ESMTP keywords, exchanged between
    this HT server and another HT server that you see in the send and
    receive protocol logs when SMTP sessions are established between any
    other pair of HT servers.
     
    You should also verify that the HT server can contact each domain
    controller in it's AD site. In fact, it should be able to connect to
    every DC in the forest.
     
    Whether or not there are Exchange servers in the root domain of the
    forest you should probably run the Exchange setup with domainprep in
    that domain.
     
    In addition to ensuring the correct SPNs are et, you should also check
    for duplicate SPNs.
     
    http://support.microsoft.com/kb/979174
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Tuesday, January 01, 2013 8:57 PM
  • Hi

    the problem solved. It was not SPN issue.

    its because that server was unable to access the Parenet domain controllers, after fixing routing problem, the issue was resolved.

    thanks everyone.

    • Marked as answer by GRaNaG Thursday, January 03, 2013 5:15 PM
    Thursday, January 03, 2013 5:15 PM