none
Exchange 2010-to-2013 flow

    Question

  • Small network. One Exchange 2010 server. I just added Exchange 2013 on another VM with the intent of migrating everyone from 2010 to 2013 (was on 2003 as of about six weeks ago, so this is real progress, believe it or not!)

    Mail sent from outside does not get to the test mailbox on the 2013 server. Eventually, that 2013 server will be setting behind a NAT to port 25 on the router, but in the interim, I need mail to flow through Exchange 2010 and be delivered to 2013.

    I am sure, or at least highly suspect, that there is something simple and obvious that I missed in Mail Flow that will allow messages hitting the Exchange 2010 server to be moved over to the user's mailbox that is in a DB on the Exchange 2013 server.

    For what it is worth, I have mail delivery configured on one mailbox that forwards mail sent to the domain admin account out to my external e-mail address (in addition to, not instead of, putting a copy in the admin mailbox). This works, even when the message never actually shows up in that admin mailbox. I am sure that is significant and probably a big hint also, but just cannot see it at almost 3:00 am in the middle of this migration.

    I will need 2010 & 2013 to coexist for maybe only three days while I get everything moved over.


    Wednesday, March 23, 2016 9:57 AM

Answers

  • Well, I found the problem, or at least the queue emptied immediately after I fixed the condition I describe below.

    I had added another Receive connector to allow our scanner to relay outbound through the 2013 server. And naturally, not knowing all the implications, I inadvertently overlapped the scope of that receive connector with the Default Frontend  connector. Since my new one was more specific (just the LAN), it pre-empted the more general Default Frontend. But because my new Receive connector did not have Legacy Exchange servers checked, it could not accept the connection from Exchange 2010.

    Once I made sure the scope of my outbound relay connector did not include the Exchange 2010 server, the queue emptied immediately, and all pending messages got to the mailboxes.

    • Marked as answer by Brian D. Hart Thursday, March 24, 2016 4:33 PM
    Wednesday, March 23, 2016 9:32 PM

All replies

  • Because of version routing, the exchange 2010 HUB role will need to send the message to the HUB component of the Exchange 2013 via the intraorg connector.  Then the 2013 HUB role will deliver the message to the mailbox. This should work out of the box without any configuration change.

    Are the messages queueing, or are you getting an NDR?

    To check the queue, on the 2010 server run Get-Queue. If nothing there, check on the 2013 server.

    Wednesday, March 23, 2016 11:53 AM
  • I am getting a delay notice after 12 hours and will presumably get a failure when the full two days runs out.

    Get-Queue on the 2010 server does show me 23 messages (including several of my test messages) sitting there with DeliveryType SMTPRelay in Active Directory Site.

    Exchange 2010 will be gone as soon as I move the mailboxes over to 2013 and get everything communicating. 2010 was just a necessary step between 2003 and 2013.

    But here is what you probably need to see: Last Error is 451 4.4.40 Primary target IP address responded with : "451 5.7.3 Cannot achieve Exchange Server authentication. Attempted failover to alternate host. [etc]"

    So, presumably, Exchange 2013 receive connector needs to be configured to allow Exchange Server authentication. But how do I tell which of the five auto-created receive connections on the 2013 server is the one that needs this configuration? (Please pardon my ignorance!)

    Wednesday, March 23, 2016 9:08 PM
  • Here are the receive connectors on the 2013 server to which the 2010 server is unable to relay the messages:

    Client Frontend    Role: FrontendTransport  Port:587 Exchange servers: checked  Legacy Exchange servers: checked
    Client Proxy    Role: HubTransport   Port:465 Exchange servers: not checked Legacy Exchange servers: not checked
    Default Frontend   Role: FrontendTransport  Port:25  Exchange servers: checked  Legacy Exchange servers: checked
    Default      Role: HubTransport   Port:2525 Exchange servers: not checked Legacy Exchange servers: checked
    Outbound Proxy Frontend  Role: FrontendTransport  Port:717 Exchange servers: checked  Legacy Exchange servers: not checked

    Wednesday, March 23, 2016 9:23 PM
  • It uses a hidden connector called the intraorg connector. No configuration should be needed. Can you send mail the other way? 2013 -> 2010
    Wednesday, March 23, 2016 9:26 PM
  • Well, I found the problem, or at least the queue emptied immediately after I fixed the condition I describe below.

    I had added another Receive connector to allow our scanner to relay outbound through the 2013 server. And naturally, not knowing all the implications, I inadvertently overlapped the scope of that receive connector with the Default Frontend  connector. Since my new one was more specific (just the LAN), it pre-empted the more general Default Frontend. But because my new Receive connector did not have Legacy Exchange servers checked, it could not accept the connection from Exchange 2010.

    Once I made sure the scope of my outbound relay connector did not include the Exchange 2010 server, the queue emptied immediately, and all pending messages got to the mailboxes.

    • Marked as answer by Brian D. Hart Thursday, March 24, 2016 4:33 PM
    Wednesday, March 23, 2016 9:32 PM
  • Hi Brian,

    Welcome to Technet forum.

    If your replay has solved your issue, please mark it as answer so that someone who has similar issue could find this thread as soon as possible.

    Best Regard,

    Jim Xu

    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Jim Xu
    TechNet Community Support

    Thursday, March 24, 2016 9:08 AM
    Moderator