Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How do I set up Edge correctly?

Status
Not open for further replies.
bTkalternate

bTkalternate

IS-IT--Management
May 31, 2007
80
GB
Hi,

I've set up a 2003 server running Exchange 2007 Edge server.
The server is in the DMZ and not a member server as per the set up guides.
ISA is being used and allowing ports 25, 50636 and 50389.
I've created the subscription file, imported it and forced the synchronization which all worked correctly.

My problem is testing the connectivity regarding mail sent to the Edge Transport server which should then be 'relayed' to the Hub Transport server.
On the ET server I used telnet to itself on port 25, entered the commands to send a test e-mail which resulted in the mail being placed in the ET queue.
Problem is it isn't relaying the message to HT and in turn delivering it to me.

I can telnet from ET to HT and test mail successfully.
Although it did say it was queued for delivery in telnet but never quit out.

I've not changed MX records or touched ISA forwarding yet as I don't want live mail to be delivered to the ET server and never get delivered.

I hope the info above explains my scenario enough.
Any help is appreciated.

B
 
Sort by date Sort by votes
Hi,

Have you checked the event logs ?
Also check the send and receive connectors on both side.
For more help I need more information on what connectors are on the ET and HUB.



Regards,

Johan

visit my site:
 
Upvote 0 Downvote
I just started at this company so trying to figure the set up too.
Some things I noticed in the event log...

The HT server
I get this warning in Event Log / Application
MSExchangeTransport ID: 12014
This event goes back a few weeks but I only installed HT a few days ago.

I also get
MSExchangeSA ID: 9186
Regarding not being a member of a group. This error has gone back for weeks and weeks too.

Did another test and have the following in the queue viewer
Next Hop Domain= exchangeHT
Delivery Type= SmartHostConnectorDelivery
Status= Retry
Message Count= 1
Last Error= 451 4.4.0 Primary target IP address responded with "Failed to achieve authentication."...

So this authentication message may be the factor here but I'm not sure how to get it to authenticate as all seems OK from a configuration point.

When I run the Troubleshooting Assistant for Edge issues it tells me
"No EdgeSync credentials were found in Active Directory for Edge Transport server role computer %EDGECN%. This occurs when the tool is unable to retrieve one or more values for the 'msExchEdgeSyncCredential' attribute on the server object '%EDGEDN%' in Active Directory."

On the Edge Server I have:
One receive connector default internal receive connector. Its FQDN is the server's FQDN.

Two Send connectors, one inbound to domain and one to internet. Both don't have FQDN (dont think this is needed tho).
The Send connector 'inbound to domain' has the address space as --- I would expect *



Any help is appreciated.

b
 
Upvote 0 Downvote
I used ADSI Edit to check the msExchangeSyncCredential value and found it was blank.
Is it meant to be blank?

Ta
 
Upvote 0 Downvote
The blank value was for the Edge server.
The HT server has a value in there.
 
Upvote 0 Downvote
Yeah I recreated the subscription but still no luck :(
Is the "msExchangeSyncCredential" value in AD meant to be blank for ET server?
I read somewhere that this may be an issue.

Regards
 
Upvote 0 Downvote
Also, what perms and authentication should I have for the connectors on HT and ET please?

I'm not sure if I have them all set correctly.

:)
 
Upvote 0 Downvote
Hi,

If you set it up via the Edge subscription everything is configured automaticly even the permissions and authentication type. Have you forced the edge to sync with the ad ?



Regards,

Johan

visit my site:
 
Upvote 0 Downvote
Yep, forced and tested the sync and it seems fine.
I'm on to MS support i the hopes they can help.

Cheers
 
Upvote 0 Downvote
Well no one seems to know whats going on here :(

Can you clear some things up please?

Of the connectors can you tell me which should use smarthost and which should use MX records. I have a smarthost as --- too which looks strange.

Cheers
 
Upvote 0 Downvote
Hi,

On the Edge server you need to configure the internet connector to point to the smarthost.
The other connectors are created automaticly when adding the Edge subscription.

Did you already had contact with MS support as you said in the previous message ?

Regards,

Johan

visit my site:
 
Upvote 0 Downvote
No luck so far. Seem to have people stumped.

I'm setting up a lab now as I think its down to permissions/authentication messing up.

Will let you know how I get on...
 
Upvote 0 Downvote
I've set up a lab and found what the issue is.
It is to do with the authentication setting of Default receive conenctor not having 'Exchange Servers' enabled.

Unfortunately when I try and enable this in live it gives a message regarding the FQDN with the following message...

"
--------------------------------------------------------
Microsoft Exchange Error
--------------------------------------------------------
The following error(s) occurred while saving changes:

set-receiveconnector
Failed
Error:
When the AuthMechanism parameter on a Receive connector is set to the value ExchangeServer, you must set the FQDN parameter on the Receive connector to one of the following values: the FQDN of the transport server "bne01-s-ex7.mpaaustralia.local", the NetBIOS name of the transport server "BNE01-S-EX7", or $null.
"

I have the FQDN set to mail.<mycompany>.com although the server name is exchange7.<domain>.local.
My lab has teh FQDN of the server.
The help guide says not to modify this as it will break mail flow.
Have you any idea what I can do regarding this?
Am I able to modify this?

Many thanks
 
Upvote 0 Downvote
Hi,

I went ahead and changed the FQDN of the Default connector to the server FQDN then enabled exchange authentication and all is working correctly now.
I found out the original reason for changing the FQDN was to no advertise the server name to 3rd parties (view via telnet).

I'll just go ahead and change the banner via EMS. Hopefully this wont mess with any RFC's.

Cheers,
b
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
1K
DrB0b
DrB0b
stanlyn
  • Locked
  • Question
How to do Certificates on MultiDomain Exchange with Least Cost
Replies
1
Views
1K
Wesaf
Wesaf
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
1K
PatrickRoggers
PatrickRoggers
Rupinder Kaur
  • Locked
  • Question
How do you delete time from activity in QuickBooks?
Replies
3
Views
164
strongm
strongm
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
2K
microsGuy16
microsGuy16

Part and Inventory Search

Sponsor

Back
Top