Inbound authentication failed with error logondenied for receive connector default - Исправление ошибок и поиск оптимальных решений проблем

Содержание

Inbound authentication failed with error logondenied
Answered by:
Question
Answers
All replies
Inbound authentication failed with error logondenied
Asked by:
Question
All replies
Inbound authentication failed with error logondenied
Asked by:
Question
All replies
Inbound authentication failed with error logondenied
Asked by:
Question
All replies
Inbound authentication failed with error on Exchange 2013
Popular Topics in Microsoft Exchange

Inbound authentication failed with error logondenied

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Answered by:

Question

Hello,
on my exchange 2016 server i am receiving the following event:

Inbound authentication failed with error LogonDenied for Receive connector Default Frontend EX02. The authentication mechanism is Login. The source IP address of the client who tried to authenticate to Microsoft Exchange is [192.168.2.207].

I didn`t find the solution yet.
192.168.2.207 is the ip of my Kemp-load-balancer.

Anybody who know a Solution for this?

Answers

go to ADSI Edit, Configuration -> Services -> Microsoft Exchange -> Domain.com-> Administrative Groups -> Exchange Administrative Group -> Servers -> CAS01-> Protocols -> SMTP Receive Connectors, then go to the properties for the «Client Proxy CAS01» .

on the security tab, go to «Authenticated Users» and make sure «Accept any Sender» and «Accept Authoritative Domain Sender» are Allow

what are you trying to send from Kemp load balancer to exchange?

you will need to add the ip of the Kemp LB on the receive connector .

Where Technology Meets Talent

Did you change anything on the default fronted receive connector?

Please run the following command to check the connect settings:

In general, this Error event indicates that the inbound authentication from the specified source on the specified Receive connector has failed. The authentication error and the authentication mechanism are specified in the text of the error message. To resolve this error, we should verify that the Receive connector and the remote client are configured to use a common authentication method with the correct credentials and required certificates.

Источник

Inbound authentication failed with error logondenied

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Asked by:

Question

Good Morning, we have an exchange 2010 server that keeps getting Event ID 1035 in the Application log. The full error is posted below. It appears that this IP is from amsterdam. From what I gather, it seems as though someone is trying to authenticate to my exchange server from the outside. What I’d like to know is, is this fairly normal or does it mean that my receive connector is improperly configured? My «Default» connector has TLS, Basic Authentication and Integrated windows authentication enabled. It also has Anonymous users, Exchange users and server and legacy exchange servers enabled for permission groups.

Inbound authentication failed with error LogonDenied for Receive connector Default . The authentication mechanism is Ntlm. The source IP address of the client who tried to authenticate to Microsoft Exchange is [37.139.50.146].

Few of us have memorized all event ID numbers and few of us are inclined to look up the numbers you’ve posted, so please post the entire event log entry. You are welcome to use the handy-dandy «copy to clipboard» button in the event log detail window to assist you with this.

Ed Crowley MVP «There are seldom good technological solutions to behavioral problems.»
Celebrating 20 years of providing Exchange peer support!

From your description and error message, it seems that other client (IP address is 37.139.50.146) want use Exchange server to send message, however it failed to logonDenied.

Does this IP address safe or not?

If it’s safe, you can create a special receice connector to allow this IP (add it into remoteIpRanges) to use Exchange server to send message. For your reference: https://technet.microsoft.com/en-us/library/bb232021(v=exchg.141).aspx
If not, you can block this IP in your wirewall.

Besides, you can run below command to list connector which enable open relay:
Then you can run below command to remove «ms-exch-smtp-accept-authoritative-domain-sender» permission, it will prevent others pretend your Exchange server to send message:

Источник

Inbound authentication failed with error logondenied

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Asked by:

Question

Im encountering the same error over and over again.
I dont have the required knowledge about exchange to troubleshoot it, I’m still learning.

Anyway I’m getting an error 1035 MSexchangeFrontEndTransport in my event viewer hourly, if not more frequent.

Is the server trying to authenticate with itself and failing?
Im sensing it must be some security account with wrong acces rights?

Does anyone have any idea about where to start troubleshooting/fixing the issue?
Any help would be greatly appreciated!

You can turn up SMTP protocol logging:

and then examine the logs to see what’s connecting at that time. If your network preserves the source IP address, you’ll get that at least.

Ed Crowley MVP «There are seldom good technological solutions to behavioral problems.»
Celebrating 20 years of providing Exchange peer support!

Verbose logging gladly was already enabled. Heres the part where it happens. I have only checked it for 1 event from this morning though.

I checked the healthmailbox and its healthmailbox-XXXXXX-001.
I have no idea what’s happening other than that it’s trying to authenticate but failing.
Logon denied, but what is it trying to log in to?

First, please ensure that the time on Exchange server is the same as DC.

Then, check if the healthmailbox UPN domain is the same as your default domain:

If not the same, run the following command to change it and check again:

Niko Cheng
TechNet Community Support

Please remember to mark the replies as answers.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

Thanks for your response, as far as i can see it is a .local principal name and .com SMTP address.
I also checked the correctly working mailboxes and saw that they all are .local and noone .com.

Is it safe to change the SMTP address to .local so they match?
Or should i instead change the principal name to .com?
Our FQDN ends on .local yet our exchange addresses are .com?

In exchange ECP i can see that every single mailbox has a .com & .local address.

PS: Time on the DC and exchange are the same because they are both installed on the same physical server. (server 2012R2 & exchange 2013)

Источник

Inbound authentication failed with error logondenied

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Asked by:

Question

Ed Crowley MVP «There are seldom good technological solutions to behavioral problems.»
Celebrating 20 years of providing Exchange peer support!

From your description and error message, it seems that other client (IP address is 37.139.50.146) want use Exchange server to send message, however it failed to logonDenied.

Does this IP address safe or not?

Источник

Inbound authentication failed with error on Exchange 2013

I’m trying to configure our payroll software to send email payslips to staff via exchange. Some email addresses we hold on file for staff are also external e.g. hotmail, yahoo etc.

Speed up your PC in just a few clicks

1. Download and install ASR Pro

2. Open the application and click on the Scan button

3. Select the files or folders you want to restore and click on the Restore button

Download this software now and say goodbye to your computer problems.

Here are some easy steps to help you fix your connection error.

I am trying to set up our payroll software to send payrolls by email so you can work on a deal. The emails we store for employees are also external, for example. Hotmail, Google, etc.

The payroll software we use is also called Sage Payroll 50 and can be found as an application on our RDS session host servers.

When I send a bump test email to an internal contact, it works fine, but an external error message is thrown:

Inbound authentication failed with a LogonDenied error for the inbound Receive connector on port 25 by default EXCHANGESERVERNAME. Authentication was performed using the Ntlm mechanism. The source of the IP address of the client who tried to check MS Exchange is [the IP address of our RDS server]

Speed up your PC in just a few clicks

Is your computer running slow and unstable? Are you plagued by mysterious errors, and worried about data loss or hardware failure? Then you need ASR Pro � the ultimate software for repairing Windows problems. With ASR Pro, you can fix a wide range of issues in just a few clicks, including the dreaded Blue Screen of Death. The application also detects crashing applications and files, so you can quickly resolve their problems. And best of all, it�s completely free! So don�t wait � download ASR Pro now and enjoy a smooth, stable and error-free PC experience.

In turn, this Receive connector is configured to disable emails from the IP addresses of our RDS servers and enable a specific authentication mechanism as shown below – TLS, TLS General Authentication, Basic, Integrated Windows Authentication, Exchange-Server Authentication

The authorization groups for this particular Receive connector are: Exchange Support Group, Exchange Legacy Server, Exchange Users, Anonymous Users.

I believe the Receive connector is configured and correct. I also tested the service / mailbox account I generate as an email sender via OWA and it sends / receives emails both internally and externally fine, also verified via the Outlook client and it works great too.

Is there anything else I can analyze to make this work?

In Exchange 2013, connect to ECP> Mail Flow> Receive connectors. Click the new plus sign to add a new power connector. Give him a descriptive phone number and choose the Frontend Transport role. Select the Custom type and click Next. Choose the port you want to listen on – it should usually be 25+, pretty much any IPv4 available. Click Next. Change the listOk remote IP addresses by default and first of all add only the IP addresses or range of IP addresses for which you want to use this Receive connector. In this case, click OK and Finish.

Select the data collection connector you just created and click the Edit icon. Select the maximum number of messages you want to send when you run this Receive connector (keep in mind that organizational limits can be higher or lower, and more invalid ones will prevail). Go to the Security section and make sure that only the following boxes are checked at this time:

1. Transport Layer Security (TLS)
2. External security (eg IPsec)
3. Replacing someone else’s servers

In the FQDN parameter below, sort the external hostname for your email connection (for example, mail.domain.com). Click Save

Question
Hello, we have an Exchange 2010 website that still shows Event ID 1035 in the Application log. See the error in detail below. This means the Amsterdam IP is provided. From what I’ve heard, it looks like someone is actually trying to authenticate Exchange my server for an external one. I would like to know if it is reasonable to expect, or does this mean that my port is not configured correctly? TLS, Basic authentication, and Integrated Windows authentication are enabled in my “standard” connector. It also has Anonymous Users, Exchange View Servers, and legacy Exchange machines enabled for permission groups.

Incoming check Authentication failed due to a LogonDenied error for the standard Receive connector . Authentication stands for Ntlm. The original IP address of the home address of the client that was trying to validate with Microsoft Exchange is [37.139.50.146].

Question
Hello, we have Exchange 2010, so event ID 1035 continues to show up in the application log. The maximum error is shown below. It just seems like the IP is from Amsterdam. From what I understood, it looks like someone is trying to test this. swap my server externally. I would like to know if this is normal enough or does it mean that our port is not configured correctly? My “standard” connector has TLS, Basic authentication in addition to Integrated Windows authentication. It can even have anonymous users, user’s web servers Exchange and legacy Exchange servers equipped for permission groups.

Inbound authentication failed using LogonDenied to get the default plugin error . Authentication is an Ntlm mechanism. The original IP address of the primary address of the client that tried to authenticate with Microsoft Exchange is [37.139.50.146].

Hello, we have an Exchange 2010 server that stores a sample of event ID 1035 in the application log portion. The full text of the error is shown below. Looks like an IP from Amsterdam. From what I’m collecting it looks like someone is trying to test this swap my server with. I would like to know, without a doubt, if this is normal enough or does it completely mean that my reception is not configured correctly? TLS, Basic authentication, and Integrated Windows authentication are enabled on my “standard” connection. It also creates an anonNames of users, custom Exchange servers, and legacy Exchange servers that are enabled for permission groups.

Inbound authentication failed with a LogonDenied error for the standard Receive connector . Authentication is an Ntlm mechanism. The original IP address of the application that tried to authenticate with Microsoft Exchange is [37.139.50.146].

Download this software now and say goodbye to your computer problems.

Mit Fehler Angemeldet Fur
S Oshibkoj Vhoda V Sistemu Dlya
Med Fel Loggade For
Avec Erreur De Connexion Refusee Pour
Z Bledem Przy Logowaniu Do
Con Errore Negato Per
Met Fout Aangemeld Voor
Con Error De Inicio De Sesion Denegado
에 대해 로그온한 오류와 함께
Com Erro Logado Negado Para

Источник

Intermittent 451 4.7.1 PRX2 All Receiving Connectors

I’m having a problem with a new Exchange 2013 CU7 server on Windows Server 2012 R2. Having intermittent 451 4.7.1 Temporary server error. Please try again later PRX2 on receiving mail on connectors configured with port 25. I keep thinking I have
solved the issue. If I think I fix it in the morning, it works all afternoon. The next day I’m getting the error again. It is driving me and my client nuts!

The Exchange server has the DNS servers for the internal DC’s set in EAC for both internal and external lookups.

The DC’s have DNS set to forward to external DNS servers. I ‘m having no issues with DNS resolution anywhere in the environment.

The Exchange server is able to resolve internal and external DNS.

One thing of note and I’m not sure if this is normal, if I ping the DC’s i get back IPv6 address, never an IP4. I have even set the servers in a host file.

Thankfully I have a filtered mail service that will spool mail if it cannot connect to the mail server and retires at set intervals. So I have not lost any emails.

There is no filtering or AV scanning happening on the server or Exchange level.

Nothing in the event logs of note related to this issue.

At the moment it is working, but I’m sure it’s going to stop again soon.

January 22nd, 2015 8:56pm

At the time you lose connection to the DC are you able to ping it? Do you have any AV on the DC’s that could be stopping connections?

adding to the hosts file shouldnt be done on your internal network if DNS is working properly as your machine will query the host file first.

Is the windows firewall enabled at all on the Exchange servers? Can you disable it and see?

IPv6 response is fine. you shouldnt disable it.

January 22nd, 2015 9:09pm

Yes, I’m able to ping it. The error is happening again. There is no rhyme or reason to this.

Turned off the firewall, still happening.

January 22nd, 2015 9:16pm

And now it’s working again. I’m looking for a pattern but can’t find one.

Edited by

Thursday, January 22, 2015 6:28 PM

January 22nd, 2015 9:27pm

Happening again. Perhaps it’s a 20 minute cycle?

January 22nd, 2015 9:51pm

Hi ,

1.On the default front end receive connectors just go to the network adapter settings and bound it to a ip address of the cas server and check the results.By default it will be set to all the available ipv4 address.

2.If you have multiple network cards on the cas servers then you need to set the binding of the network adapter in the first order that should have the Ip address of the cas server.

January 22nd, 2015 10:32pm

If your hosted MTA is receiving a 451 4.7.1 then your Exchange server is actually issuing that and
is listening so I doubt it’s a DNS resolution issue. You can confirm if you can pull the SMTP logs of your MTA and check the SMTP session to confirm if your Exchange server is issuing 451
4.7.1.

Since this is a receiving problem and you’re getting the
451 4.7.1 are you sure it’s not your hosted MTA that is actually issuing this to the sender
and not your Exchange server? Log into your hosted provider and disable any greylisting temporarily to eliminate.

January 22nd, 2015 10:57pm

I set the IP address of the CAS server for the default front end receiver.

Still happening.

January 22nd, 2015 11:13pm

Don’t know if this will help.

Error in processing. The server response was: 4.7.0 Temporary server error. Please try again later. PRX2 || Erro Stack Trace: at System.Net.Mail.DataStopCommand.CheckResponse(SmtpStatusCode statusCode, String serverResponse)
at System.Net.Mail.DataStopCommand.Send(SmtpConnection conn)
at System.Net.Mail.SmtpConnection.OnClose(Object sender, EventArgs args)
at System.Net.ClosableStream.Close()
at System.Net.Mail.MailWriter.Close()
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at TestaSmtp.Form1.btnTestar_Click(Object sender, EventArgs e)

January 22nd, 2015 11:29pm

are you sure it’s not your hosted MTA that is actually issuing this to the sender and not your Exchange
server?

Yes. It happens when I send mail to the connector from within the network as well.

January 22nd, 2015 11:33pm

You’re sure you’re not running any other AVSPAM on the Exchange server? Any transport events in eventvwr?

January 22nd, 2015 11:37pm

Internal users are also complaining that they are sending emails do not show up in the sent items.

Don’t know if this is related.

January 23rd, 2015 12:18am

Hmm doesn’t show up even in OWA sent items? Any transport events in eventvwr?

January 23rd, 2015 12:28am

No not anything third party. What’s turned on by default on Exchange server?

No Transport errors.

I get this in the log, but since I’m not doing TLS, I didn’t think it mattered, but maybe it’s of note.

Microsoft Exchange could not find a certificate that contains the domain name server.domain.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector External Send to GFI with a FQDN parameter
of server.domain.local. If the connector’s FQDN is not specified, the computer’s FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate
exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

Hmmmmm I am seeing a bunch of these, they may correspond to when I have the issues:

Inbound authentication failed with error LogonDenied for Receive connector Default server.domain.local. The authentication mechanism is Ntlm. The source IP address of the client who tried to authenticate to Microsoft Exchange is [X.X.X.X].

The IP address listed above is coming from the test external network I’m using to test the receive connector. As far as I know I’m not trying to login with NTLM.

Edited by
Dynamic Computer
Thursday, January 22, 2015 9:41 PM

January 23rd, 2015 12:40am

I wouldn’t worry about the cert for now Exchange will use opportunistic TLS when it can if it can’t it just falls back to the default plain text.

the inbound auth failure may be of concern, your test client appears to be connecting to a receive connector that is requiring authentication. Your relay receive connector should have the following permissions below.

Transport layer security
Externally Secured
Exchange Servers
Anonymous users

If you didn’t create a dedicated receive connector, try creating a new relay connector with those permissions and test again.

http://www.petenetlive.com/KB/Article/0000891.htm

January 23rd, 2015 12:53am

No, she did tell me that Outlook 2013 crashed when it happened. That’s another thing that has been happening. No transport events.

January 23rd, 2015 12:57am

It was really bothering me so I fixed the cert problem.

I also created a new receive connector running on a different IP address.

I thought it was working, until it stopped working again.

I’m really starting to not like Exchange 2013. Exchange 2003 practically ran itself.

I’m now getting these since fixing the cert, don’t know if it helps figure out what’s going on:

Inbound authentication failed with error LogonDenied for Receive connector Client Frontend EXCH1. The authentication mechanism is Login. The source IP address of the client who tried to authenticate to Microsoft Exchange is [127.0.0.1].

This is making me nuts. Working, not working, working, not working….

Edited by
Dynamic Computer
Friday, January 23, 2015 7:02 AM

January 23rd, 2015 9:42am

Does this info help?

FrontEndTransport… FrontendTran… Healthy
FrontendTransport… FrontendTran… Healthy
OnPremisesInbound… FrontendTran… Unhealthy
OnPremisesSmtpCli… FrontendTran… Unhealthy
PrivateWorkingSet… msexchangefronten… FrontendTran… Healthy
PrivateWorkingSet… msexchangefronten… FrontendTran… Healthy
ProcessProcessorT… msexchangefronten… FrontendTran… Healthy
ProcessProcessorT… msexchangefronten… FrontendTran… Healthy
FrontendTransport… FrontendTransport FrontendTran… Healthy
InboundProxyDesti… FrontendTransport FrontendTran… Healthy
InboundProxyDesti… FrontendTransport FrontendTran… Healthy
InboundProxyAccou… FrontendTransport FrontendTran… Healthy
InboundProxyAccou… FrontendTransport FrontendTran… Healthy
ResourceForestMis… FrontendTransport FrontendTran… Healthy
FETBackpressureSu… FrontendTran… Healthy
CrashEvent.msexch… msexchangefronten… FrontendTran… Healthy

Get-ServerHealth -Identity EXCH1 -HealthSet Network

DnsHostRecordMonitor Network Network Unhealthy
NetworkAdapterMon… Network Healthy
NetworkAdapterRss… Network Healthy

HealthSet AlertValue LastTransitionTime Monito
——— ———- —————— ——
ActiveSync Unhealthy 1/20/2015 12:31:… 2
Autodiscover Unhealthy 1/20/2015 12:15:… 3
AMScanTimeout Healthy 12/24/2014 9:56:… 6
AMScanError Healthy 12/24/2014 10:04… 12
AMMessagesDeferred Healthy 12/24/2014 9:56:… 1
ActiveSync.Protocol Unhealthy 1/22/2015 3:00:2… 7
Autodiscover.Pro… Unhealthy 1/19/2015 11:43:… 8
AMADError Healthy 12/24/2014 9:58:… 2
AMTenantConfigError Healthy 12/24/2014 9:58:… 1
DLExpansion Healthy 12/24/2014 9:59:… 3
ECP Unhealthy 1/20/2015 9:23:3… 10
Compliance Healthy 1/20/2015 9:32:1… 29
AD Healthy 12/24/2014 10:05… 24
Autodiscover.Proxy Unhealthy 1/20/2015 12:16:… 1
ActiveSync.Proxy Unhealthy 1/20/2015 12:17:… 1
ECP.Proxy Healthy 12/24/2014 9:56:… 1
EWS.Proxy Unhealthy 1/20/2015 12:17:… 1
OutlookMapiHttp…. Unhealthy 1/20/2015 12:17:… 6
OAB.Proxy Unhealthy 1/20/2015 12:17:… 1
OWA.Proxy Healthy 12/24/2014 9:56:… 2
RPS.Proxy Healthy 12/24/2014 10:01… 6
RWS.Proxy Healthy 12/24/2014 10:01… 11
EventAssistants Healthy 12/24/2014 10:22… 6
EWS.Protocol Unhealthy 12/30/2014 12:59… 8
AMScanners Healthy 12/24/2014 9:56:… 2
EWS Unhealthy 12/30/2014 1:20:… 3
AMEUS Healthy 12/24/2014 9:56:… 4
DataProtection Healthy 12/24/2014 2:55:… 36
Monitoring Healthy 12/24/2014 10:01… 20
Clustering Healthy 12/24/2014 12:49… 5
UM.CallRouter Healthy 12/24/2014 10:00… 10
UM.Protocol Healthy 12/25/2014 5:17:… 23
OAB Healthy 12/24/2014 10:01… 10
EAS Healthy 12/24/2014 9:59:… 2
Search Healthy 1/5/2015 11:22:5… 48
AMScannerCrash Healthy 12/24/2014 9:56:… 1
FreeBusy Healthy 12/24/2014 9:59:… 2
BitlockerDeployment Healthy 12/24/2014 9:57:… 2
ClientAccess.Proxy Healthy 12/24/2014 10:01… 2
Transport Healthy 12/24/2014 10:01… 2
EDS Healthy 12/24/2014 10:52… 44
AMFMSService Healthy 12/24/2014 10:01… 6
ExtendedReportWeb Healthy 12/24/2014 10:01… 7
FrontendTransport Unhealthy 1/22/2015 2:46:5… 16
FEP Healthy 12/24/2014 9:59:… 2
FfoRws Healthy 12/24/2014 9:57:… 2
Places Healthy 12/24/2014 9:59:… 2
RemoteMonitoring Healthy 12/24/2014 10:01… 3
Inference Healthy 12/24/2014 10:01… 2
OWA Unhealthy 1/19/2015 11:32:… 18
HubTransport Unhealthy 1/22/2015 3:14:3… 97
OWA.Protocol.Dep Healthy 12/24/2014 10:38… 2
Network Unhealthy 1/23/2015 12:52:… 3
MailboxSpace Healthy 12/24/2014 10:09… 3
MailboxTransport Healthy 12/24/2014 10:06… 25
MailboxMigration Healthy 12/24/2014 10:08… 25
OWA.Protocol Healthy 1/20/2015 9:24:5… 6
PublicFolders Healthy 12/24/2014 10:10… 6
ProcessIsolation Healthy 12/24/2014 10:01… 25
SiteMailbox Healthy 12/24/2014 10:05… 3
RPS Unhealthy 1/19/2015 11:52:… 12
Outlook.Protocol Healthy 1/20/2015 9:35:4… 17
OutlookMapiHttp…. Healthy 1/20/2015 9:31:5… 2
OutlookMapiHttp Healthy 1/20/2015 9:31:2… 1
Outlook Healthy 1/20/2015 9:29:1… 1
UserThrottling Healthy 12/24/2014 10:22… 7
Store Healthy 1/5/2015 11:09:0… 32
DAL Healthy 12/24/2014 9:57:… 21
AntiSpam Healthy 12/24/2014 10:00… 5
Security Healthy 12/24/2014 10:00… 11
IMAP.Protocol Healthy 12/24/2014 10:01… 10
CentralAdmin Healthy 12/24/2014 10:01… 5
Datamining Healthy 12/24/2014 10:01… 10
Provisioning Healthy 12/24/2014 10:00… 5
POP.Protocol Healthy 12/24/2014 10:00… 10
Calendaring Healthy 12/24/2014 10:01… 5
Psws Healthy 12/24/2014 10:01… 10
PushNotification… Healthy 12/24/2014 10:00… 5
MessageTracing Healthy 12/24/2014 10:01… 5
Outlook.Proxy Unhealthy 1/20/2015 12:16:… 6
Antimalware Healthy 12/24/2014 10:00… 2
JournalArchive Healthy 12/24/2014 10:01… 1
EmailManagement Healthy 12/24/2014 9:59:… 2
AMService Healthy 12/24/2014 10:01… 6
FIPS Healthy 12/24/2014 10:01… 7
FfoCentralAdmin Healthy 12/24/2014 9:58:… 2
UnifiedMailbox Healthy 12/24/2014 9:56:… 4
UnifiedGroups Healthy 12/24/2014 9:56:… 21
OWA.Attachments Healthy 12/24/2014 9:56:… 26
PeopleConnect Healthy 12/24/2014 9:56:… 8
RemoteStore Healthy 12/24/2014 9:58:… 1
OWA.WebServices Healthy 12/24/2014 9:56:… 1
HDPhoto Healthy 12/24/2014 9:56:… 10
HxService.Calendar Healthy 12/24/2014 9:56:… 7
HxService.Mail Healthy 12/24/2014 9:59:… 15
OWA.SuiteServices Healthy 12/24/2014 9:56:… 2
SharedCache Healthy 12/24/2014 10:01… 5
FfoUcc Healthy 12/24/2014 10:01… 5
E4E Healthy 12/24/2014 10:01… 5
FfoMonitoring Disabled 1/1/0001 12:00:0… 23

January 23rd, 2015 10:24am

Hi ,

Have you checked my suggestions ?

January 23rd, 2015 10:48am

January 23rd, 2015 5:06pm

Any other ideas? This is a brand new server. I don’t understand why this is happening. Is there a bug with CU7?

January 26th, 2015 4:24am

I really need some help with this.

If it’s a bug then I need free support resources from Microsoft Product support.

January 27th, 2015 8:52pm

Hi,

Per my experience, this issue should be caused by DNS issues, I suggest we check the following steps one by one:

1. Check the two boxes in the advance network configuration:

2. Check the alternative DNS and preferred DNS, please removed the secondary DNS which does not point to our internal DNS/Domain Controller (if there is).

Related 3<sup>rd</sup> article:

Title:

451 4.7.0 Temporary server error. Please try again later. PRX2

Link: I simply removed the secondary DNS which does not point to my internal DNS/Domain Controller and now I am able to receive email.

3. Check the DNS lookups settings for the Exchange 2013 mailbox servers, make sure we used the NIC of both internal and external:

4. Also check the server components by running:

Get-ServerComponentState -Identity Server_Name

If there is any component state inactive, we should bring them to active:

Get-ServerComponentState -Identity Server_Name
| Set-ServerComponentState -Requester Functional -State Active Component: ServerWideOffline

Thanks,

Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.com

January 28th, 2015 11:28am

Those boxes are checked.

DNS is set only to internal DNS servers in both the NIC config and in EAC.

I am also running hyper-V on this server and the NIC is set as part of a virutal switch. Don’t know if that bit of info helps.

As far as component state, the results are the same whether not the server is receiving mail or not, again in 15 minute increments.

ServerWideOffline Active

HubTransport Active

FrontendTransport Active

Monitoring
Active

RecoveryActionsEnabled Active

AutoDiscoverProxy Inactive

ActiveSyncProxy Inactive

EcpProxy
Active

EwsProxy
Inactive

ImapProxy
Active

OabProxy
Inactive

OwaProxy
Active

PopProxy
Active

PushNotificationsProxy Active

RpsProxy Active

RwsProxy
Active

RpcProxy
Inactive

UMCallRouter Active

XropProxy
Active

HttpProxyAvailabilityGroup Active

ForwardSyncDaemon Inactive

ProvisioningRps Inactive

MapiProxy
Inactive

EdgeTransport Active

HighAvailability Active

SharedCache Active

January 28th, 2015 10:37pm

Now I’m getting this when sending mail to the receive connector:

Insufficient system resources

I have not idea why. I don’t see any problems with hard disk or memory.

As far as the PRX2 problem, perhaps this is a clue.

I’m getting these every 15 minutes. Please note, this is the same time interval for when I have the PRX2 problem.

Log Name: Application
Source: MSExchangeFrontEndTransport
Date: 1/24/2015 9:39:01 AM
Event ID: 1035
Task Category: SmtpReceive
Level: Warning
Keywords: Classic
User: N/A
Computer: server
Description:
Inbound authentication failed with error LogonDenied for Receive connector Client Frontend server. The authentication mechanism is Login. The source IP address of the client who tried to authenticate to Microsoft Exchange is [127.0.0.1].

January 29th, 2015 6:40pm

I could send saved event logs that might help. You can contact me at jazzmans2 at hotmail.com.

January 29th, 2015 6:47pm

Hi ,

On the server which you are facing the issue please check did you have enough space on the disk where the queue database resides.

January 29th, 2015 7:07pm

Yes, 47GB free.

January 29th, 2015 7:15pm

I find that if I restart the front end transport while I’m having the problem, I’m able to receive mail again until the next time interval.

Also restarting the front end transport yields this in the logs

Anti-spam agents are enabled, but the list of internal SMTP servers is empty. If there are any MTAs between this server and the Internet, populate this list by using the Set-TransportConfig cmdlet in the Exchange Management Shell.

January 29th, 2015 7:18pm

I also noticed that I was getting active directory lookup errors on the Exchange server yesterday when our primary DC was down for maintenance. We have a backup DC running as a hyper-v on the server that has Exchange server. The Exchange server
does have the DNS address of the backup DC populated in both the NIC and Exchange server properties.

As an example I received these:

Active Manager Client experienced an AD timeout trying to lookup object ExchangeServer1 in 00:01:00.

January 29th, 2015 7:28pm

Hi ,

Please set the dns servers for the exchange servers through the below mentioned command and check the results .

Set-TransportService -InternalDNSServers «ip address of your domain controllers»

January 29th, 2015 7:36pm

Great suggestion I did a:

get-transportservice |FL and did notice the internalDNSServers entry is empty.

What is the proper syntax for entering more than one dns server?

January 29th, 2015 7:48pm

Also it’s asking for an identity, and I’m not sure what to put. I tried putting the server name and all I get is a blinking cursor.

January 29th, 2015 7:50pm

Hi ,

Set-TransportService -InternalDNSServers «ip
address of your domain controllers«

You can delimit the ip addresses by using the comma symbol.

for instance :

Set-TransportService -identity «mailbox server name» -InternalDNSServers «192.168.1.10,192.168.1.20»

On the above example i would assume the mentioned
ip address as your domain controllers ip address.

January 29th, 2015 7:53pm

No, it will not allow me to delimit with a comma.

[PS] C:Windowssystem32>Set-TransportService -InternalDNSServers «192.168.1.1,192.168.1.8»
Cannot process argument transformation on parameter ‘InternalDNSServers’. Cannot convert value
«192.168.1.1,192.168.1.8» to type «Microsoft.Exchange.Data.MultiValuedProperty`1[System.Net.IPAddress]». Error:
«Failed to convert 192.168.1.1,192.168.1.8 from System.String to System.Net.IPAddress. Error: Error while convert
string ‘192.168.1.1,192.168.1.8’ to result type System.Net.IPAddress: An invalid IP address was specified.»
+ CategoryInfo : InvalidData: (:) [Set-TransportService], ParameterBindin…mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-TransportService
+ PSComputerName : server1

January 29th, 2015 7:55pm

Hi ,

Set-TransportService -identity «mailbox server name» -InternalDNSServers «ip
address of your domain controllers«

You can delimit the ip addresses by using the comma symbol.

for
instance :

Set-TransportService -identity «mailbox server name» -InternalDNSServers «192.168.1.10,192.168.1.20»

On the above example i would assume the mentioned
ip address as your domain controllers ip address.

January 29th, 2015 8:07pm

Here is the output of the get transportservice command if it is helpful

RunspaceId : 928db722-79f4-4c74-b445-29910607b788
Name : EXCH1
AntispamAgentsEnabled : False
ConnectivityLogEnabled : True
ConnectivityLogMaxAge : 30.00:00:00
ConnectivityLogMaxDirectorySize : 1000 MB (1,048,576,000 bytes)
ConnectivityLogMaxFileSize : 10 MB (10,485,760 bytes)
ConnectivityLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubConnectivity
DelayNotificationTimeout : 04:00:00
ExternalDNSAdapterEnabled : True
ExternalDNSAdapterGuid : 105cf317-1847-43d4-932e-186e1ff24c39
ExternalDNSProtocolOption : Any
ExternalDNSServers : {}
ExternalIPAddress :
InternalDNSAdapterEnabled : True
InternalDNSAdapterGuid : 105cf317-1847-43d4-932e-186e1ff24c39
InternalDNSProtocolOption : Any
InternalDNSServers : {192.168.1.1}
MaxConcurrentMailboxDeliveries : 20
MaxConcurrentMailboxSubmissions : 20
MaxConnectionRatePerMinute : 1200
MaxOutboundConnections : 1000
MaxPerDomainOutboundConnections : 20
MessageExpirationTimeout : 2.00:00:00
MessageRetryInterval : 00:15:00
MessageTrackingLogEnabled : True
MessageTrackingLogMaxAge : 30.00:00:00
MessageTrackingLogMaxDirectorySize : 1000 MB (1,048,576,000 bytes)
MessageTrackingLogMaxFileSize : 10 MB (10,485,760 bytes)
MessageTrackingLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsMessageTracking
IrmLogEnabled : True
IrmLogMaxAge : 30.00:00:00
IrmLogMaxDirectorySize : 250 MB (262,144,000 bytes)
IrmLogMaxFileSize : 10 MB (10,485,760 bytes)
IrmLogPath : C:Program FilesMicrosoftExchange ServerV15LoggingIRMLogs
ActiveUserStatisticsLogMaxAge : 30.00:00:00
ActiveUserStatisticsLogMaxDirectorySize : 250 MB (262,144,000 bytes)
ActiveUserStatisticsLogMaxFileSize : 10 MB (10,485,760 bytes)
ActiveUserStatisticsLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubActiveUsersStats
ServerStatisticsLogMaxAge : 30.00:00:00
ServerStatisticsLogMaxDirectorySize : 250 MB (262,144,000 bytes)
ServerStatisticsLogMaxFileSize : 10 MB (10,485,760 bytes)
ServerStatisticsLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubServerStats
MessageTrackingLogSubjectLoggingEnabled : True
OutboundConnectionFailureRetryInterval : 00:10:00
IntraOrgConnectorProtocolLoggingLevel : None
PickupDirectoryMaxHeaderSize : 64 KB (65,536 bytes)
PickupDirectoryMaxMessagesPerMinute : 100
PickupDirectoryMaxRecipientsPerMessage : 100
PickupDirectoryPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesPickup
PipelineTracingEnabled : False
ContentConversionTracingEnabled : False
PipelineTracingPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubPipelineTracing
PipelineTracingSenderAddress :
PoisonMessageDetectionEnabled : True
PoisonThreshold : 2
QueueMaxIdleTime : 00:03:00
ReceiveProtocolLogMaxAge : 30.00:00:00
ReceiveProtocolLogMaxDirectorySize : 250 MB (262,144,000 bytes)
ReceiveProtocolLogMaxFileSize : 10 MB (10,485,760 bytes)
ReceiveProtocolLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubProtocolLogSmtpReceive
RecipientValidationCacheEnabled : False
ReplayDirectoryPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesReplay
RootDropDirectoryPath :
RoutingTableLogMaxAge : 7.00:00:00
RoutingTableLogMaxDirectorySize : 50 MB (52,428,800 bytes)
RoutingTableLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubRouting
SendProtocolLogMaxAge : 30.00:00:00
SendProtocolLogMaxDirectorySize : 250 MB (262,144,000 bytes)
SendProtocolLogMaxFileSize : 10 MB (10,485,760 bytes)
SendProtocolLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubProtocolLogSmtpSend
TransientFailureRetryCount : 6
TransientFailureRetryInterval : 00:05:00
AntispamUpdatesEnabled : False
InternalTransportCertificateThumbprint : B7A4E875601085D09D8656F9C5E7B2D83F376D22
TransportSyncEnabled : False
TransportSyncPopEnabled : False
WindowsLiveHotmailTransportSyncEnabled : False
TransportSyncExchangeEnabled : False
TransportSyncImapEnabled : False
MaxNumberOfTransportSyncAttempts : 3
MaxActiveTransportSyncJobsPerProcessor : 16
HttpTransportSyncProxyServer :
HttpProtocolLogEnabled : False
HttpProtocolLogFilePath :
HttpProtocolLogMaxAge : 7.00:00:00
HttpProtocolLogMaxDirectorySize : 250 MB (262,144,000 bytes)
HttpProtocolLogMaxFileSize : 10 MB (10,485,760 bytes)
HttpProtocolLogLoggingLevel : None
TransportSyncLogEnabled : False
TransportSyncLogFilePath :
TransportSyncLogLoggingLevel : None
TransportSyncLogMaxAge : 30.00:00:00
TransportSyncLogMaxDirectorySize : 10 GB (10,737,418,240 bytes)
TransportSyncLogMaxFileSize : 10 MB (10,485,760 bytes)
TransportSyncHubHealthLogEnabled : False
TransportSyncHubHealthLogFilePath :
TransportSyncHubHealthLogMaxAge : 30.00:00:00
TransportSyncHubHealthLogMaxDirectorySize : 10 GB (10,737,418,240 bytes)
TransportSyncHubHealthLogMaxFileSize : 10 MB (10,485,760 bytes)
TransportSyncAccountsPoisonDetectionEnabled : False
TransportSyncAccountsPoisonAccountThreshold : 2
TransportSyncAccountsPoisonItemThreshold : 2
TransportSyncAccountsSuccessivePoisonItemThreshold : 3
TransportSyncRemoteConnectionTimeout : 00:01:40
TransportSyncMaxDownloadSizePerItem : 36 MB (37,748,736 bytes)
TransportSyncMaxDownloadSizePerConnection : 50 MB (52,428,800 bytes)
TransportSyncMaxDownloadItemsPerConnection : 1000
DeltaSyncClientCertificateThumbprint :
UseDowngradedExchangeServerAuth : False
IntraOrgConnectorSmtpMaxMessagesPerConnection : 20
TransportSyncLinkedInEnabled : False
TransportSyncFacebookEnabled : False
QueueLogMaxAge : 7.00:00:00
QueueLogMaxDirectorySize : 200 MB (209,715,200 bytes)
QueueLogMaxFileSize : 10 MB (10,485,760 bytes)
QueueLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubQueueViewer
WlmLogMaxAge : 7.00:00:00
WlmLogMaxDirectorySize : 250 MB (262,144,000 bytes)
WlmLogMaxFileSize : 10 MB (10,485,760 bytes)
WlmLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubWLM
AgentLogMaxAge : 7.00:00:00
AgentLogMaxDirectorySize : 250 MB (262,144,000 bytes)
AgentLogMaxFileSize : 10 MB (10,485,760 bytes)
AgentLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsHubAgentLog
AgentLogEnabled : True
FlowControlLogMaxAge : 7.00:00:00
FlowControlLogMaxDirectorySize : 200 MB (209,715,200 bytes)
FlowControlLogMaxFileSize : 10 MB (10,485,760 bytes)
FlowControlLogPath :
FlowControlLogEnabled : True
ProcessingSchedulerLogMaxAge : 7.00:00:00
ProcessingSchedulerLogMaxDirectorySize : 200 MB (209,715,200 bytes)
ProcessingSchedulerLogMaxFileSize : 10 MB (10,485,760 bytes)
ProcessingSchedulerLogPath :
ProcessingSchedulerLogEnabled : True
ResourceLogMaxAge : 7.00:00:00
ResourceLogMaxDirectorySize : 200 MB (209,715,200 bytes)
ResourceLogMaxFileSize : 10 MB (10,485,760 bytes)
ResourceLogPath :
ResourceLogEnabled : True
DnsLogMaxAge : 7.00:00:00
DnsLogMaxDirectorySize : 100 MB (104,857,600 bytes)
DnsLogMaxFileSize : 10 MB (10,485,760 bytes)
DnsLogPath :
DnsLogEnabled : False
JournalLogMaxAge : 7.00:00:00
JournalLogMaxDirectorySize : 200 MB (209,715,200 bytes)
JournalLogMaxFileSize : 10 MB (10,485,760 bytes)
JournalLogPath : C:Program FilesMicrosoftExchange
ServerV15TransportRolesLogsJournalLog
JournalLogEnabled : False
TransportMaintenanceLogMaxAge : 7.00:00:00
TransportMaintenanceLogMaxDirectorySize : 200 MB (209,715,200 bytes)
TransportMaintenanceLogMaxFileSize : 10 MB (10,485,760 bytes)
TransportMaintenanceLogPath :
TransportMaintenanceLogEnabled : True
SmtpEnableAllTlsVersions : False
Identity : EXCH1
IsValid : True
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=EXCH1,CN=Servers,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative Groups,CN=KSD,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=ksd,DC=local
Guid : aebc9665-dfbb-4646-b5f0-565be6aa5f29
ObjectCategory : ksd.local/Configuration/Schema/ms-Exch-Exchange-Server
ObjectClass : {top, server, msExchExchangeServer}
WhenChanged : 1/29/2015 11:47:38 AM
WhenCreated : 12/24/2014 1:39:57 AM
WhenChangedUTC : 1/29/2015 4:47:38 PM
WhenCreatedUTC : 12/24/2014 6:39:57 AM
OrganizationId :
Id : EXCH1
OriginatingServer : DC1.domain.local
ObjectState : Unchanged

January 29th, 2015 8:12pm

There is no change with the PRX2 error. In addition I found this:

The InternalDNSServers property
specifies the list of internal DNS servers that the server uses to resolve a domain. You must set the value of theInternalDNSAdapterEnabled property
to false to
use the list of servers in the InternalDNSServers property.
If the InternalDNSAdapterEnabled property
is true,
the DNS settings of the network adapter identified by the InternalDNSAdapterGuid property
are used instead.

InternalDNSAdapterEnabled is
set to true. In additional the External DNS servers entry is empty.

Edited by
Dynamic Computer
Thursday, January 29, 2015 5:28 PM

January 29th, 2015 8:26pm

Hi ,

1.Does the ip address 192.168.1.1 belongs to your domain controller with DNS? If yes then it is ok.

2.Same time in ecp also please try to have the same ip address on the internal dns lookup available on
the mailbox servers .

3.On the exchange servers nic just check the same ip address is assigned on nic card’s preferred dns server .

4.Please remove the existing host file entries on the exchange server and flush the dns cache by
using the below mentioned command

ipconfig /flushdns

5.Then check the name resolution part in the exchange servers by using the nslookup commands.

6.Finally restart the Microsoft exchange transport service and Microsoft exchange front end service and then check the same issue is persisting
or not.

January 29th, 2015 8:42pm

1. DC servers set 192.168.1.1 and 1.8

2. Both set in ECP

3. Same set on NIC

4 Removed entries, flush dns

5. Name resolution is working fine.

6. Restarted both

No change, still getting the error.

Edited by
Dynamic Computer
Thursday, January 29, 2015 6:45 PM

January 29th, 2015 9:41pm

Hi ,

Have you tried to telnet the exchange server by logging in to the same server ?

January 29th, 2015 9:47pm

I’m telneting from the DC.

I will try directly from the server the next time it happens.

January 29th, 2015 9:49pm

Hi ,

One more thing i need to clarify from your end .

where the below mentioned error is appearing ? is it appearing on the exchange server receive connectors logs or else on any other servers or clients machines which is trying to send emails ?

Error : 451 4.7.1 Temporary server error. Please try again later PRX2

January 29th, 2015 10:01pm

I only see this when I use telnet directly to the server, or in the logs of my hosted MTA.

I have SMTP logging enabled, but I don’t know how to check it for the receive connector.

January 29th, 2015 10:04pm

Hi ,

I hope you would be having the MTA to receive emails from the internet .If so just have the local host entry for the problematic exchange server on the host file in MTA.

x.x.x.x cas server FQDN

January 29th, 2015 10:28pm

I didn’t mean to mislead you, it’s not an Exchange MTA.

We use GFI Max mail filtering service. If it gets the PRX2 error it queues the mail until it’s available. Otherwise the mail would have bounced back to the sender.

The CAS server in this case is all on the same box.

Edited by
Dynamic Computer
Thursday, January 29, 2015 7:39 PM

January 29th, 2015 10:39pm

Affirmative. If I telnet from the Exchange server to itself I also get the error.

January 29th, 2015 10:43pm

Hi ,

Thanks for the reply.

Alright , how the smtp configuration was done on the MTA .Does it routes all the smtp traffic by using the ip address of the exchange or else by using the FQDN of the exchange server ?

How many exchange boxes in your environment?

In case if you have only one box then on that server how many network cards are available ?

January 29th, 2015 10:48pm

Yes it routes by IP address. (don’t forget it’s also happening locally)

Only one exchange box.

The server has two nics. Only one in use. In addition, I’m also running hyper-v, so the phsical nic 1 in use, but the network config is running on VEthernet-Virtual Switch.

Edited by
Dynamic Computer
Thursday, January 29, 2015 7:59 PM

January 29th, 2015 10:58pm

Hi ,

Alright on the exchange server you are having two nics.

1.Please disable or remove the one which is not in use .

2.Then make sure the active nic card is having the first preference on the bindings.

3.start—->Run—->ncpa.cpl——->advanced ——>adapter and bindings——->make sure the active Nic card is on the top.

4.Then on the provider order option make sure the Microsoft windows network is on the top.

5.Then the check MTA and same server is generating such kind of error logs.

January 30th, 2015 12:03am

Hi ,

Is is there is any update from your side ?

January 31st, 2015 8:14am

Источник

Inbound authentication failed with error logondenied

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" src="https://i1.social.s-msft.com/globalresources/Images/trans.gif" />

Answered by:

Question

Answers

Inbound authentication failed with error logondenied

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" src="https://i1.social.s-msft.com/globalresources/Images/trans.gif" />

Asked by:

Question

Inbound authentication failed with error logondenied

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" src="https://i1.social.s-msft.com/globalresources/Images/trans.gif" />

Asked by:

Question

Inbound authentication failed with error logondenied

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" src="https://i1.social.s-msft.com/globalresources/Images/trans.gif" />

Asked by:

Question

Inbound authentication failed with error on Exchange 2013

Popular Topics in Microsoft Exchange

Speed up your PC in just a few clicks

Speed up your PC in just a few clicks

Question

Question

Читайте также: