Ok...here's the problem (It's kinda weird and I'm not sure I'm gonna explain this right, but here I go):
1. Exchange 5.5 SP4, Win2k SP2 server, NT 4.0 domain (our side), Exchange 5.5 SP4, Win2k SP2 server, Win2k AD domain (their side). 2. On 07/01/2002, X number of mailboxes were deleted from our site in the org and added to the other site in the org. Due to the fact that they don't have Admin rights in our site and vice versa, I exported the contents of all the mailboxes that were moving to .pst files and put the files on a share. I then deleted the mailboxes from our site. They recreated the mailboxes and imported the data into the new mailbox. 3. Ever since the following Monday, I have been getting the error messages below. I don't just get one or two a day. For 10-15 ex-users per server (30-45 total) I get these messages ALL DAY long. The messages start as soon as these people log into the other domain every morning. Event Type: Failure Audit Event Source: MSExchangeIS Private Event Category: Logons Event ID: 1023 Date: 11/26/2002 Time: 12:44:13 PM User: N/A Computer: ERCEXCHANGE Description: HANFORD\hxxxxxxx was validated as /o=HANFORD/ou=HANFORD/cn=Recipients/cn=hxxxxxxx but was unable to log on to /o=HANFORD/ou=ERC/cn=Recipients/cn=JoeUser. 4. In the error message above, "hxxxxxxx" is their domain logon name as well as the primary account associated with the mailbox on their side. They use an 8-digit alphanumeric number to guarantee that everyone that has ever worked on this job location (all way back to the '40's) has a unique ID number. 5. We have our own domain as well and exist as a site within their mail org. For our network accounts, we use an eight-character alphanumeric login name as well, but with a different naming convention. So...we associate the mailbox in this site with our domain logon names. However, when we create the mailbox, in the optional attributes, there is one called employee-number. Both sites populate this field with the hxxxxxxx number when the account is created. 6. Now...this is where it starts to get complicated. Someone on their side has a C++ service that runs once a night against the GAL. The service logs into Exchange, extracts the hxxxxxxx number from the employee-number field and compares that against PeopleCore. If there are no dupes, it then grabs all the organizational/location data for that employee and updates the record in Exchange, which then replicates back to our site. If there are dupes, it kicks out an error message to the appropriate site admin, saying, "Go fix it stupid!" 7. Okay...I have verified that for each hxxxxxxx logon name that is logging into their domain and getting an error in our server logs, that this is the same "employee-number" that was associated with the mailbox when it was on our side. 8. I have found the following information on Technet, but I'm not running Mailbox Manager, I'm not running MBClean and I have no problems starting the Exchange Event or Internet Message Services. Q188594 - http://support.microsoft.com/default.aspx?scid=kb;en-us;188594 Q237481 - http://support.microsoft.com/default.aspx?scid=kb;en-us;237481 Q306308 - http://support.microsoft.com/default.aspx?scid=kb;en-us;306308 Q158028 - http://support.microsoft.com/default.aspx?scid=kb;en-us;158028 - This may apply...I don't know if their Outlook profiles were deleted and recreated after moving from one domain to the other. Q259578 - http://support.microsoft.com/default.aspx?scid=kb;en-us;259578 Don't even try Precht...I've already been to EventID.net and what I found doesn't fit my situation: http://www.eventid.net/display.asp?eventid=1023&source=MSExchangeIS+Private TIA folks, James H (Jim) Blunt Network / Exchange Administrator Network Infrastructure Group Bechtel Hanford, Inc. (BHI) Office: 509-372-9188 TextMessage: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]