Ok...here's the problem (It's kinda weird and I'm not sure I'm gonna explain
this right, but here I go):
1. Exchange 5.5 SP4, Win2k SP2 server, NT 4.0 domain (our side), Exchange
5.5 SP4, Win2k SP2 server, Win2k AD domain (their side).
2. On 07/01/2002, X number of mailboxes were deleted from our site in the
org and added to the other site in the org. Due to the fact that they don't
have Admin rights in our site and vice versa, I exported the contents of all
the mailboxes that were moving to .pst files and put the files on a share.
I then deleted the mailboxes from our site. They recreated the mailboxes
and imported the data into the new mailbox.
3. Ever since the following Monday, I have been getting the error messages
below. I don't just get one or two a day. For 10-15 ex-users per server
(30-45 total) I get these messages ALL DAY long. The messages start as soon
as these people log into the other domain every morning.
Event Type: Failure Audit
Event Source: MSExchangeIS Private
Event Category: Logons
Event ID: 1023
Date: 11/26/2002
Time: 12:44:13 PM
User: N/A
Computer: ERCEXCHANGE
Description:
HANFORD\hxxxxxxx was validated as
/o=HANFORD/ou=HANFORD/cn=Recipients/cn=hxxxxxxx but was unable to log on to
/o=HANFORD/ou=ERC/cn=Recipients/cn=JoeUser.
4. In the error message above, "hxxxxxxx" is their domain logon name as
well as the primary account associated with the mailbox on their side. They
use an 8-digit alphanumeric number to guarantee that everyone that has ever
worked on this job location (all way back to the '40's) has a unique ID
number.
5. We have our own domain as well and exist as a site within their mail
org. For our network accounts, we use an eight-character alphanumeric login
name as well, but with a different naming convention. So...we associate the
mailbox in this site with our domain logon names. However, when we create
the mailbox, in the optional attributes, there is one called
employee-number. Both sites populate this field with the hxxxxxxx number
when the account is created.
6. Now...this is where it starts to get complicated. Someone on their side
has a C++ service that runs once a night against the GAL. The service logs
into Exchange, extracts the hxxxxxxx number from the employee-number field
and compares that against PeopleCore. If there are no dupes, it then grabs
all the organizational/location data for that employee and updates the
record in Exchange, which then replicates back to our site. If there are
dupes, it kicks out an error message to the appropriate site admin, saying,
"Go fix it stupid!"
7. Okay...I have verified that for each hxxxxxxx logon name that is logging
into their domain and getting an error in our server logs, that this is the
same "employee-number" that was associated with the mailbox when it was on
our side.
8. I have found the following information on Technet, but I'm not running
Mailbox Manager, I'm not running MBClean and I have no problems starting the
Exchange Event or Internet Message Services.
Q188594 -
http://support.microsoft.com/default.aspx?scid=kb;en-us;188594
Q237481 -
http://support.microsoft.com/default.aspx?scid=kb;en-us;237481
Q306308 -
http://support.microsoft.com/default.aspx?scid=kb;en-us;306308
Q158028 -
http://support.microsoft.com/default.aspx?scid=kb;en-us;158028 - This may
apply...I don't know if their Outlook profiles were deleted and recreated
after moving from one domain to the other.
Q259578 -
http://support.microsoft.com/default.aspx?scid=kb;en-us;259578
Don't even try Precht...I've already been to EventID.net and what I found
doesn't fit my situation:
http://www.eventid.net/display.asp?eventid=1023&source=MSExchangeIS+Private
TIA folks,
James H (Jim) Blunt
Network / Exchange Administrator
Network Infrastructure Group
Bechtel Hanford, Inc. (BHI)
Office: 509-372-9188
TextMessage: [EMAIL PROTECTED]
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
