Sunday, February 5, 2012

451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled)

I have faced a problem at a cusomter site;mails  cannot flow from an Exchange 2010 server to a specific Exchange 2003 server , while it can flow to other Exchange 2003 servers.

Exchange 2010 servers were in AD domain: ChildA.parent.com and Exchange 2003 server was in ADdomain : ChildB.parent.com.

Domain controllers of domain ChildB.parent.com only existed at the site of Exchange 2003.

The queue viewer gave the following message :
"451 4.4.0 Primary Target IP Address Responded with (501 5.5.4 Auth Command Cancelled)"
 and the application log gave the following error:

Outbound authentication failed with error -2146892976 for Send connector Intra-Organization SMTP Send Connector. The authentication mechanism is Gssapi. The target is SMTPSVC/Exchange2003ServerFQDN
i have checked the SPN , using Setspn -l Exchange2003ServerName aother posts on the Internet suggested, the SPN was not in place so i had to add it using :


setspn -a SMTPSVC/Exchange2003ServerFQDN Exchange203ServerName
But the problem still persisted, later we found out it was related to netowrk traffic being bloked, in addition to Posrt 25 for SMTP traffic , you still need Ports 389 and 88 for authentication between Exchange 2010 servers and domain controllers for ChildB.parent.com AD domain. 

No comments: