Re: SELF Attribute not updating through firewall

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

---

• From: "Ed Crowley [MVP]" <curspice@xxxxxxxxxxxxxx>
• Date: Tue, 10 Oct 2006 11:33:56 -0700

---

Also, is there a Recipient Update Service running against the subdomain?
--
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"

"Bruce D. Meyer" <BruceDMeyer@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4C31ED7D-BC27-430E-AB99-4ECF161A2C86@xxxxxxxxxxxxxxxx

We have an AD forest recently upgraded Exchange 5.5 to 2003 SP2.
I think that something we did in the last month or two in regards to
shutting down the old NT servers has caused this oddity to occur:

Our Forest is two domains. One domain has about 1,000 users, the subdomain
has about 12.
The subdomain is behind a PIX firewall.
We recently upgraded Exchange 5.5 to Exchange 2003.

Everything has worked for quite some time.

I think that something we did recently, as we shut down more and more of
the
old NT servers has caused the following odd problem, but I can't figure
out
what is causing it.

When the Exchange Admins create a new user in this subdomain behind the
firewall, the SELF attribute doesn't update and change to the username as
it
should.

Also, that user cannot open up Outlook on their computer successfully.

I started debug fixup udp and noticed that the domain controller for that
subdomain (which is also behind the firewall) for some reason is trying to
use port 138 to a domain controller that is not in it's site replication
topology. If the DC should be talking to the root DC in the forest, and
that
is how to PIX has been configured for several years. (Exchange 5.5 days)

If I allow Port 138 traffic to go through the firewall, the subdomains DC
will indeed go to that other DC and the user can then successfully open
Outlook and send and receive email.

Oddly, the SELF attribute never gets updated.

We placed a machine on the outside of the firewall, logged into the
subdomain as a user from that subdomain, and even though the user can send
and receive email, the SELF attribute never gets updated to the logged in
users name.

I am using secure DC to DC isakmp through the firewall replication as
recommended in a KB as the best way to handle DC to DC replication through
a
firewall.

Frankly, I am not even sure what my next troubleshooting step should be.
Any
help is greatly appreciated.

Bruce D. Meyer, CCNA, MCSE
Network Analyst
City of Columbia, SC





--
Bruce D. Meyer, CCNA, MCSE
Network Analyst
City of Columbia, SC

.

---

• Follow-Ups:
  • Re: SELF Attribute not updating through firewall
    • From: Bruce D. Meyer

• Prev by Date: Re: SELF Attribute not updating through firewall
• Next by Date: Attach a Mail Store to Another User
• Previous by thread: Re: SELF Attribute not updating through firewall
• Next by thread: Re: SELF Attribute not updating through firewall
• Index(es):
  • Date
  • Thread

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Exchange  > microsoft.public.exchange.admin  > 2006-10