Re: No inbound emails from outside domain
- From: "Mike in Nebraska" <mikewebb@xxxxxxxxxxxxxxx>
- Date: Sun, 6 Sep 2009 20:54:47 -0500
Thanks for checking in.All I've installed in the few days prior to this
happening is KB915597 (WinDefender updates) and KB907747 (Update to Exchange
IMF). I do not have LCS.
DHCP is running, but ... it shows "Cannot find the DHCP Server" in the
right-hand side of the MMC. The error is: "The remote procedure call
failed."
I already have in place a PTR for my internal IP and a reverse zone for the
subnet.
I didn't do anything with the AV or ISA client as the results in this post
may prove it's not needed. I'll certainly do so if you suggest otherwise.
(I apologize if I should not have cut-and-pasted the text file below. I
know it's lengthy, but didn't know which part might be the piece of the
puzzle needed.)
Here's the results of the dcdiag test:
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine wct, is a DC.
* Connecting to directory service on server wct.
[wct] Directory Binding Error 1726:
The remote procedure call failed.
This may limit some of the tests that can be performed.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\WCT
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
[WCT] DsBindWithSpnEx() failed with error 1726,
The remote procedure call failed..
Printing RPC Extended Error Info:
Error Record 1, ProcessID is 9868 (DcDiag)
System Time is: 9/7/2009 1:33:50:676
Generating component is 2 (RPC runtime)
Status is 1726: The remote procedure call failed.
Detection location is 360
NumberOfParameters is 1
Long val: -1073606647
Error Record 2, ProcessID is 9868 (DcDiag)
System Time is: 9/7/2009 1:33:50:676
Generating component is 8 (winsock)
Status is -1073606647: unknown
Detection location is 292
Error Record 3, ProcessID is 9868 (DcDiag)
System Time is: 9/7/2009 1:33:50:676
Generating component is 8 (winsock)
Status is 0: no error
Detection location is 290
NumberOfParameters is 1
Long val: 0
......................... WCT failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\WCT
Skipping all tests, because server WCT is
not responding to directory service requests
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : whooper
Starting test: CrossRefValidation
......................... whooper passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... whooper passed test CheckSDRefDom
Running enterprise tests on : whooper.local
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the
scope
provided by the command line arguments provided.
......................... whooper.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\wct.whooper.local
Locator Flags: 0xe00001fd
Warning: Couldn't verify this server as a PDC using DsListRoles()
PDC Name: \\wct.whooper.local
Locator Flags: 0xe00001fd
Time Server Name: \\wct.whooper.local
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\wct.whooper.local
Locator Flags: 0xe00001fd
KDC Name: \\wct.whooper.local
Locator Flags: 0xe00001fd
......................... whooper.local passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
=========
Mike
"Ace Fekay [MCT]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23c7Lls0LKHA.4004@xxxxxxxxxxxxxxxxxxxxxxx
"Mike in Nebraska" <mikewebb@xxxxxxxxxxxxxxx> wrote in message
news:Osmj$ozLKHA.5060@xxxxxxxxxxxxxxxxxxxxxxx
And the only thing that changed prior to this was installing GFI? Do you
remember anything else that could have occured before all of this occured?
Windows update, hotfix, etc?
Did you install Live Communications Server 2003? Eventid.net indicated
http://support.microsoft.com/kb/834475 for Event ID 47 Source WinMgmt,
which I assume is the Source name.
Is the DHCP Client Service running? (Note - it's a required service.)
I don't think reinstalling Exchange will help. You are getting errors that
hint at something else preventing communications with AD, which Exchange
relies on. Run the following, please:
dcdiag /v /fix > c:\dcdiag.txt
netdiag /v /fix > c:\netdiag.txt
Do you have the ISA firewall client installed? I would suggest
uninstalling it for now to get past this. I would also suggest to disable
AV and uninstall ISA and GFI, but backup ISA's config first. Restart, and
let's go from there.
Also, the EventID 40961 can usually be cleaned up by creating a reverse
zone in DNS for your subnet and making sure the machine registers a PTR
for the internal IP.
I could also be missing something, but from what I see so far from what
you're posting, something is preventing AD communications, which is
snowballing to Exchange and other errors. Remember - Exchange relies on
AD, as well as related services on a DC.
Ace
Sorry for the delay - had church and "honey-do's" to take care of.
I thought about this and decided to see if I could do a Repair or
Reinstall of Exchange as I thought that Exchange is missing one or more
key components (don't know why, just want to get it up so I can examine
this at a more leasurely pace). However, when I tried doing a Reinstal
from Control Panel
Add/Remove Programs > Windows Small Business Server 2003, I got asaying that Setup could not continue as it was unable to determine the
message
DNS name of the computer; and it refered me to KB817543.
I followed the 2nd recommendation in the KB - Cmd prompt > nltest
/sc_reset:<domain name>, but I got another error:
I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN.
I looked it up and saw it was probably a problem with ADAP, so I ran
winmgmt /clearadap from a command prompt. No apparent effect from the
Application log. I saw numerous Winmgmt errors there: one Eventid 40,
one Eventid 42 and five Eventid 47s, which pointed to 0x80041009. I'm
also still seeing a bunch of Eventid 9100s by Source MSExchangeSA as I
saw last night.
Maybe I need to run out to work and sit down at the server. It might be
useful to do a partial restore of AD or DNS and Exchange from last week's
full backup (before all this happened.
Could sure use some advice or ideas.
Mike
"Ace Fekay [MCT]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:ua6iiYwLKHA.1232@xxxxxxxxxxxxxxxxxxxxxxx
"Mike in Nebraska" <Mike_in_Nebraska@xxxxxxxxxxxxxxxx> wrote in message
news:6E6B778C-0FCA-457D-92F5-CB9A0243AEAB@xxxxxxxxxxxxxxxx
Let us know how you make out.
I'll take a look, thanks!
"Ace Fekay [MCT]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23zrdavrLKHA.3376@xxxxxxxxxxxxxxxxxxxxxxx
"Mike in Nebraska" <Mike_in_Nebraska@xxxxxxxxxxxxxxxx> wrote in
message news:CF9B3B72-2F2D-460F-A82D-747A29E3DC0C@xxxxxxxxxxxxxxxx
I searched on "failed to retrieve queues for the SMTP Virtual Server
(error code = 0x800706BE)" and there wasn't much out there. I did find
the following:
HOW TO: Verify the Exchange System Manager Communication in Exchange
2000 Server
http://support.microsoft.com/kb/312854
This person had a similar (not the same error) issue on SBS with ISA.
The suggestion was to either restart the firewall service, and see if
it works, disable the firewall service, or uninstall ISA, rerun the
CEICW, and see if it works.
http://forums.isaserver.org/m_460010400/mpage_1/key_/tm.htm#460010415
Ace
Well .... I can see the virtual server under Protocols, and it looks
fine, but when I go to Queues, I should see 8 or 9 "things listed
with their status's. But I just see 3 of them, and the Virtual
Server is listed as Unavailable with the error code described
earlier.
C:\Program Files\Exchsrvr\Mailroot\vsi 1\ and the 4 sub-folders do
exist. The Queue folder is empty.
I'm not at work, so I can't try plugging into my external NIC.
I'm running Symantec Corporate Antivirus version 12.5. And I used
the technet article on what files and folders to exclude. I'll
double-check, though.
Mike
"Ace Fekay [MCT]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%233XT%236qLKHA.5956@xxxxxxxxxxxxxxxxxxxxxxx
"Mike in Nebraska" <mikewebb@xxxxxxxxxxxxxxx> wrote in message
news:upDvLqqLKHA.5992@xxxxxxxxxxxxxxxxxxxxxxx
I'm not an expert on the wizard, so hopefully one of the others can
comment on the red X you're getting.
It seems interesting that the telnetting to Exchange, which is
actually telnetting into SMTP, yet you're saying the ESM is not
allowing you to see the virtual server? Since the SMTP process is
actually a Windows process (IIS) that Exchange 2003 uses (Ex2007 is
way different having its own internal process), I assume SMTP is
running (or you couldn't have telnetted into it successfully), then
I'm starting to think that the SMTP virtual server got removed from
Exchange somehow? Exchange will send mail using SMTP by literally
dropping it in the pickup folder.
On another note, does that folder and the mailroot folder still
exist? (C:\Program Files\Exchsrvr\Mailroot\vsi 1\)
But what is concerning as well is that if telnet works internally,
but not for me when I tried it from my end, then ISA may be blocking
it or something got changed. Can you plug a laptop or workstation in
on the 192.168.1.0 subnet and try telnetting in from its 'outside'
interface? If it doesn't work, I will assume that will rule out the
router's port forwarding rules, and narrow it down to not accepting
the traffic on the SBS outside interface, and possibly ISA causing
it.
And the ipconfig looks fine. Thanks for posting that. I assume IP
routing being enabled is normal for SBS.
What AV are you using, and do you have all the Exchange folders
excluded?
Ace
Thanks for getting back.
I've run the CEICW twice this evening and it's given a red "X" each
time on the Network Configuration (1st step), but completed the
other 3.
On TELNET - it responded with code 220. Looks like it conected
fine.
All Exchange services are running in services.msc.
The SMTP Virtual Server is still not available.
Here's the IPCONFIG /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : wct
Primary Dns Suffix . . . . . . . : whooper.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : whooper.local
Ethernet adapter WAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection #2
Physical Address. . . . . . . . . : 00-11-43-EC-4E-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter LAN and VLAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server
Adapter
Physical Address. . . . . . . . . : 00-04-23-E0-1F-7C
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
The SBS BPA report only showed that CEICW failed to complete. (ran
it just now) All else was just informational items.
Mike
"Ace Fekay [MCT]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:eDRKrWqLKHA.1336@xxxxxxxxxxxxxxxxxxxxxxx
"Mike in Nebraska" <mikewebb@xxxxxxxxxxxxxxx> wrote in message
news:%23NPW40pLKHA.1488@xxxxxxxxxxxxxxxxxxxxxxx
I believe the 0x800706be is a generic WMI error.
You installed GFI Webmonitor? I saw they are offering that now
free for ISA. Unfortunate it's not being helpful in this case.
So are all the Exchange services still running now?
Is the queue filled or has it emptied and sent out any emails in
it?
Can you telnet to Exchange from within the network?
Assumig WCT is your server name (from the event error):
telnet
open wct 25
Does it respond?
Run the SBSBPA, see what that give you.
I assumed you've re-ran the wizard?
Can you post an ipconfig /all from the server?
Sorry for all the questions. Just trying to get a broader view of
what's going on.
Ace
Getting a bit closer. Dug into ESM and found that the Default
SMTP Virtual Server is not available (<server> > Administrative
Groups > First Administrative Group > Servers > <server name> >
Queues). The add'l info is:
Exchange System Manager failed to retrieve queues for the SMTP
Virtual Server (error code = 0x800706BE). Check the event log
and verify that the required services are running.
And in the Application log I see this:
Event Type: Error
Event Source: MSExchangeSA
Event Category: Monitoring
Event ID: 9100
Date: 9/5/2009
Time: 9:34:33 PM
User: N/A
Computer: WCT
Description:
The MAD Monitoring thread was unable to read the queue
information, error '0x800706be'.
For more information, click
http://www.microsoft.com/contentredirect.asp.
===========
Nothing on Eventid.net that specifically pertained. I go to ESM
> Tools > Status and see on the server that I have a Critical:
Queue growth error. I double-click on it to see the properties
and see an error window:
The remote procedure call failed.
Facility: Win32
ID no: 800706be
Exchange System Manager
So I restarted the WMI service, and verified that all the
wexchange services are running.
A real head-scratcher ...... what's going on?
Mike
"Ace Fekay [MCT]" <aceman@xxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:OTjFXuoLKHA.1488@xxxxxxxxxxxxxxxxxxxxxxx
"Mike in Nebraska" <mikewebb@xxxxxxxxxxxxxxx> wrote in message
news:OQzpQMoLKHA.3424@xxxxxxxxxxxxxxxxxxxxxxx
Mike,
Is your WAN IP DHCP or fixed?
I think you'll have to contact your hosting company to find out
what's going on, on their end regarding spool.intellicomweb.com.
But as far as your mail.whoopingcrane.org, if your WAN IP is
DHCP, it may have changed. If not, let us know what you see in
ISA and in your event logs.
Ace
Hmmmmm ... I did a remote reboot of the server, restarted the
Firewall and all Exchange services. Guess I'll have to remote
in and check my ISA 2004 settings; maybe do a live log while I
try sending an email to my account from the outside.
spool.intellicomweb.com is one of the servers at the company
that hosts our website and set up our DNS & MX records. I don't
know why it's not announcing an IP addres or A record. I do
know it is set to auto relay email straight to my Exchange
server with no delays.
I'll do some checking and report back.
Mike
"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message
news:%23t2j2%23nLKHA.3740@xxxxxxxxxxxxxxxxxxxxxxx
Mike in Nebraska <mikewebb@xxxxxxxxxxxxxxx> wrote:
whoopingcrane.org
Oh, hey, Mike - didn't notice this was from you.
I can't telnet to mail.whoopingcrane.org, so there's an issue
with your firewall (or maybe the IP address for that A record
is wrong).
The other MX record is spool.iintellicomweb.com and if they're
accepting mail for your domain to queue it/redeliver it, your
senders won't get an NDR for a little while.
"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in
message news:eiEO6pnLKHA.2408@xxxxxxxxxxxxxxxxxxxxxxx
Mike in Nebraska <Mike_in_Nebraska@xxxxxxxxxxxxxxxx> wrote:
SBS 2003 Premium on Dell PE2800 server, with Symantec Corp.
AV ver.
12.5. Everything is current with patches and SP's.
====================
I remoted in to the domain last night to check the status,
and check
my email. Noticed that I had no emails - a bit odd.
Checked this
morning and the same thing - other than normal internal
email. This
afternoon, same thing. Ran DNS full check at DNSStuff.com
and it
indicated a problem at ISP, so I reported it to tech
support. Did
further checking and can't see anything wrong in the server
Event
logs, SBS BPA, Exchange BPA, ESM > Tools
Status, nothing. I remoted in to my desktop at work andlogs - nothing out of the ordinary. No one at work, so
checked
those
can't check
with them. I can send emails to the "outside", but emails
sent to
my work address aren't showing up in Outlook 2007 or OWA.
I checked my email account in Outlook and tried to do a
repair, but
it eventually gives a red "X" when on step 2 - "Search for
address> server settings". I reset them manually, but no
change.
I did see one error in my desktop's log (it runs Vista
Business) -
event id 40961, source Lsasrv. I checked it on eventid.net
and saw
it might be Kereberos, but I've done nothing with it in
"forever"
so I hesitate to do anything related to that. especially
for a
single entry.
I'm sure I'm missing something; any ideas?
What's your domain name?
.
- References:
- No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Lanwench [MVP - Exchange]
- Re: No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Lanwench [MVP - Exchange]
- Re: No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Ace Fekay [MCT]
- Re: No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Ace Fekay [MCT]
- Re: No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Ace Fekay [MCT]
- Re: No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Ace Fekay [MCT]
- Re: No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Ace Fekay [MCT]
- Re: No inbound emails from outside domain
- From: Mike in Nebraska
- Re: No inbound emails from outside domain
- From: Ace Fekay [MCT]
- No inbound emails from outside domain
- Prev by Date: Re: email issues POP3 and SPF
- Next by Date: Re: No inbound emails from outside domain
- Previous by thread: Re: No inbound emails from outside domain
- Next by thread: Re: No inbound emails from outside domain
- Index(es):
Relevant Pages
|
Loading
