Users Cannot Send Email
Please Login to Remove!
I'm new to your forums so first thank you for having me. Second, thank you in advance for any assistance or suggestions any of you may have. Here is the situation:
1. Medium-sized Exchange organization running Exch 2k3 on Windows 2000.
2. 1 Production BES server ver. 3.6.x
3. 1 Test BES server version 4.1.x
On Friday, for maintenance we needed to make some space so we migrated a bunch of users from an existing Storage Group to a new one on a new drive. The users all migrated without any trouble. We then took the old Storage Group offline and then ran offline maintenance on it. That reclaimed about 32GB of space for us from the old storage group. We then left it offline. At that point, users were sending and receiving mail from their workstations with no trouble. The next day a few users that were migrated reported that their BBs were no longer sending or receiving mail. At this point, all these users are on BES 3.6. We tried removing them and readding them to the BES, wiping out the BB and reinstalling, generating new encryption keys, and everything we could think. We had absolutely no luck so I migrated one of the affected users to the test BES 4.1 server. Immediately upon migrating them to the new BES they started at least receiving mail. Great! We then got into a situation where we could not send mail and we would get an error stating email program cannot submit mail. We checked into it and we found a fix.
The fix was to add permissions for the BES service account to have read permissions and send as permissions on the affected account. We added the permissions according to the article we found and then we generated a new encryption key. Success! We thought, at this point, all was well. We migrated another user and enjoyed similar success...until this morning.
Now, the original user is back in the same boat. He can receive mail, but he cannot send it. The original error message is back that the email program cannot submit mail. We have checked the permissions and they are correct according to the MS article we followed. The one thing I have noticed that is consistent across all affected users is the server will not allow me to resend the peer-to-peer key because one has not been set (according to the error message). This will persist despite the fact the user will generate a new key using the desktop manager software. I'm a bit perplexed and stumped here.
Any suggestions for how to resolve this issue?