BES for Exchange 5.5 in multiple NT domains
Please Login to Remove!
Hi,
Environment is :
- 1 BES v4 for Exchange
- Exchange 5.5 SP4 organisation
- 4 NT4 SP6 domains, with trust relationships between them (all trusts are full and bi-directionnal)
- 4 Exchange 5.5 sites : Switzerland, Monaco, Luxembourg and Gibraltar.
- the BES service account is named GEBlackberry. It is Service Account Admin on both site and configuration containers for all sites.
For the moment, 70 users from the Switzerland site are been running for almost one year, with no problem at all !
I now have the following issue : I can't add any user from the Gibraltar, Monaco or Luxembourg site into the BES !!!!!
It just say that the mailbox may have been moved or deleted.
The IEMSTest.exe tool fails to connect to a mailbox, with the following result :
For Gibraltar :
Opening Default Message Store Mailbox - GEBlackberry.
Opening message store for Laxxxxon, xxxx (GI) using /o=ORGNAME/ou=GIBRALTAR/cn=Recipients/cn=GILANGSTA/o=ORGNAME/ou=GIBRALTAR/cn=Configuration/cn=Servers/cn=GIBMSE02/cn=Microsoft Private MDB.
OpenMsgStore failed (8004011d).
For Luxembourg :
Opening Default Message Store Mailbox - GEBlackberry.
Opening message store for xxxxn, xxxxie (LU) using /o=ORGNAME/ou=Luxembourg/cn=Recipients/cn=LXBROWNJ/o=ORGNAME/ou=Luxembourg/cn=Configuration/cn=Servers/cn=LUXSXCH05/cn=Microsoft Private MDB.
Brown, Julie (LU)'s Mailbox opened successfully.
Root Folder opened successfully.
Failed to create a folder in xxxxn, xxxxie (LU)'s mailbox.
For Monaco :
Opening Default Message Store Mailbox - GEBlackberry.
Opening message store for Cxxxx, Axxxxx (MC) using /o=ORGNAME/ou=MONACO/cn=Recipients/cn=MOCASPARA /o=ORGNAME/ou=MONACO/cn=Configuration/cn=Servers/cn=MONMSE02/cn=Microsoft Private MDB.
Caspar, Andrxxx920; (MC)'s Mailbox opened successfully.
Root Folder opened successfully.
Failed to create a folder in Cxxxxx, Axxxx (MC)'s mailbox.
What I don't understand is that it seems to open the message store for some servers, but not for others (the result of the IEMSTest tool is different).
Can the problem be that it is not an Active Directory forest, but NT domains with trusts between them (NTLM instead of Kerberos) ?
The GEBlackberry user accoutn has been granted more rights than it should have (it's even admin of the remote domains, and local admin of the remote Exchange servers !)
Hey experts, I really need help on this case !
Any clue would be greatly appreciated !
Thanks a lot
|