Creating Exchange Recipient Update Service instances for remote domains

This article is a consolidation of the following previously available articles: 275294 and 294222

Symptoms

When Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003 is installed, two Recipient Update Services (RUS) are created, one for the Enterprise Configuration and another for the domain. The domain Recipient Update Service only processes objects in the Windows domain where Exchange was installed. When you create a user in a remote Windows domain, the Recipient Update Service does not process that account.

Cause

A Recipient Update Service is not automatically created for a remote or child Windows domain. This causes the Recipient Update Service to not be able to process any mailbox-enabled users or mail-enabled users in the remote or child Windows domain.

Resolution

To resolve this issue, first run Exchange Setup with the /domainprep switch on a server in the remote Windows domain. Then, on your Exchange server use the Exchange System Manager to create a Recipient Update Service for the remote domain. To do this, follow these steps:
  1. Click Start, click Programs, click Microsoft Exchange, and then click System Manager.
  2. Expand the Organization object, and then expand the Recipients container.
  3. Click Recipient Update Service.
  4. In the right pane, right-click New, and then click Recipient Update Service.
  5. Click the domain that does not have an instance of the Recipient Update service and that has users that must be updated by Exchange.
  6. Click Next.
  7. Choose the server that you want to run the Recipient Update Service and process all the necessary users with the Exchange attributes.
  8. Click Next.
  9. Click Finish.
  10. To manually initiate an update of the recipients in that domain, right-click the Recipient Update Service, and then click Update Now to force an update.
For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

253770 Tasks performed by the Exchange Recipient Update Service

The following is a list of known issues that may occur when you use the Recipient Update Services to process users in remote Windows domains.

Scenario 1: Accounts in remote domain not processed because of name resolution failure

After creating the Recipient Update Service for the remote Windows domain, users in the remote domain are not processed. If Diagnostic Logging on the Service Controller object under the MSExchangeAL service is set to Medium, the following events may be logged in the Event Viewer Application log:
Event Type: Error
Event Source: MSExchangeAL
Event Category: Service Controller
Event ID: 8247
Computer: EXCHANGESERVER
Description: Address List Service is restarting this instance because policy group provider 'CN=Recipient Policies,CN=Exchange_Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN-A,DC=com':'MAD.EXE' returned a fatal error. Recipient Update Service (Exchange_Server)
Event Type: Error
Event Source: MSExchangeAL
Event Category: Service Controller
Event ID: 8231
Computer: RootServer
Description: Permanent failure reported by policy group provider for 'CN=Recipient Policies,CN=Exchange_Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN-A,DC=com':'MAD.EXE', error=8000ffff. Taking provider offline.

Cause

This issue may occur if Domain Name System (DNS) name resolution between the Exchange server that is running the Recipient Update Service and the target domain controller that is in the remote domain is malfunctioning. Additionally, this issue may occur if the Short Name for the remote domain DC is not resolvable, even if the FQDN can be resolved (the Short Name is the NetBIOS name.) The Recipient Update Service may not be able to process users in the remote Windows domain.

Resolution

To resolve this issue, add an A record on the DNS server for the target domain controller that is in the remote domain.

For example, if the Recipient Update Service is set up as:

Recipient Update Service (DOMAIN-A)
Exchange Server: [EXCHANGESERVER]
Domain Controller: [DOMAIN-B-DC]

Add an A record on the DNS server for the DOMAIN-B-DC domain controller.

Add the appropriate DNS suffixes for the child domain and make sure that the shortname can now be resolved.

Workaround

To work around this issue, manually create an entry in the Hosts file in the following location:

Winnt\System32\Drivers\Etc\Hosts

For example, if the Recipient Update Service server is running in domainA and the domain controller exists in domainB, create the following entry for the domain controller in the Hosts file:

IP Addressdc_name.domainA.com

Scenario 2: Accounts in remote domain not processed because of similar server name in remote domain

After creating the Recipient Update Service for the remote Windows domain, users in the remote domain are not processed. An event similar to the following may be logged in the Event Viewer System log:
Event Type: Warning
Event Source: MRxSmb
Event ID: 3034
Computer: Exchange_Server
Description: The redirector was unable to initialize security context or query context attributes.
Data:
0000: 00080000 00560002 00000000 80000bda
0010: 00000000 80090322 00000000 00000000
0020: 00000000 00000000 00000468 80090322
If Diagnostic Logging on the Service Controller object under the MSExchangeAL service is set to Medium, the following events may be logged in the Event Viewer Application log:
Event Type: Error
Event Source: MSExchangeAL
Event Category: Service Controller
Event ID: 8247
Computer: Exchange_Server
Description: Address List Service is restarting this instance because policy group provider 'CN=Recipient Policies,CN=Exchange_Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN-A,DC=com':'MAD.EXE' returned a fatal error. Recipient Update Service (Exchange_Server)
Event Type: Error
Event Source: MSExchangeAL
Event Category: Service Controller
Event ID: 8231
Computer: RootServer
Description: Permanent failure reported by policy group provider for 'CN=Recipient Policies,CN=Exchange_Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN-A,DC=com':'MAD.EXE', error=8000ffff. Taking provider offline.

Cause

This issue may occur if a member computer in the local Windows domain has the same name as a domain controller in the remote Windows domain.

Resolution

To resolve this issue, identify and rename the member computer in the local Windows domain that has the same name as the domain controller in the remote Windows domain.
Ιδιότητες

Αναγνωριστικό άρθρου: 275294 - Τελευταία αναθεώρηση: 2 Δεκ 2007 - Αναθεώρηση: 1

Σχόλια