SMTP connection fails when you log on with a child domain account and use NTLM authentication in Exchange Server 2013

Applies to: Exchange Server 2013 EnterpriseExchange Server 2013 Standard Edition


When your UserPrincipalName (UPN) property references a child domain of the forest's fully qualified domain name (FQDN), the NT LAN Manager (NTLM) authentication fails in a Simple Mail Transfer Protocol (SMTP) session in a Microsoft Exchange Server 2013 environment.


This issue occurs because of a bug in the code that causes the UPN of the user in a child domain of the forest to not match the FQDN of the forest during the NTLM authentication process.


To resolve this issue, install Cumulative Update 9 for Exchange Server 2013.


To work around this issue, change the UPN of the user to match the FQDN of the forest.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.