Topic Last Modified: 2010-08-16
The Microsoft Exchange Server 2010 Management Pack for System Center Operations Manager monitors the Windows Application log on computers running Exchange 2010 and generates this alert when the events specified in the following Details table are logged.
To learn more about this alert, in Operations Manager, do one or more of the following:
- From the Operations Console, double-click this alert, and then
click the General tab. Review the description of the alert
that includes the variables specific to your environment.
- From the Operations Console, double-click this alert, and then
click the Alert Context tab. Review the logged events that
meet the criteria of this Operations Manager alert.
Details
|
Product Name |
Exchange |
|
Product Version |
14.0 (Exchange 2010) |
|
Event ID |
1030 |
|
Event Source |
MSExchangeTransport |
|
Alert Type |
Warning |
|
Rule Path |
Microsoft Exchange Server/Exchange 2010/Common Components/Hub Transport and Edge Transport/Transport |
|
Rule Name |
The SMTP service completed authentication but couldn't determine the account name or security identifier (SID) for this authentication attempt. |
Explanation
This Error event indicates that inbound authentication on a Receive connector was completed but that the account name or security identifier (SID) could not be determined. The cause of this problem is specified in the error message text.
The security settings for a Receive connector specify the permissions that are granted to sessions that connect to the Receive connector and to the supported authentication mechanisms.
Receive connectors use permission groups to define the entities that can submit messages to the Receive connector. Permission groups also define the permissions that are assigned to those groups. A permission group is a predefined set of permissions that is granted to well-known security principals. A permission group is assigned to a Receive connector. Security principals include users, computers, and security groups.
For more information, see Managing Connectors.
The following authentication methods are available for inbound connectors on a Receive connector:
- None
- Transport Layer Security (TLS)
- Mutual TLS authentication
- Basic authentication
- Basic Authentication only after starting TLS
- Exchange Server authentication
- Integrated Windows authentication
- Externally Secured
Use the Exchange Management Console to set the accepted authentication methods for inbound connections on the Authentication tab of the Receive connector properties page.
Use the Exchange Management Shell to set the accepted authentication methods for inbound connections by using the following parameters on the Set-ReceiveConnector cmdlet:
- AuthMechanism
- DomainSecureEnabled
- RequireTLS
User Action
To resolve this error, do one or more of the following:
- Verify that the Receive connector has the correct permission
groups assigned to it to correctly receive inbound messages.
- Verify that the Receive connector and any remote hosts are
configured by using the correct credentials and the required
certificates.
For More Information
If you are not already doing so, consider running the Exchange tools created to help you analyze and troubleshoot your Exchange environment. These tools can help make sure that your configuration aligns with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. To run these tools, go to the Toolbox node of the Exchange Management Console. To learn more about these tools, see Managing Tools in the Toolbox.