Topic Last Modified: 2010-08-16

The Microsoft Exchange Server 2010 Management Pack for System Center Operations Manager monitors the Windows Application log on computers running Exchange 2010 and generates this alert when the events specified in the following Details table are logged.

To learn more about this alert, in Operations Manager, do one or more of the following:

Details

Product Name

Exchange

Product Version

14.0 (Exchange 2010)

Event ID

1030

Event Source

MSExchangeTransport

Alert Type

Warning

Rule Path

Microsoft Exchange Server/Exchange 2010/Common Components/Hub Transport and Edge Transport/Transport

Rule Name

The SMTP service completed authentication but couldn't determine the account name or security identifier (SID) for this authentication attempt.

Explanation

This Error event indicates that inbound authentication on a Receive connector was completed but that the account name or security identifier (SID) could not be determined. The cause of this problem is specified in the error message text.

The security settings for a Receive connector specify the permissions that are granted to sessions that connect to the Receive connector and to the supported authentication mechanisms.

Receive connectors use permission groups to define the entities that can submit messages to the Receive connector. Permission groups also define the permissions that are assigned to those groups. A permission group is a predefined set of permissions that is granted to well-known security principals. A permission group is assigned to a Receive connector. Security principals include users, computers, and security groups.

For more information, see Managing Connectors.

The following authentication methods are available for inbound connectors on a Receive connector:

  • None

  • Transport Layer Security (TLS)

  • Mutual TLS authentication

  • Basic authentication

  • Basic Authentication only after starting TLS

  • Exchange Server authentication

  • Integrated Windows authentication

  • Externally Secured

Use the Exchange Management Console to set the accepted authentication methods for inbound connections on the Authentication tab of the Receive connector properties page.

Use the Exchange Management Shell to set the accepted authentication methods for inbound connections by using the following parameters on the Set-ReceiveConnector cmdlet:

  • AuthMechanism

  • DomainSecureEnabled

  • RequireTLS

User Action

To resolve this error, do one or more of the following:

  • Verify that the Receive connector has the correct permission groups assigned to it to correctly receive inbound messages.

  • Verify that the Receive connector and any remote hosts are configured by using the correct credentials and the required certificates.

For More Information

If you are not already doing so, consider running the Exchange tools created to help you analyze and troubleshoot your Exchange environment. These tools can help make sure that your configuration aligns with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. To run these tools, go to the Toolbox node of the Exchange Management Console. To learn more about these tools, see Managing Tools in the Toolbox.