Hi all,
Merger situation where two companies are merging into a single forest.
New forest is AD2012 R2 with exchange 2013 SP1
Other forests are AD 2008 R2, one with exchange 2010 and the other with exchange 2013.
Have two way forest trusts in place, SIDhistory has been enabled.
The first priority for this organisation to get onto a single mailbox infrastructure - and it was decided moving mailboxes into the "final" domain immediately would be a better option than federation and GALsync. (please do not argue this point, it has already been decided by others than me!)
So... I run the following
$Rcred = Get-Credential
Prepare-MoveRequest.ps1 -Identity alias -RemoteForestDomainController “SourceDC” -RemoteForestCredential $Rcred -LinkedMailUser -TargetMailUserOU “TargetOU”
Exchange 2010 – New-MoveRequest -Identity “alias” -Remote -TargetDatabase “DBName″ -RemoteGlobalCatalog "SourceDC” -RemoteCredential $Rcred -TargetDeliveryDomain “Domain” -RemoteHostName SourceExchange
Then run ADMT and merge the objects in order to get SID history.
If I access the mailbox via OWA from anywhere (internal, external, different domains) using the source domain credentials (i.e. sourcedomain\username) - all logs in ok. I can see the SIDHistory attribute has populated - and all is good.
If I try and access the mailbox via outlook 2013 - I get a "name cannot be resolved" error - even though the remote mail server can be pinged ok, accessed via OWA ok etc.
If I force RPC/HTTP for all traffic, the name can be resolved and outlook can connect.
Enabling logging as per https://support.microsoft.com/en-us/kb/2862843 unfortunately hasn't yielded any useful information.
There are no internal firewalls between these environments.
Wireshark trace's show no traffic going towards the mail server when in MAPI mode - after RPC/HTTP has been working.
If I blow away the profile and try to "check names" I can see the exchange 2013 server name resolved, then approx. 10 frames of DCE/RPC endpoint mapper traffic, map request and response.... but that's it
Browsing to "exchange back end\mapi\nspi" works fine.
Note: autodiscover is not set up for the new merged domain name as yet - and cannot be yet - as autodiscover cannot point to multiple services at once. (which people using this email address are currently spread across 2 exchange environments)
Any suggestions as to where to look to find out the mailbox name cannot be resolved ?