SMBKitchen: Checking those connectors

On February 28, 2014, in smbkitchen, by

Next up … http://www.msexchange.org/articles-tutorials/exchange-server-2013/migration-deployment/planning-and-migrating-small-organization-exchange-2007-2013-part3.html

Send and Receive Connector Configuration

Send Connectors help your Exchange organization know where to route outbound email destined for non-local recipients, and Receive Connectors provide SMTP connectivity for other Exchange Servers, SMTP clients and inbound external mail.

We’ll collect information about the configuration here to ensure that we know what Send Connectors we’ll be switching across to Exchange 2013, so that any changes elsewhere (such as IP restrictions for relaying) can be actioned; and make sure we understand the Receive Connector configuration that we’ll need to re-create and apply to Exchange 2013.

Examine each Send Connector, by navigating to Organization Configuration>Hub Transport and choosing the Send Connectors tab. You’ll see each Send Connector listed.

Record details of each Send Connector, including which Exchange Servers are currently specified as Source Servers. You’ll find that information by choosing Properties for each Send Connector.


Since we have a single server here, we won’t need to re-create the send connectors; but we’ll need to examine the configuration of where they send to and ensure they are allowed to connect. The details we’ve recorded are shown below:

Send Connector

Source Servers

Address Space

Windows SBS Interneet Send SBSTESTSERVER

SBSTESTSERVER

*

 

Next, we’ll collect information to ascertain if any Receive Connectors have Anonymous relay permissions granted via Active Directory permissions.

We’ll perform this using the Exchange Management Shell using the snippet below:

Get-ReceiveConnector | Get-ADPermission | Where {$_.ExtendedRights -like “*Ms-Exch-SMTP-Accept-Any-Recipient*” -and $_.Deny -eq $False -and $_.User -like “*NT AUTHORITY\Anonymous Logon*”} | fl Identity

After running the commands, if there are no anon relays, you’ll see no input

Then, examine each Receive Connector, within Server Configuration>Hub Transport and select the first server you wish to record details for:

 

Open each Receive Connector, and record details both from the PowerShell output, and from each connector’s Properties tab, as shown in the example table below.

Server

Receive   Connector

Max   Message Size (KB)

IP/Port

Accept   Mail From

Authentication

Permission   Groups

Anonymous   Relay

SBSTESTSERVER

Default SBSTESTSERVER

10240

192.168.1.5/25

192.168.1.0-192.168.1.255

– TLS

-Basic authentication

  – Offer basic authentication only after starting TLS

– Exchange Server Authentication

– Integrated Windows authentication

– Exchange users

– Exchange servers

– Legacy Exchange Servers

No

SBSTESTSERVER

Windows SBS Fax SharePoint Receive SBSTESTSERVER

10240

127.0.0.1/25

127.0.0.1-127.0.0.1

– Basic Authentication

-Anonymous users

– Exchange users

No

SBSTESTSERVER

Windows SBS Internet Receive SBSTESTSERVER

10240

192.168.1.2/25

0.0.0.0-192.168.1.2

192.168.1.2-192.168.1.2

192.168.1.2-255.255.255.255

– TLS

– Anonymous users

No

Obviously adjust this table for how you have your IP addresses setup and what you see in your server migration

Next up public folders….

Blogging my way (starting over) through a proof of concept migration from SBS 2008 to Essentials 2012 R2 series will be a SMB kitchen project whitepaper.  More about the SMBKitchen project at – http://www.thirdtier.net/enterprise-solutions-for-small-business 

 

Comments are closed.