i have exchange organization with exchange 2007 sp 3 & exchange 2013 sp1.
there are all users in Exchange 2013 server (mail flow is through Exchange 2013 server)
i have single forest, 2 site (site1, site2), root domain root.local and 1 child domain ch.root.local
DC for child domain is located in site2 (dc.ch.root.local)
multirole exchange 2013 server is installed in root domain.
i am traing to configure smtp receive connector with NTLM auth and have one problem.
when user in child domain try send email through this receive connector i see in log
<,AUTH NTLM,
>,334 <authentication response>,
*,SMTPSubmit SMTPAcceptAnyRecipient BypassAntiSpam AcceptRoutingHeaders,Set Session Permissions
*,CH\user1,authenticated
*,,Setting up client proxy session failed with error: 535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve the user
*,,"Setting up client proxy session failed with error: 451 4.4.0 Primary target IP address responded with: ""535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve the user."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 192.168.1.15:465"
but authentication is succesfull for users from root domain.
why do it can be?
Thanks.