Summary: While moving mailboxes from one server to another, you may encounter the 451 5.7.3 Cannot achieve Exchange Server authentication error. In this article, we’ve mentioned some possible solutions to resolve the error. In addition, we’ve mentioned an EDB converter software that can help in directly exporting mailboxes from one server to another.
When having two or more sites, you have an Exchange Server at a short distance and the mailboxes of the sites on the nearest Exchange Server. Sometimes, you get a request to transfer a user to the other site. You need to move the mailbox from one server to another. This can be done with no issue by using the New-MoveRequest where the user is specified along with the source and destination Exchange Database (EDB). The mailbox will be transferred to the destination mailbox and the user will benefit from the performance of the local site server.
The user might encounter an issue with delivery, where emails are being delivered from the main site to the new site and internal emails at the new site are working fine, but any emails which are sent to the main site or emails outbound to an external entity are not delivering. The main server has the Exchange organization send connector in place.
When you investigate and check the Exchange Server Queue Viewer, you would notice the following error:
451 4.4.0 Primary target IP address responded with: ?451 5.7.3 Cannot achieve Exchange Server authentication.? Attempted failover to alternate host, but that did not succeed. Either there are no alternative hosts, or delivery failed to all alternative hosts.
Solutions to Fix 451 5.7.3 Cannot Achieve Exchange Server Authentication Error
You can try the following solutions to fix the error.
Verify the Server Configuration
The first thing to do is to confirm that only the users who were moved are facing this issue. This will determine if the issue is related to the move or the Exchange Server configuration.
The other option is to look into the event viewer of the main and secondary sites. The event viewer will show a number of messages, errors, or other data which could help in finding the cause of the problem.
The next step is to check both the Exchange Servers, the Exchange Server hosting the send connector, or the server you are sending to. You can check the default send connector. You must ensure that the Exchange Server Authentication is selected when opening the connector properties in the Exchange Admin Center (EAC) or Exchange Management Console (EMC).
If you have the server to send the emails directly to outside server or internally, the connector would be relaying emails to the server or service. If the setup is with a relay, you need to confirm that the send connector does not include the IP Address of the server from where you are sending the emails. If your connector forwards to a relay server, the Exchange Server Authentication should not be enabled. To confirm that the connector is forwarding to a relay, you can check the Network tab and see the IP Address of the relay.
If the problem still persists, you need to look at the network side.
Confirm the Network Configuration
In this case, you need to talk to the network team. You need to confirm that nothing is blocked between the two servers or the relay server. The first thing to do is run Telnet against both servers. Once Telnet is executed against the server, in an ideal scenario, you will get the below response.
If you would not get a similar response, it means that something on the network is impacting the connectivity. You need to confirm with the network team that there are no restrictions between the main site Exchange Server and secondary site Exchange Server. Any traffic needs to be permitted and allowed. This would ensure that the traffic is not inspected or interrupted in any way.
Install New Server
Another solution is to install a fresh installation of the Exchange Server and start from scratch as there could be underlying issue with the Exchange Servers which is conflicting or not working, resulting in the error after the move.
To Conclude
If the Exchange Server 2010 and the Exchange Server 2016 is decommissioned and you install a New Exchange 2019 Server, this would definitely solve the problem. The only issue is that the data will be lost and you cannot import data natively from a non-attached EDB file.
In such cases, a possible solution is to use a third-party application, such as Stellar Converter for EDB. This EDB to PST converter can open database of any version of Exchange Server – from 2007 till 2019, without any limit on size. You can open multiple databases at once. You can browse through the databases and easily export to PST and other file formats. You can export directly to a live Exchange Server database or Office 365 tenant.
