DNS Settings for multiple domains internal and external.

Similar Messages

• DNS records to be created for Lync deployment (Internal and External)

  Hi There,
  If I want the Lync server environment to work Internal as well from External in all the aspects. (auto-discover, meetings, AV conferencing,web conferencing, voice integration, mobility etc), please answer to the below questions and also their purpose please.
  I'm not sure whether the answer varies for 2010 and 2013 version.
  1. What are the Internal and External(public) DNS records to be created for the reverse proxy(assume i'm using TMG servers), and their purpose?
  2. What are the Internal and External(public) DNS records to be created for Lync Edge server, and their purpose?

  I'll try to answer as well.
  1) For the reverse proxy, you'll need to publish the following:
  External:
  lyncdiscover.sipdomain.com (You'll need this record for every sip domain you have).  This is for client autodiscover.
  external web services FQDN (You'll need one of these per pool, you get to choose the name).  This is for address book downloads, web conferencing, etc.
  Meet.sipdomain.com (You can choose the name here, and have one per sip domain or one for the whole org).  This is for web conferencing.
  Dialin.sipdomain.com (You'll just need one here, it doesn't have to be dialin).  This is for changing your conferencing/phone pin, resetting conference info, and general conferencing info.
  For Lync 2013 only, you may want the Office Web Application server pool name as well for PowerPoint sharing.  Lync 2010 doesn't use this.  
  Internal:
  The external web services FQDN.  You'll need this available internally through the reverse proxy so you can redirect requests on port 443 to port 4443.  This will be used for mobile devices on WiFi.
  2) For the Edge server:
  Externally:
  sip.sipdomain.com (you'll need one per sip domain) this is an autodiscover/multi use FQDN and should point to your access edge IP.
  webedge.sipdomain.com (edge web conferencing, you can pick any name you like).
  avedge.sipdomain.com (av edge, you can pick any name you like).
  accessedge.sipdomain.com (you'll need a name for the access edge role, however you can just use sip.sipdomain.com and save a name in your certificate request).
  Internally:
  edgepool.sipdomain.com (you can pick any name you want, it's just the name assigned to the internal edge interface.
  If you choose to have a single ip for the external edge, you can get away with just an access edge name and/or sip.sipdomain.com
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• How to configure AD on windows 2012 server for Exchange 2013 internal and external email flow

  Dear Experts,
  I have to configure exchange 2013 on Windows server 2012 STD. Company has registered Static IP addresses and can get the MX record pointing to any of this Static IP.  
  The registered domain name is e.g.  contoso.com. 
  a. What should I use as domain name on AD? contoso.com or contoso.local
  b. Is it recommended to have two different servers  for AD and Exchange?
  c. What should be my connector settings for mail flow?
  d. how can I set 2 email servers in company for load balancing?

  Hi,
  a, I suggest use contoso.com as domain name. It is convenient to add urls into our certificate for internal and external mail flow.
  b, Recommended that installing AD
  and Exchange Server on two separate
  Servers. If Exchange Server downed unfortunately, it can prevent AD server from crushing at the same time.
  c, Found some articles for your reference:
  Configure Mail Flow and Client Access
  http://technet.microsoft.com/en-us/library/jj218640(v=exchg.150).aspx
  Configuring Outbound Mail Flow in Exchange Server 2013
  http://exchangeserverpro.com/configuring-outbound-mail-flow-in-exchange-server-2013/
  d, Load Balancing
  http://technet.microsoft.com/en-us/library/jj898588(v=exchg.150).aspx
  Hope it is helpful
  Thanks
  Mavis
  Mavis Huang
  TechNet Community Support

• Backup internal and external hard drives-TC and offsite

  I now have Mavericks 10.9.3 on my iMac with a 2TB (1.25 TB used) internal hard drive.
  I also have some external drives attached to my iMac with older iPhoto libraries and other files (total file sizes 940 GB and 505 GB).  I primarily use Aperture now on my internal hard drive, but still access those iPhoto libraries on my external drives on occasion.  I have Time Machine backup my iMac internal hard drive on my 2TB Time Capsule regularly.
  My primary question is in regards to getting another copy onto a larger external drive that covers my internal and external drives so I can have a backup off-site.  Online backup services seem to always exclude external drives.  So a physical drive I can have offsite seems to be the best option.
  A year ago I changed the destination of my Time Machine backup to be on a 3TB external drive (backed up iMac internal hard drive and the two externals).  However, when I changed the destination of the backup back to the Time Capsule, the TM initiated a brand new backup (it did not recall that I had backed up prior to that on my Time Capsule).
  I want to backup monthly, if not quarterly for my off-site storage.  But, if every time I change the destination drive for TM, a new backup profile is created, it will overwork my drives unnecessarily.
  Is there a backup program or a process on "disk utility" I could run parallel to TM that I just use quarterly capturing only the changes/additions in those few months for both the internal and external hard drives?  Also, is there a way to add an external drive to my Time Capsule that is solely used to wirelessly backup the two externals on a regular basis (i.e. keep the internal 2TB drive backing up to the Time Capsule; and the external hard drive attached to Time Capsule via USB used as the backup drive for the external hard drives)?
  Summary:  I need to backup regularly to the local Time Capsule/additional external hard drive.  The data will come from my internal hard drive and my two external hard drives.  I also want to do quarterly backups of the additions/changes to all three drives to have on an offsite external drive that I manually backup to quarterly.  Any help is greatly appreciated.

  Carbon Copy Cloner is not on the App store.
  Correct.. it is not approved because Apple do not like the fact that CCC (and most likely superduper) which are the most popular backup software for Mac because it makes a bootable clone. Apple will never approve of that. But let me assure you that is the genius of it. If the internal disk fails, you simply boot from the external. It is $40 but you can use on all the computers in your home.
  CCC is a clone.. ie when it does the backup, any changes on the drive are changed on the clone. It does not work like Time Machine which simply piles up incrementals until the drive fills up. The idea of CCC is a backup of the drive as it exists at any point in time. TM btw is also not a reliable archive, ie it thins backups constantly.. so you should never rely on it to archive old versions.. but in the middle of a project it does a good job to keep various versions of your files. That is why I specifically said in my last post do not stop using it.
  and you can keep using the TC just for the internal drive.
  Keep TM running to the TC.. that will then keep a current hourly incremental of your drive. You can set CCC in a way which is a lot more flexible. ie backup just at the end of the day. There is no need for constant hourly backups. So to answer the second question.. you are still using your TC and TM.. but I suggest you only backup the internal drive.
  Please read a bit from forum expert Pondini on the value of clones and TM.
  http://pondini.org/TM/Clones.html
  That's why many folks use both Time Machine and a bootable clone, to have two separate, independent backups, with the advantages of both.  If one fails, the other remains.
  Now the ports issue.
  You can of course continue to use USB2. Just that moving large volumes around will be slow.. as doubtless you already know.
  On your particular Mac since you missed out on USB3 which is a pain.. you can buy a Thunderbolt to USB3 adapter like the belkin.
  http://www.belkin.com/au/p/P-F4U055/
  I suggested the Thunderbolt to Esata (it is an older interface and the adapter is rather cheaper but I hear more reliable.. check reviews for both).
  http://store.apple.com/au/product/H8875ZM/A/lacie-esata-hub-thunderbolt-series
  Sata is the interface of the hard disk.. Esata just means external sata.. so it is native and without conversion.
  I was merely suggesting ways to speed things up. But as long as you don't run CCC on more than daily basis then I think you will be fine just with USB 2. It will take a while on the day you do the swap over for the archive volume, but if you turn off the power saving in the Mac and leave it run overnight it should be able to do most of it.. you need to realise it will have to deep scan both the disks.. to compare files.. but CCC is based on Rsync and it is extremely fast and efficient. I am just not sure I know how long it will take to do. Anyway.. there is a plan.. tweak and adapt as you see fits your needs.

• Exchange 2013 DNS for internal and external domain

  Hi All,
  I have been assigned a task to implement Microsoft Exchange Server 2013. I need some help in setting up DNS namespaces and design a strategy to have same internal and external names. Let me share some details here.
  We have an Active Directory domain myinternaldomain.net, and we have a public domain
  mypublicdomain.com and we have setup email policy to have
  mypublicdomain.com as the SMTP domain for all the users. We have created another DNS zone in Active directory integrated DNS and created a records for
  mail.mypublicdomain.com and autodiscover.mypublicdomain.com which will point to CAS NLB IP. We have 2 CAS servers and 2 MBX servers, we have configured DAG for MBX High availability and planning to implement WNLB for CAS as
  hardware LB is out of scope due to budget constrains.
  We want to have same URLs for OWA, Autodiscover, ECP and other services from internal network as well as from public network. Users should not be bothered to remember two URLs, using one from internal and other from public networks. I also want to confirm
  that with this setup in place do i need to have myinternaldomain.net and server names in SAN certificate?
  Thanks

  Hi Sccmnb,
  You can easily achieve this using split DNS.
  Internal DNS hostname "mail.mypublicdomain.com" will be pointing to your internal CAS NLB IP and the external public DNS hostname"mail.mypublicdomain.com" will be pointing to the Network device or
  Reverse proxy server IP.
  Depending upon users access location(internal\external) the IPs would vary and they should be able to access the website with same name.
  The names that you would require on the certificate(Use EAC or powershell to raise the request) for client connectivity would be
  SN= mail.mypublicdomain.com
  SAN= autodiscover.mypublicdomain.com
  You don't need to have the active directory domain name present in the certificate.
  Additional  to this you need to update the AutodiscoverURI for all servers and OWA,ECP,Autodiscover Virtual Directories InternalURL and ExternalURL fields with appropiate public names.
  Some additional Info:
  *Internal vs. External Namespaces
  Since the release of Exchange 2007, the recommendation is to deploy a split-brain DNS infrastructure for the Internet-based client namespaces. A split-brain DNS infrastructure enables different IP addresses to be returned for a given namespace
  based on where the client resides – if the client is within the internal network, the IP address of the internal load balancer is returned; if the client is external, the IP address of the external gateway/firewall is returned.
  This approach simplifies the end-user experience – users only have to know a single namespace (e.g., mail.contoso.com) to access their data, regardless of where they are connecting. A split-brain DNS infrastructure, also simplifies the configuration of Client
  Access server virtual directories, as the InternalURL and ExternalURL values within the environment can be the same value.
  *Managing Certificates in Exchange Server 2013 (Part 2)
  *Nice step by step article
  Designing a simple namespace for Exchange 2013
  Regards,
  Satyajit
  Please“Vote As Helpful”
  if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

• CRM2015 IFD Internal and External Domains

  I am trying to setup CRM2015 with IFD. My internal domain is xr.local and external domain name is somethingelse.com. When going through the directions and searching through the forums I see similar questions regarding with no real information on the possibility.
  Am I able to set this up to support 2 different domains and where might I find some guidance to do so?
  Thanks...
  GY

  Hi David,
  Yes. the above setup should "do the trick" as the servers you put with blank DNS entry should be excluded in the NRPT table.
  You can confirm this by running at the client: netsh name show polocy
  at command line and see something like:
  Settings for da.domain.com
  Certification authority                 :
  DNSSEC (Validation)                     : disabled
  DNSSEC (IPsec)                          : disabled
  DirectAccess (DNS Servers)              :
  DirectAccess (IPsec)                    : disabled
  DirectAccess (Proxy Settings)           : Use default browser settings
  Settings for .domain.com
  Certification authority                 :
  DNSSEC (Validation)                     : disabled
  DNSSEC (IPsec)                          : disabled
  DirectAccess (DNS Servers)              : 1234:1234:1234:3333::1
  DirectAccess (IPsec)                    : disabled
  DirectAccess (Proxy Settings)           : Bypass proxy
  So in this scenario the .domain.com is using the DA while the specific entry (da.domain.com) is set as exclude and have emptry DNS ...
  Hope this helps,
  Ophir.

• DNS Forwarding Same Internal and External Zone

  Hi,<o:p></o:p>
  So we have decided that we want our internal domain to be the same as our external domain e.g. domain.uk. I understand that split DNS can be used
  to fulfil this requirement but is it possible to set up a forward so if the DNS entry is not available in the internal zone it will forward onto one of our external name servers where it can resolve?<o:p></o:p>
  We are basically trying to avoid having to add the entry on both external and internal DNS servers for it to resolve. So far I have added the external name servers to
  the forwarders and disabled root hints which didn’t work. I’ve tried to add a conditional forwarder but it says the zone already exists. It seems the only to achieve the internal resolution is by creating the DNS entry both internally and externally.<o:p></o:p>
  Does anyone know if this is the case? It seems strange that you couldn’t point the DNS to another external name server for resolution? <o:p></o:p>
  Any help would be appreciated.<o:p></o:p>

  You must ask in networking forum
  https://social.technet.microsoft.com/Forums/en-US/home?forum=winserverNIS&filter=alltypes&sort=lastpostdesc

• Setup internal and external DNS namespaces best practice

  Is external name space (e.g. companydomain.com) and internal name space (e.g. corp.companydomain.com or companydomain.local) able to run on the same DNS server (using Microsoft Windows DNS servers)?
  MS said it is highly recommended to use a subdomain to handle internal name space - say corp.companydomain.com if the external namespace is companydomain.com.  How shall this be setup?  Shall I create my ADDS domain as corp.companydomain.com directly
  or companydomain.com then create a subdomain corp?
  Thanks in advanced.
  William Lee
  Honf Kong

  Is external name space (e.g. companydomain.com) and internal name space (e.g. corp.companydomain.com or companydomain.local)
  able to run on the same DNS server (using Microsoft Windows DNS servers)?
  Yes, it is technically feasible. You can have both of them running on the same DNS server(s). Just only your public DNS zone can be published for external resolution.
  MS said it is highly recommended to use a subdomain to handle internal name space - say corp.companydomain.com
  if the external namespace is companydomain.com.  How shall this be setup?  Shall I create my ADDS domain as corp.companydomain.com directly or companydomain.com then create a subdomain corp?
  What is recommended is to avoid having a split-DNS setup (You internal and external DNS names are the same). This is because it introduces extra complexity and confusion when managing it.
  My own recommendation is to use .local for internal zone and .com for external one.
  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Get Active Directory User Last Logon
  Create an Active Directory test domain similar to the production one
  Management of test accounts in an Active Directory production domain - Part I
  Management of test accounts in an Active Directory production domain - Part II
  Management of test accounts in an Active Directory production domain - Part III
  Reset Active Directory user password

• Use Same URL for Internal and External Access for CRM 2015 IFD

  I have setup a CRM2015 server for IFD access.
  ADFS and CRM are on separate servers.
  CRM server all roles
  ADFS 2.0 server.
  Using the internal URL I am able to access CRM without entering my details (as expected)
  Using the external URL I am authenticated by ADFS as expected and can sign in.
  We have an internal domain domain.local
  We have an external domain domain.com (the certificate is for *.domain.com)
  We have a DNS zone created internally for domain.com.
  CRM URLs
  internal : internalcrm.domain.com
  External : externalcrm.domain.com
  I would like all users to use the same link regardless of them being internal or external, but I would like so that any user who is on the domain is automatically logged in without entering their username and
  password. What is the best way to do this?
  I have tried creating a cname record on the internal domain.com zone pointing externalcrm.domain.com to internalcrm.domain.com but that didn't work, I still get the ADFS sign in page.
  Thanks

  So fair warning, what you're asking for isn't really a supported deployment method of CRM.
  That said, you should be able to do some DNS trickery internal to your network that points your "crm.domain.com" to "crm.domain.local" and then hopefully CRM will treat the connection as if it came from an internal network.
  Otherwise, you're likely going to have to accept that everyone gets the ADFS login page internal and external to your network.
  The postings on this site are solely my own and do not represent or constitute Hitachi Solutions' positions, views, strategies or opinions.

• Non-Web Server Publishing Rule for Internal and External

  Hi there,
  I have a problem with my TMG and publishing SSH for Internal and External users to an internal Server.
  Network:
  Internal Network
  SSH Server, 10.10.10.25
  Internal DNS record "ssh.domain.com" pointing to 10.10.10.254
  TMG Server, 10.10.10.254/192.168.0.254
  External Network
  External DNS record "ssh.domain.com pointing to 192.168.0.254
  I want my users (internal AND external) using their SSH client to connect to ssh.domain.com and TMG to forward the request to the SSH server. Note that internal clients and the SSH server are in the same network.
  I have created a custom "SSH Server" protocol with inbound TCP for port 22 and created a Non-Web Server publishing rule.
  Traffic Tab: SSH Server Protocol
  From Tab: Internal, External
  To Tab: 10.10.10.25, original client
  Networks Tabs: Internal, External
  External users cann connect without a problem, all fine here. Internal users get a timout. The TMG Log says: Denied Connection (Default Rule,
  The policy rules do not allow the user request) and doesn´t recognize this is an inbound request. The log gives me dest IP 10.10.10.254 and protocol SSH and not 10.10.10.25 and SSH Server.
  I read a lot of networking rules and NAT/Routing, tried a bit but never got a success.
  Can you help me fix or working around this and tell me whats going on there and if there a limitations in TMG I don´t know yet?
  Regards,
  Sascha

  Hi,
  According to your description, it seems that request was denied by the TMG rules so the request from the internal users
  could not be forwarded to the SSH server. I would appreciate it if you can post the logs to us and the results of running ipconfig/all on the TMG server.
  In addition, maybe you can change the firewall policy only from
  External and add another firewall policy for the internal user to see if the issue persists.
  More information:
  Creating and using a server protocol
  TMG
  Back to Basics - Part 1: Server Publishing Rules
  Best regards,
  Susie

• Single URL for internal and external CRM access when using IFD

  Hello,
  At one of our client site I have setup IFD on CRM 2011. This IFD is behind TMG. My client is a big corporation therefore all CRM components including CRM, ADFS and SQL are on separate servers.
  I have configured IFD using single url https://orgname.contoso.com Their IT staff wants to know why can't they use single URL for internal and external access where internal users are nto prompted for authentication
  when logging on to the CRM server. I know you can do URL re-write in ADFS but they want to know the reason "why internal users can't use the same IFD URL and don't get prompted for their credentials". Text below is from their IT staff.

  There are several approaches to your question.  You need to set up both an internal and an external relying party trust. If you use the external URL, it will always direct you to the signin page, if you use the internal URL, it will resolve you single
  sign on.
  I've configured IFD for CRM multiple times, and this is how it works. CRM looks at the URL. If you use the external URL (org.domain.com), it will prompt for credentials. So what you are asking for, a single URL that works single sign on internally and prompts
  externally really isn't possible.
  What I recommend is:
  1. make the external URL available internally
  2. Configure all outlook clients against the external URL, that way you won't have to reconfigure when someone goes internal to external
  3. Have users who are primarily internal use the internal URL for the web client, which will resolve single sign on
  4. Have users who are primarily external use the external URL for the web client
  For #1, since you only need to enter the credentials when you first configure CRM, it is in all effects single sign on.
  One thing I haven't tried that may work is using IIS redirect internally to redirect the external URL to the internal URL. There is also a powershell script in the IFD guide that you can use to make the outlook client switch between the internal and external
  URL's, but nothing that will give you a single URL that works as the internal relying party trust when internal and the external relying party trust when you are external.

• DNS for Multiple Domains

  I am trying to figure out the proper configuration for DNS that will support multiple domains. I have DSN working now for just one domain.
  My XServe has a static IP connected directly to cable modem and is the master nameserver. I also have an Ubuntu server with static IP connected directly to cable modem that is the secondary (slave) nameserver.
  On the XServe, I currently have a primary zone created for domain1.com. with:
  * an A record for domain.com. (Fully Qualified) and the same static IP as the XServe
  * an A record for ns1 (not fully qualified) and the same static IP as the XServe
  * Aliases for ftp, www and mail (not fully qualified) mapped to destination ns1.domain1.com. (Fully Qualified)
  Nameservers under the Primary Zone is ns1.domain1.com. and Mail Exchangers is ns1.domain1.com. with a priority of 10.
  The reverse zone is getting created appropriately for me as far as I can tell. I am able to access www.domain1.com just fine as well as mail and ftp.
  Now I want to add a new domain2.com to this master nameserver. I know that I will need a new Primary Zone for domain2.com. to be recognized and to setup it's aliases?
  Can I use the same static IP or do I have to have a unique static IP?
  Can I use the ns1.domain1.com. nameserver or does the new domain2.com need new nameservers?
  Does domain2.com have it's own A records?
  Does the mail exchangers need to be different for domain2.com?
  It seems like all the documentation and information that I can find are just for configuring one domain and not so much for multiple domains. Any help would be greatly appreciated.
  Spotted Dog

  Don't think of subsequent domains as being any different from the first domain.
  For every domain you need to provide certain information, including a list of the hostnames within that domain. There is no relationship between 'www' in domain1.com and 'www' in domain2.com (unless you point them to the same address, but that's a different issue).
  Any host record in the zone can either be an A record (where you specify an IP address) or a CNAME (where you specify another hostname that it maps to).
  In the case of your web server handling both domains you could set 'www.domain2.com' as an A record with the appropriate IP address, or you could set it as a CNAME with a value of 'www.domain1.com.' (essentially saying 'www.domain2.com has the same IP address of www.domain1.com, so go find that address').
  It's also possible to use cross-domain records for things like name servers and mail servers - in other words you can set your MX record for domain2.com to mail.domain1.com (essentially saying that domain2.com's email is handled by mail.domain1.com).
  Can I use the same static IP or do I have to have a unique static IP?
  That's not a question for DNS. What you're defining are the hostnames in that domain. If you have one server (e.g. a web server) that can handle multiple domains (e.g. one apache server handling web traffic for both domain1.com and domain2.com) then, sure, you can use the same IP address for both.
  If, on the other hand, you have specific services that cannot be multi-hosted (e.g. HTTPS) then you will need different IP addresses.
  Can I use the ns1.domain1.com. nameserver or does the new domain2.com need new nameservers?
  Sure, it's entirely possible to use domain1.com's name servers for domain2.com.
  Does domain2.com have it's own A records?
  It can do, or not, as you choose. If you're running www.domain2.com on the same server as www.domain1.com then you could use a CNAME record to point www.domain2.com to www.domain1.com.,or you could set an A record with the same IP address.
  The result would be the same, but the CNAME has the advantage that if your IP address changes you only need to change your DNS in one place (www.domain1.com) and all the other addresses would automatically follow.
  Does the mail exchangers need to be different for domain2.com?
  Not at all, if your mail server is configured to handle mail for both domains it's entirely possible to specify mail.domain1.com as the MX record for domain2.com.

• How to Setup RDS custom property when internal and external domain name space is different

  Hi All
  I am setting up RDS for customer
  My internal domain name is domain.local and my external domain is domain.com
  I came across below PowerShell cmdlets on some blogs because my internal and external name space are different
  Set-RDSessionCollectionConfiguration –CollectionName QuickSessionCollection -CustomRdpProperty “use redirection server name:i:1 `n alternate full address:s:remote.domain.com”
  In above command, remote.domain.com points to which host?
  Is it pointing to RD Session Broker
  OR
  Pointing to RD Session Host servers
  I am not sure what above command will do exactly ?
  Any help will be highly appreciated
  Thanks Best Regards Mahesh

  Hi,
  It all depends who is accessing the RDS Solution.
  If you have a large BYOD or large number of external users, it would be better to use a public certificate.
  Have a look at the following script which will simplyfy the configuration of the RDSH hosts with certificates.
  http://ryanmangansitblog.com/2014/05/20/rds-2012-rdsh-certificate-deployment-script/
  You can use a custom RDP property to hide the Session host names.
  Have a look at the following article on configuring certificates:
  http://ryanmangansitblog.com/2013/03/10/configuring-rds-2012-certificates-and-sso/
  Ryan Mangan | Ryanmangansitblog.wordpress.com | Help keep the forums tidy, if this has helped please mark it as an answer

• Reverse proxy for internal and external

  Hello,
  BM1 is our main BM3.9 Box. I have reverse proxy configured for webaccess and to release emails from our spam filter externally (this works). This BM server also is our external DNS, and our default route for Internet traffic.
  Another BM box is our internal DNS.
  I need to modify BM1 config to enable client internally to release emails from our spam filtering software. The error issued is 504 Gateway timeout.
  Do I just add the internal ip address to the BM1 accelerator entry meaning that the same accel will listen for both internal and external addresses ?
  Any help is appreciated
  Regards
  Brian

  bdavis97,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Delivery report shows status of Pending for external address. Email sent to both internal and external addresses.

  We have an Exchange 2013 on-premise server and seem to have an issue with emails sent to internal and external users at the same time.
  The issue came to light because someone sent an email to 44 recipients, of which one was internal. None of the external recipients received the email. I checked the delivery report in the EAC and found the internal email marked as 'Delivered' and all of
  the external ones marked as 'Pending'. I checked the queues and there were none. I did some testing and sent an email to just one of the external addresses on the list, it arrived. I tried sending the email again to all of the recipients, the external ones
  all showed 'Pending'. I tried it again, but this time excluded the internal email address and all of the 43 external emails were immediately delivered.
  So it seems that the issue only arises when we are sending to both internal and external addresses.
  I then tried a test email to one internal address and one external address. The Delivery report says that the internal address was delivered immediately, while the external address is 'Pending' and gives more information saying: 'Message delivery is taking
  longer than expected. There may be system delays. For more information, contact your helpdesk.'. To add further mystery to this, the email was actually delivered.
  So, I have two concerns:
  First is seems that some emails sent both internally and externally are only arriving internally. This is a huge problem because I don't know how many have been affected. There may be many lost emails we don't know about.
  Second, it looks like I can't trust the delivery report. It says pending for some emails which didn't arrive, but it also says pending for some which did arrive. That is no good at all.
  For info the server is running Windows Server 2012. I have run a Microsoft Update to check if there are any to apply and the only Exchange one is a spam filter update, which I doubt has any bearing but I will apply when I get chance.

  Hi Neil,
  According to the description, I find a related KB on Exchange 2010:
  https://support.microsoft.com/kb/2694474?wa=wsignin1.0
  It has the similar situation as yours.
  This issue occurs because a function in a message tracking component tries to obtain the information for the recipient instead of the external recipient.
  Please try to upgrade to the latest Exchange update to check whether this issue can be solved.
  Also please check whether Throttling has been set.
  Please run "Get-TransportService | fl" to check the MaxOutboundConnections parameter value.
  More details to see:
  Message throttling 
  http://technet.microsoft.com/en-us/library/bb232205(v=exchg.150).aspx
  Thanks
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Mavis Huang
  TechNet Community Support