Why won't exchange authenticate user in admin role?

Brett53559

3/24/23, 4:26 PM

I have a java spring boot application that I authenticate through our exchange servers. The from address included in the email is the same address associated with the authenticated user.

When I point the connection URL directly at one of the exchange servers it will authenticate and send email successfully. However when I point it at the (I think it's called a relay) [URL that points at either server] and then it starts giving me this error (Authentication failed; nested exception is javax.mail.AuthenticationFailedException: 535 5.7.3 Authentication unsuccessful)

At this point the user account is not included within any admin roles. HOWEVER, when I add the account to the "Organization Management" Admin Role which has the following assigned roles (below) it will authenticate and send emails. The final kicker is when I create a copy of that role and add the account as a member, it fails to authenticate. I all these things mentioned above were done while being logged into the domain administrator account with full access. I don't know where else to look or what else to try. Please help.

Active Directory Permissions
Address Lists
Audit Logs
Cmdlet Extension Agents
Compliance Admin
Data Loss Prevention
Database Availability Groups
Database Copies
Databases
Disaster Recovery
Distribution Groups
Edge Subscriptions
E-Mail Address Policies
Exchange Connectors
Exchange Server Certificates
Exchange Servers
Exchange Virtual Directories
Federated Sharing
Information Rights Management
Journaling
Legal Hold
Mail Enabled Public Folders
Mail Recipient Creation
Mail Recipients
Mail Tips
Mailbox Search
Message Tracking
Migration
Monitoring
Move Mailboxes
Org Custom Apps
Org Marketplace Apps
Organization Client Access
Organization Configuration
Organization Transport Settings
POP3 And IMAP4 Protocols
Public Folder Replication
Public Folders
Receive Connectors
Recipient Policies
Remote and Accepted Domains
Retention Management
Role Management
Security Admin
Security Group Creation and Membership
Security Reader
Send Connectors
Team Mailboxes
Transport Agents
Transport Hygiene
Transport Queues
Transport Rules
UM Mailboxes
UM Prompts
Unified Messaging
User Options
View-Only Audit Logs
View-Only Configuration
View-Only Recipients
WorkloadManagement

0 + 0

exchange

permissions

java

springboot

Linuxx

3/24/23, 5:12 PM

I'm not really sure I fully understand the question. I assume your application wants to send email through the Exchange server. If that's the case, than you can create a connector that specifies your sending application IP that will allow anonymous relay from your application (technically from that server). Assuming you are attempting to relay through an edge gateway, this should do the trick. Here is how to do that on Exchange 2016 https://practical365.com/exchange-2016-smtp-relay-connector/

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why won't exchange authenticate user in admin role?

TH: เหตุใดจึงไม่แลกเปลี่ยนผู้ใช้ที่ตรวจสอบสิทธิ์ในบทบาทผู้ดูแลระบบ

RO: De ce nu se schimbă utilizatorul autentificat în rolul de administrator?

RU: Why won't exchange authenticate user in admin role?

VI: Tại sao không trao đổi người dùng xác thực trong vai trò quản trị viên?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.