These details are definitely correct; I used them to do the Active Directory export. What am I missing?
You can expose the security page on Exchange Server through the registry modification called ShowSecurityPage as shown in Figure A.
Once you add this under HKEY_CURRENT_USERSoftwareMicrosoftExchangeExadmin and then right-click on Properties in Exchange System Manager (ESM), you will see the screen shown in Figure B.
In Figure B, note that I do not have Deny ticked on the 'Send As' and 'Receive As' permissions for the administrative account.
Double check that your service account is a member of a group that has more restrictive rights as it relates to 'Send As' and 'Receive As' rights.
You'll also want to confirm that you typed in the appropriate port as well: port 389 or 390, depending on the implementation of the Active Directory Connector (ADC). You can use a Windows Support utility called LDP.EXE to attempt to connect to the target organization to see if you are getting similar errors.
Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:
Dig Deeper on Exchange Server setup and troubleshooting
Related Q&A from Peter Tersteeg
If recently created mailboxes are not displayed in the GAL after a migration to Exchange 2007, Active Directory (AD) has yet to replicate the ... Continue Reading
If you are migrating mailboxes across domains after an upgrade to Exchange Server 2007, you will need to update the Exchange Management Console. Continue Reading
Items deleted before an Exchange Server migration will not carry over to the new server, even if a Deleted Items Retention period is set. Find out ... Continue Reading