ScanMail for Exchange (SMEX) Servers do not appear in the Server Management console

The following are general requirements for license and Active Directory implementation:

• The target server must have an Activation Code.
• Target and Local Server must be using the same Activation Code type.
• SMEX Servers need to all all be part of the same forest.

Please go through the following list to check for the possible causes of this problem:

• Verify the connection between the SMEX servers.
  Make sure that ping (ICMP protocol) is allowed on the servers which will report to the Server Management console.
   

  The current configuration for ICMP query is set to 1. If the initial query fails, then the server will not appear in the Server Management.
• Firewall policies
  Check and make sure that the following ports are open:
  • TCP: 389 (AD) [LDAP]
  • TCP: 636 (AD) [LDAP/SSL]
  • TCP: 3268 (GC) [LDAP]
  • TCP: 3269 (GC) [LDAP/SSL]
  • TCP: 139,445
  • UDP: 137,138 (if necessary)
  Follow this procedure in using the LDP tool. This will verify the LDAP connection when SMEX master is configured to run with a domain account:
  1. Run the LDP tool.

     

     Click image to enlarge.

  2. Upon opening the tool, click Connect.
  3. Input the domain controller server's FQDN or IP address in the Server field, and input port 389. Click OK.

     

     Click image to enlarge.

  4. Click Connection > Bind, then input the account that runs the SMEX Master Service.

     

     Click image to enlarge.

  5. Click Browser > Search, and use the following parameters:
     • The Base DN should be “CN=Configuration...”, where DC would depend according to your AD environment.
     • For the Filter column, search "objectCategory=msExchExchangeServer".
     • For Scope, select Subtree.

     

     Click image to enlarge.

  6. After the search is done, you should see the following output:

     

     Click image to enlarge.

     If the server could not be queried, there may be an environment issue.

• Check for the Winreg permission (for all SMEX servers that should be listed on the server management).
   

  Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.
  1. Open the Registry Editor.
  2. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg.
  3. Click winreg Permissions.
  4. Add the SMEX Admin Group for the target domain.
  5. Select Allow for the Read permission.
• Running services
  Make sure that the Remote Procedure Call (RPC) protocol, the "ScanMail for Microsoft Exchange Remote Configuration Server" and the “Remote Registry” services are running on the servers. SMEX utilizes these services for configuration replication. Also make sure that RPC protocol is not disabled by a Group Policy.
• User Account
  The account used to log in to the SMEX services is part of the SMEX admin group.