Domain upgrade/rename RUS issue

Posted on 2004-05-01
Medium Priority
Last Modified: 2011-10-03
I'm managing a small company with offices in CA and NJ.  Running Windows Server 2003 and Exchange 2003 in LA where main domain is hosted (COMPANY)  LA servers are (mailNAME) and (mainNAME).  NJ office had been running 2000 platform until February 2004 when we did a full back up, strip down and re-install to upgrade to Exchange 2003 and Server 2003, during which we renamed the server and email server from (mailNJ) to (NJcom) and (NJname) to (NJ).  Time well spent with no major issues (miraculously) fortunately.  Or so I thought.  We haven't had to add any new users since then, but now we have several new employees and are unable to create e-mail user accounts for them at the LA office on the LA 2003 Exchange Server.  We can walk through all the steps to create the new user accounts but after we complete the configuration the new users don't appear and the e-mail addresses vanish.  I've manually 'pushed' the RUS and set it to run hourly over the past few weekends just to see if there was an issue there, but no luck.  Haven't delved into it much further than that as it hasn't been a pressing issue until now, because the new employees are arriving in the coming week.  Did we miss a step somewhere in the renaming of the NJ domain(s) that has blown out our RUS?  We've got loads of error messages that seem to be coming from the WINS database looking for the old NJ names and we're taking the steps to walk through that as well, but that's an aside - and will probably be another question posted in the near future.

We are considering renaming the LA domain names to simplify the configuration overall and I'm interested in investigating the 2003 Domain Rename tool - but first I would like to get those new email accounts set up.  My on site tech guy in LA wants to do a back up, strip down and re-install and rename but I'm thinking that's like cutting off your arm because you have a hang nail.  I'm just arriving at this company full time after being a consultant for the past few months and I want to nail this one down pretty quickly.  And I knew this would be the place to turn.

I don't feel lost yet but my main issue is the fact that I'm not right there on site and need to be able to give my tech in LA the step by step procedures and a heads up on what error messages to look for to guide us through retroactive logic to the root cause of the problem.  And so here I am.

I'm sure there are a boatload of details I need to provide but I hope this enough to get the ball rolling!
Question by:dchaseman
  • 7
  • 3
LVL 26

Expert Comment

ID: 10970587
a bit more info needed.
CA and Nj same AD domain?
exchange servers in CA and NJ part of same exchange organization?
which one was the first exchage installed in ur organization?
what do u mean strip down?
did u follow MS articals for how to remove an exchange from ur organization?

Author Comment

ID: 10982908
sorry for my delay in answers Vahik - I will be back in touch with the on site techs on Tuesday with the answers to the questions.

By strip down we're referring to backing up the servers to separate machines then doing a reinstall (and potentially renaming at the same time) from the ground up - as a last case scenario.  Need to do quite a bit more familiarizing myself with the current states of the system before considering this, obviously.


Author Comment

ID: 11003059
Here's what I've been able to glean -

CA and NJ are separate AD domains

Exchange servers ARE part of the same Exchange Orginazation.

NJ was the first established with everything, and they hold our Domain Controller permissions.

As I understand it, NJ only followed the prompts during install, which was an upgrade from 2K to 2K3.  But LA was upgraded first, in autumn of 03, NJ followed in Feb 04, which was when the flurry of ERROR messages began.  Thus potentially leading to me to think something went "blooey" (for lack of a better technical term) in the connectivity.

I can only get cursory information from the on-site techs, so please give me your ultimate patience in this part of the processs.  I need to retroactively educate them on where to go to give me information, plus I am traveling in the midst of this.  

I can't begin to tell you all how much I've been able to sort from my literal years as a lurker on E-E!  Ya'll are the best!
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.


Expert Comment

ID: 11026667
So the Exchange installs were only upgraded?  No servers were wiped out and reinstalled - is that correct?

What about in LA - same thing?  Did they only do an upgrade, or did they wipe out and reinstall?  BIG difference.

Can you post some of the specific error messages you are receiving?

Also, if you open Exchange System Manager in LA, do you see both servers in the Org?  If you open it in NJ, do you see both servers in the Org?


Author Comment

ID: 11028089
NJ was was a wipe out and rename during the 2K to 2K3 upgrade process, LA was only an upgrade from 2K to 2K3.  (LA was done first (autumn 03) then NJ (Feb 04))

I am getting a log of the specific error messages - I know that's where I should have started, and I appreciate the patience.  It's tough being on the road!  

Will ask reps at both sites to open ESM for the views and report back.  

More in a bit - and THANK YOU.

Expert Comment

ID: 11031055
Okay - here's the killer question, and quite possibly the cause of your migraine.

When they wiped out the NJ server, did they remove the server from the Exchange environment?  And, if not, when they brought it back up did they install as a disasterrecovery to pull the information about the server out of AD?

Get as much information as you can as to the steps they followed for the Wipeout - sounds like mistakes may have been made there, but more information will tell.  Also, the errors will help.

Author Comment

ID: 11130619
Sorry for the delay - on the road again!  

The NJ tech who did the upgrade is no longer with the company so we're piecing together things as best we can.  I am leaning pretty hard toward thinking that any remnants of remaining references to Exchange 2000 server are creating our issues.  Via a NetOP remote I ran across a reference  in Administrative Tools/Active Directory Domains & Trusts for the LA domain which showed Domain Functional level @ Windows 2000 (NATIVE) and under Forest Functional level also showed Windows 2000.

I finally got a chance to see with my own eyes the LA Exchange 2003 event log - there are several recurring errors logs:

Source:    DCOM
Event ID:  10009

Source:    NetLogOn
Event ID:  5783
         and 5719

Source:   LSASRV
Category: SPNEGO
Event ID:  40961

and the two which are probably the most telling which occur after we attempt to create the new e-mail accounts:

Source:   MSExchangeIS
Event ID: 9562

which specifically referenced "Failed to read attribute MSExchUserAccountControl from active directory for..."


Source:   MSADC
Event ID: 8108
(Initialization failed)

For the first time, this morning the following also appeared:

Source:   MSExchangeIS
Event ID: 9528

referencing a previously existing adminstrator account conflict.

I will be physically back in that office as of Monday 24 May so I can get information much more readily and finally get a feel for where we're headed.


Author Comment

ID: 11130827
Should have specified above the first listings in the error logs were for SERVER 2003 - the others were the EXCHANGE 2003 errors.

Jet lag you know.

Author Comment

ID: 11188142
Having reached an impasse now, I'm ready to jump into this again with both feet.  I'm now on-site daily so I can respond to specific questions in the search for my answer.  I hope you haven't abandoned me!  

This morning I attempted to rebuild the RUS on each of the (3) listed services to no avail.

I've seen several references in other questions to running the /domain prep switch on the existing server - any insight on this step?  Other than a back-up, what should I prepare for were I take this route, or are we barking up the wrong tree entirely?  It's looking more and more each day like we might just strip down and reinstall, but I was hoping for those little magic missing pieces to fall into place somewhere for my own edification.

Was thinking maybe I should close this question out and rebuild it with a bit more clarity - any advice on that is welcome, too.  The disjointed nature of my answers to some of the queries is baffling even to me as I review them now.

Accepted Solution

knikkij earned 1000 total points
ID: 11202426
What it sounds like is that they wiped out the NJ server then rebuilt it with the same name and re-installed Exchange.  But when they reinstalled, they didn't take the proper steps to get the server into the EXISTING environment.  Meaning the servers aren't talking to one another.  Do you see any replication going on between them?  For example, with public folders?

Author Comment

ID: 11315544
It appeared as though nothing was replicating when I checked the public folders - the last dates on file updates was (oddly enough!) the day NJ did the upgrade.  Go figure.

So, here's what I did.  From the NJ side (domain controller) we went into Administrative Tools, Active Directory Domains & Trusts, selected the domain name for the LA server, properties, then Validate.

I repeated from the same from LA side to NJ side and bingo, the new names appeared in the Global Address book and all the new names entered as tests over the past months were available.  So at least I thought that part was over - thanks knikkij.  But now this has opened up more interesting little hiccups - like tombstone expirations due to the terms on last replications, etc, so we're sorting through that.

NOW - here's the next interesting part - a new mailbox was created for a new user, added to the existing Administrative Outlook, welcome email sent, and the user logged onto the network and set up a new Outlook account with Outlook 2000 and there were all sorts of emails waiting.  He could send email on the network and even to external addresses, but he can only receive messages from local domain network connected users - not from the other domains and nothing external.  Now, when I go look at the mailboxes in the Administrator account for Outlook, instead of first.last as the name, it reads Mailbox - first.last, and when you click on it, it tells you it can not open the folders or information store.  The LA adminstrator admits he might have fudged a step or two somewhere and isn't sure where to turn next.  I know I sure don't.  All the new users show up this way now Mailbox - first.last - I'm stumped.  Am I missing a permissions setting somewhere or a policy application?  The rest of the system is sailing right along as always!


Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

I am posting this in case anyone runs into similar issues that I did, this may save you a lot of grief: Condition: 1. Your NetBIOS domain name contains an ampersand " & " character.  (e.g. AT&T) 2. You've tried to run any Microsoft installation…
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To export Lotus Notes to Outlook PST or Exchange and Domino Server files to Exchange Server or PST files with ease, go for Kernel for Lotus Notes to Outlook conversion tool. Through the video, you can watch the conversion process. A common user with…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question