jonathanr
asked on
Unable to log into Outlook when logging on through alternate DNS
HI,
This is in reference to a previous post: <https://www.experts-exchange.com/questions/21360771/Exchange-Server-unavailable-when-DNS-server-is-off-line.html>
Below excerpt from previous post:
"our configuration is as follows. We have a 2003 DC (PDC role) which is also the DNS Server. We have a 2003 Server that runs Exchange 2003 and is also a DC.
The issue is as follows: If the DC/DNS server is taken off line a user can log onto the network and be authenticated by the DC/ Exchange Server, however when I try open Outlook I get the error message "Your Microsoft Exchange Server is Unavailable". Clearly the Exchange server is available as it was the one to authenticate the user log on. The only thing I can think of is that it has something to do with the DNS server not being available. Should the Exchange server be made a DNS server too?"
Subsequent to this post I have made the Exchange DC a DNS server as well - I am however still unable to log into Outlook if the 2003 DC (PDC role) which is also the DNS Server is offline. Any ideas please?
Thanks,
jonathanr
This is in reference to a previous post: <https://www.experts-exchange.com/questions/21360771/Exchange-Server-unavailable-when-DNS-server-is-off-line.html>
Below excerpt from previous post:
"our configuration is as follows. We have a 2003 DC (PDC role) which is also the DNS Server. We have a 2003 Server that runs Exchange 2003 and is also a DC.
The issue is as follows: If the DC/DNS server is taken off line a user can log onto the network and be authenticated by the DC/ Exchange Server, however when I try open Outlook I get the error message "Your Microsoft Exchange Server is Unavailable". Clearly the Exchange server is available as it was the one to authenticate the user log on. The only thing I can think of is that it has something to do with the DNS server not being available. Should the Exchange server be made a DNS server too?"
Subsequent to this post I have made the Exchange DC a DNS server as well - I am however still unable to log into Outlook if the 2003 DC (PDC role) which is also the DNS Server is offline. Any ideas please?
Thanks,
jonathanr
ASKER
Hi san_swa,
What do you mean by "GC"?
The machine that I refer to as "2003 DC (PDC role) which is also the DNS Server" was the first server in the new AD Domain build, therefore by default a lot of things were installed on this box, I am assuming that whatever is required for the Exchange Active Directory communication was correctly set up here. The machine which I refer to as "DC/ Exchange Server" was joined to the new AD domain and also hosts Exchange. When the "2003 DC (PDC role) which is also the DNS Server" is off line, and the "DC/ Exchange Server" is online, I can log onto the network but not open outlook. I hope this clarifies our configuration.
cheers,
jonathanr
What do you mean by "GC"?
The machine that I refer to as "2003 DC (PDC role) which is also the DNS Server" was the first server in the new AD Domain build, therefore by default a lot of things were installed on this box, I am assuming that whatever is required for the Exchange Active Directory communication was correctly set up here. The machine which I refer to as "DC/ Exchange Server" was joined to the new AD domain and also hosts Exchange. When the "2003 DC (PDC role) which is also the DNS Server" is off line, and the "DC/ Exchange Server" is online, I can log onto the network but not open outlook. I hope this clarifies our configuration.
cheers,
jonathanr
Hi Jonathan,
Sorry for using short-cuts,
GC stands for Global Catlog Server.
By default, every first server in the site is Global Catalog Server.
What you can do is open Exchange System Manager,
Expand to the Exchange Server name and right click and say properties. Over there click on Directory Access tab.
Tell me if you see name of your first server as 1) "Config DC" 2) DC 3) GC. (You can find the information under type.)
First tab would be the server name to which it is pointing.
After this, also let me know if you have "Active Directory Sites and Services snap in" under Administrative tools. If yes, open it and then expand the server on which exchange is installed, expand till you see NTDS Settings. Right click on it and see if the Check box is checked beside "Global Catalog".
Sorry for using short-cuts,
GC stands for Global Catlog Server.
By default, every first server in the site is Global Catalog Server.
What you can do is open Exchange System Manager,
Expand to the Exchange Server name and right click and say properties. Over there click on Directory Access tab.
Tell me if you see name of your first server as 1) "Config DC" 2) DC 3) GC. (You can find the information under type.)
First tab would be the server name to which it is pointing.
After this, also let me know if you have "Active Directory Sites and Services snap in" under Administrative tools. If yes, open it and then expand the server on which exchange is installed, expand till you see NTDS Settings. Right click on it and see if the Check box is checked beside "Global Catalog".
ASKER
Hi san_wa,
To simplify the communication I will give the computers their real names.
Arthur: "2003 DC (PDC role) which is also the DNS Server" was the first server in the new AD Domain build.
Tristan: "DC/ Exchange Server"
OK, now for the feedback on your instructions:
1) "Expand to the Exchange Server name and right click and say properties. Over there click on Directory Access tab (this is on Tristan)" - the entries which I see here are:
Tristan Config (auto) 389
Tristan DC (auto) 389
Arthur GC (auto) 3268
2) "Active Directory Sites and Services snap in" under Administrative tools" - the "Global Catalog" check box is not ticked.
Cheers,
jonathanr
To simplify the communication I will give the computers their real names.
Arthur: "2003 DC (PDC role) which is also the DNS Server" was the first server in the new AD Domain build.
Tristan: "DC/ Exchange Server"
OK, now for the feedback on your instructions:
1) "Expand to the Exchange Server name and right click and say properties. Over there click on Directory Access tab (this is on Tristan)" - the entries which I see here are:
Tristan Config (auto) 389
Tristan DC (auto) 389
Arthur GC (auto) 3268
2) "Active Directory Sites and Services snap in" under Administrative tools" - the "Global Catalog" check box is not ticked.
Cheers,
jonathanr
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would think you would still have problems opening outlook.
The outlook profile points to the Exchange server.
If you are using DNS for name resolution, then it will not be able to resolve the name.
The reason you can log on is that the workstation does a broadcast when you log on if it can't find a DNS server to resolve a DC. Then the first DC to answer will authenticate the user.
With the DNS server down you are probably seeing log on times that are a little longer than when the DNS server in online.
Would it be possible to make TRISTAN a secondary DNS server? This would resolve your problems.
Hope this helps.
The outlook profile points to the Exchange server.
If you are using DNS for name resolution, then it will not be able to resolve the name.
The reason you can log on is that the workstation does a broadcast when you log on if it can't find a DNS server to resolve a DC. Then the first DC to answer will authenticate the user.
With the DNS server down you are probably seeing log on times that are a little longer than when the DNS server in online.
Would it be possible to make TRISTAN a secondary DNS server? This would resolve your problems.
Hope this helps.
Sorry about my previous answer, I didn't completly read your post.
From san_swa:
Thanks for your clarification.
This is what I anticipated, what you need to do is tick the Global Catalog box for Tristan and you would be all set.
P.S. Reboot the server(Tristan) after you make the required changes.
This is the correct answer.
When Outlook launches it has to connect to a GC.
san_saw should get the point for this if it resolves your issue.
From san_swa:
Thanks for your clarification.
This is what I anticipated, what you need to do is tick the Global Catalog box for Tristan and you would be all set.
P.S. Reboot the server(Tristan) after you make the required changes.
This is the correct answer.
When Outlook launches it has to connect to a GC.
san_saw should get the point for this if it resolves your issue.
ASKER
Thanks san_swa - all good now
Old days are gone, when Exchange Server used to authenticate users requests to login on to Outlook.
Today, Active Directory authenticates users to logon to Outlook.
Users would be authenticated to logon on to another network, because you have another DC running, but it would not work with Exchange is not aware that other Server is down.
Since Exchange 2000 SP2 user authentication has changed steps have changed. Here comes idea of DSAccess. DSAccess, is the interpreter between Active Directory and Exchange. Users do not talk with Exchange while logging on to Outlook, they talk with Active Directory.
What I want to know here is which Server is GC?
Because GC is going to play a very important role.
If you want your scenario to work, you need to make both the servers as GC. Once this is done, Exchange would pickup a GC on its own and you would no longer receive "Your Exchange Server is not available" message.