We help IT Professionals succeed at work.

Exchange 2003 crash once a week

nmmcfk
nmmcfk asked
on
Medium Priority
1,055 Views
Last Modified: 2012-06-21
Hi everybody,

I have an Server 2003 running Exchange 2003 on it, we use it for calendars and e-mail with Microsoft Outlook clients and OWA. Once a week the calendar and the e-mail stop working, I try to restart the IIS Admin services but it hang on the SMTP service and the only way to make it work it to reboot the server. After that i am all set for another week.

Is anybody knows what is going on with server.

Thank You in advance !!!

Scott
Comment
Watch Question

Expert of the Year 2007
Expert of the Year 2006

Commented:
Service Pack versions, if any?
Anything in the event log?
You haven't really provided much to go on.

Simon.

Author

Commented:
Hi,

I have windows 2003 service pack 2 and Exchange service pack 1 and for the event log, this is the error i had when it happens last week.


Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      Exchange Store Driver
Event ID:      326
Date:            3/30/2006
Time:            9:52:13 AM
User:            N/A
Computer:      NMMC-DC
Description:
Service Account failed to logon to the store as /o=NMMC-MAIL/ou=First Administrative Group/cn=Configuration/cn=Connections/cn=SMTP (NMMC-DC)/cn={A8F59893-2187-43BB-9819-3DBB6F2FA0CA}. Error code : 0xc0040132.

For more information, click http://www.microsoft.com/contentredirect.asp.


Event Type:      Error
Event Source:      MSExchangeIS Mailbox Store
Event Category:      Logons
Event ID:      1022
Date:            3/30/2006
Time:            9:52:13 AM
User:            N/A
Computer:      NMMC-DC
Description:
Logon Failure on database "First Storage Group\Mailbox Store (NMMC-DC)" - Windows 2000 account NT AUTHORITY\SYSTEM; mailbox /o=NMMC-MAIL/ou=First Administrative Group/cn=Configuration/cn=Connections/cn=SMTP (NMMC-DC)/cn={A8F59893-2187-43BB-9819-3DBB6F2FA0CA}.
Error: 1100

For more information, click http://www.microsoft.com/contentredirect.asp.



I get those errors multiple times and some similar eror for mailbox of user that are disabled or deleted like the one below


Event Type:      Error
Event Source:      MSExchangeIS Mailbox Store
Event Category:      Logons
Event ID:      1022
Date:            3/30/2006
Time:            9:49:33 AM
User:            N/A
Computer:      NMMC-DC
Description:
Logon Failure on database "First Storage Group\Mailbox Store (NMMC-DC)" - Windows 2000 account NMMC-NET\dsaucier; mailbox /o=NMMC-MAIL/ou=First Administrative Group/cn=Recipients/cn=dsaucier.
Error: 1100

For more information, click http://www.microsoft.com/contentredirect.asp.


Thank you for your help, hope this will help

P.S. I did a clean up of my deleted and disabled mailbox so i should not get those message anymore
Expert of the Year 2007
Expert of the Year 2006

Commented:
Is that all the errors you have?
Those are just login failures - they wouldn't cause the machine to fall over.

Do you have your Exchange and Windows service packs the wrong way round?
Windows 2003 SP1 and Exchange 2003 SP2?

What else is on this machine?

Simon.

Author

Commented:
Hi,

yes those are the errors i had last time it crashed, are you asking if i have the wrong service packs ? this is what i have right now. The domain is also the domain controller and a file server. We have a front end server as well that we use for OWA from the outside. That one is acting up sometimes as well, we had te reboot it this morning cause no e-mail were coming in.
Expert of the Year 2007
Expert of the Year 2006

Commented:
I was asking if you had them the wrong way round, because there is no Windows 2003 SP2.

What else is on the machine?

You do know that it is best practise to have Exchange on a dedicated box? If this isn't SBS then I would seriously consider doing away with the frontend server and moving all of the Exchange roles to that machine. If you have Exchange, Dc and file serving on one machine, then you aren't really big enough to justify having a frontend server.

Simon.

Author

Commented:
I have Windows server 2003 SP1 and Exchange SP2, i find out after the install that is was not a good practice to put the Exchange on the DC. I don't want to move evrything to the FES because it is wide open to the net and we use the FES to secure the Mailboxes on the back end server.
Expert of the Year 2007
Expert of the Year 2006

Commented:
If your frontend server is wide open to the Internet then you have more serious things to worry about. As a domain member it should not be exposed to the Internet - other than the ports required for OWA and SMTP. Anything more and it is just a matter of when you are hacked, not if.

From a pure security point of view, there is nothing to be gained from using a frontend server. Despite what many people seem to think, a frontend server is not designed to increase the security of your network - it is designed to provide a single point of entry to the Exchange environment.

Simon.

Author

Commented:
OK i see, well i mean wide open Port 80 and smtp, i was told to use a front end server to prevent outside user to access the domain controller and the exchange system itself, because there is no mailboxes stored on the front end server.

So you suggest i get rid of my front end server and move the exchange on that server and open the ports on that one like it was on the front end server ??

Scott

Author

Commented:
Also we purchased a verizon SSL installed on the front end server
Expert of the Year 2007
Expert of the Year 2006

Commented:
I have to say that you have received bad advice.
You want to protect your domain controller as much as possible, but you would have been better of moving Exchange to a separate machine than putting in a frontend server.
The SSL certificate is still valid and still usable - so you haven't wasted the money on purchasing that. I do all of my Exchange deployments with an SSL certificate.

The major port of concern would be 80. I don't open that to any servers that I administrate at all as it is a heavily scanned port. Only 25 (SMTP) and 443 (HTTPS). Either make the users enter the HTTPS or put in a direct from another site so they can have a friendly URL to enter.

Simon.

Author

Commented:
There is no Exchange organisation installed on the front end server, only exchange install for OWA. all the mailboxes are on the back end server. I have smtp and https opened on the front end server, i don't have 80, sorry my mistake hehe. I tough by putting a front end server open with those ports and requesting the info from the back end would protect my data and mailboxes from the net ??

Expert of the Year 2007
Expert of the Year 2006
Commented:
A frontend server will be an Exchange server. The only difference between a frontend and a backend is the lack of mailboxes. They are identical in all other ways.
A frontend server is a proxy for the backend, so if the frontend is compromised then the attacker can get at your backend.

If you want to beef up the protection of the Exchange system, then there are two things to do.
1. Put Exchange on to a dedicated machine. This lets you secure it without having to worry about domain control roles.
2. Get a third server and install it in to your DMZ as a workgroup machine, then install ISA server on to it. You can then publish OWA through the ISA.

Simon.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Yes ok that what i meant on my exchange set up. I think i am going to start looking at another server and set it up like you are saying.

Thank You very much for the usefull information

Scott
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.