LDAP Bind was unsuccessful - Event ID 8026

ZAK360
ZAK360 used Ask the Experts™
on
Dear All,

I'm facing some serious problem with exchange 2003 (SP2) server, almost two - three times a day we cant able to connect exchange server. I check the event logs and it logs event id 8026 LDAP on every 15 sec.

Event Type:      Error
Event Source:      MSExchangeAL
Event Category:      LDAP Operations
Event ID:      8026
Date:            3/7/2007
Time:            12:50:44 AM
User:            N/A
Computer:      EMAILSERVER
Description:
LDAP Bind was unsuccessful on directory dataserver.atlantis.co.ae for distinguished name ''. Directory returned error:[0x51] Server Down.  DC=atlantis,DC=co,DC=ae

For more information, click http://www.microsoft.com/contentredirect.asp.

Scenario::
We have two windows 2000 server namely dc1 and dc2 (these are not the real names). dc1 is the primary domain controller and dc2 is additional domain controller. DNS is configured on dc1.
We have one exchange 2003 (SP2) server join the above domain.

I feel that the problem is occuring after we migrated from Ex2000 (dc2 - previously beside additional domain controller was also acting as an Ex2000 server) to Ex2003 on the new server.

However if i refres and reload the DNS on dc1 the problem gets rectified and will not generate for next 5 - 6 hours but sometime it may generate after 2 hours,, we cant predict at all.

Please let me know what causing the problem
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I would think it is the Global Catalog "thing".

Author

Commented:
The eventid link
http://www.eventid.net/display.asp?eventid=8026&eventno=3492&source=MSExchangeAL&phase=1 doesn't help. RUS is pointing to GC server and it is correct.

if i need to pass more information of the servers configuration please let me know. I need to solve this problem at any cost!!

-ZAK
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Do you have any message in the eventlog on "dataserver" or "dc1/dc2"? Especially regarding AD and replication?

How did you do the migration to Ex2003? Did you follow the setup instructions step by step? Did you install the Ex2003 into the existing Exchange Org? Did you run /forestprep and /domainprep before installing E2K3?

Author

Commented:
No logs on dc1 (Dataserver) related to AD and replication.
I followed step by step instructions and run /forestprep and /domainprep before installing E2K3.
The whole installation of Ex2k3 was done on new hardware with windows 2003 standard server.

-- ZAK

Author

Commented:
I feel the problem is comming after i uninstall exchange 2000 from the old server. I uninstall exchange 2000 after seeing that my new E2K3 server is working perfect.

-- ZAK

 
How many DNS servers do you have? Check if there are any false entries, especially regarding GC.
Check the DNS settings in the TCP/IP of the Exchange server.

Author

Commented:
We have only one DNS server i.e., dc1 and below is the output of ipconfig/all on Ex2003 server

Windows IP Configuration

   Host Name . . . . . . . . . . . . : emailserver
   Primary Dns Suffix  . . . . . . . : atlantis.co.ae
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : atlantis.co.ae
                                       co.ae

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC7782 Gigabit Server Adapter
   Physical Address. . . . . . . . . : 00-16-35-05-9D-D3
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 157.147.13.95
   Subnet Mask . . . . . . . . . . . : 255.255.255.192
   Default Gateway . . . . . . . . . : 157.147.13.125
    DNS Servers . . . . . . . . . . . : 157.147.13.99
                                                   213.42.20.20


213.42.20.20 is the ISP DNS IP Address

-- ZAK
Ok, I think the external DNS address is the problem. Remove it and setup a forwarder instead on the DNS server:

http://www.petri.co.il/configure_dns_forwarding.htm

Author

Commented:
Kirschi:

The above link is blocked in UAE region, could you post (Otherwise send an email to sh.zakir@gmail.com) the configuration of DNS forwarding.
Can you access this one?

http://support.microsoft.com/kb/300202

The whole article will be helpful I think but have look at the "To configure forwarders" section especially.

Author

Commented:
After removing the secondary DNS address which belongs to ISP, the problem resolved!
Thanks for all your comments and suggestions

ZAK

Commented:
Issue #1:  Users are unable to logon to exchange.

 

Issue #2:

Event ID: 8026
Event Type: Error
Event Source: MSExchangeAL
Event Category: LDAP Operations
Description: LDAP Bind was unsuccessful on directory <Fully Qualified Domain Name of Windows domain controller>for distinguished name ''. Directory returned error:[0x51] Server Down.

 

CAUSE: Exchange Directory Access was automatically picking the METISNJ (NJ domain controller) from the list of domain controllers and  using it as the default AD configuration server instead of DC01 (NY controller).

 

RESOLUTION:

·         With Microsoft help,  set exchange Directory Access to use DC01 as the AD configuration.

·         Using Active Directory Sites & Services

o   Create a new site for New Jersey

o   Create subnets for New York and New Jersey

o   Move the NJ domain controller to the New Jersey site

 

NEXT STEPS:

·         Reboot DC01

·         Running Microsoft Best Practices Tool

·         Correct any issues discover by the tool

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial