We have a server 2003/2000 environment with about 60-70 users. We are running one Exchange 2003 server.
This server also works as the DHCP server. We have 2 Domain controllers. Server A and Server B.
Lately I have been noticing errors on the mail server from time to time. The error is as follows
LDAP Bind was unsuccessful on directory ServerA@domain.local for distinguished name ''. Directory returned error:[0x51] Server Down.
I get the same error message in reference that Server B is down as well.
This error will show up a lot during times but eventually will work itself out. If I leave it how it is it will fix itself. However it will come back after so long.
While this error is occurring I am not able to open AD Users and computers and I am not able to open the Exchange system manager.
I have verified that I can establish connection between both Domain Controllers while this is going on. I have also checked DNS to make sure it is pointing in the right direction. I have searched online with little luck.
There is a twist to this problem as well.
On the GC Server, AKA Server A I receive errors in the security log from my exchange server.
Here is one of the errors
Object Server: DS
Operation Type: Object Access
Object Type: dnsNode
Object Name: DC=151,DC=1.168.192.in-addr.arpa,CN=MicrosoftDNS,CN=System,DC=<domain>,DC=local
Handle ID: -
Primary User Name: SERVERA$
Primary Domain: <DOMAIN>
Primary Logon ID: (0x0,0x3E7)
Client User Name: ExchangeServer$
Client Domain: <Domain>
Client Logon ID: (0x0,0xDCD57A)
Accesses: Write Property
Default property set
Access Mask: 0x20
The event ID is 566.
I am not sure why I am receiving these errors.
Just as a couple of notes. I have seen these questions asked and I want to cover these now.
IPCONFIG on the Exchange server shows
Primary DNS as 192.168.1.50 (GC Server)
Secondary DNS 192.168.1.6 (This server was brought offline as we needed to decomission it. It has however been brought back up for other reasons)
Also while the error is occurring I am able to ping Both Domain controllers by server name and by IP address. They also resolve the correct server name while pinging by IP. Also these domain controllers are able to the Exchange server.
Now as I am writing this I did have a thought. Let me give a little more background information on the secondary DNS Server as well as the second Domain Controller.
The secondary DNS server was brought offline using DCPROMO. This is no longer a domain controller however I ((Think)) DNS is still enabled on it. I can confirm this at a later time once I can connect to my network. Cisco VPN doesn't work on Vista =P
We do however have a second domain controller but it is not setup for DNS just yet. The exchange server points to the Global Catalog server for it's primary DNS and points to the decommissioned domain controller for it's secondary DNS.
I would not think that this would cause a problem as the primary DNS is still working.
I hope this provides enough information to my problem.