techsfefcu
asked on
Exchange loss of connectivity when Domain Controller Restarts..
We are running an Exchange 2003 server on a Windows 2003 server and are having the following problem:
Everytime we restart our domain controller we lose access to our mailboxes even though we have another DC locally and one out of state. Our DC's also act as our internal DNS servers as well. We are pretty much stumpped as to why this happens or how to remedy it. Any help or nudge in the right direction would be greatly appreciated.
Thanks in advance,
Joe
Everytime we restart our domain controller we lose access to our mailboxes even though we have another DC locally and one out of state. Our DC's also act as our internal DNS servers as well. We are pretty much stumpped as to why this happens or how to remedy it. Any help or nudge in the right direction would be greatly appreciated.
Thanks in advance,
Joe
Exchange requires constant access to a domain controller. When that domain controller goes away, it does not fail over to another DC immediately. Exchange will not go looking for another DC for at least 30 minutes. During that time Exchange and Outlook is close to useless.
The fix? Don't reboot domain controllers during the day. I only reboot my domain controllers when I have to - I have just rebooted them in the last hour (it is gone midnight here) because of an update. Otherwise they are not rebooted.
The Exchange server was rebooted at the same time and the DC was up first, so when Exchange came online, its DCs were there.
Simon.
The fix? Don't reboot domain controllers during the day. I only reboot my domain controllers when I have to - I have just rebooted them in the last hour (it is gone midnight here) because of an update. Otherwise they are not rebooted.
The Exchange server was rebooted at the same time and the DC was up first, so when Exchange came online, its DCs were there.
Simon.
ASKER
Sembee,
I tried your recommendation and it didn't provided the results that I was looking for. I have multiple GC's and multiple DC's. I shut down the DC and waited for about 1 hour to see if Exchange would go looking for another DC and GC but, it didn't. Not to mention that there has to be some kind of way for this to work. I can't imagine that if my DC was FUBAR that we would lose all email capability. I guess that I'll just keep looking to see if there is a solution to this problem.
Thanks,
-Joe
I tried your recommendation and it didn't provided the results that I was looking for. I have multiple GC's and multiple DC's. I shut down the DC and waited for about 1 hour to see if Exchange would go looking for another DC and GC but, it didn't. Not to mention that there has to be some kind of way for this to work. I can't imagine that if my DC was FUBAR that we would lose all email capability. I guess that I'll just keep looking to see if there is a solution to this problem.
Thanks,
-Joe
The solution is to restart the Exchange services.
I said it will not go looking for another DC for at least 35 minutes. That is the shortest time. It can take longer than that.
I would hope that in the event of a DC failure you would know about it and would take action.
Simon.
I said it will not go looking for another DC for at least 35 minutes. That is the shortest time. It can take longer than that.
I would hope that in the event of a DC failure you would know about it and would take action.
Simon.
ASKER
OK... I'm going to try restarting the Exchange services and se what happens..
Thanks,
-Joe
Thanks,
-Joe
ASKER
OK Here you go... I can't take credit for this.. My Systems Administrator solved the problem with the loss of connectivity to Exchange via Outlook. I am posting his resolution as he posted it in our knowledge base.. We worked this way for over a week without incident.
=========
1. We transfer FSMO roles to a new domain controller and set it as a GC.
2. Per the output of the policytest tool, the "Manage auditing and security log" permission for the Exchange Enterprise Servers group is missing from backup domain controllers. Without this permission, the two GC servers cannot be used by Outlook when primary domain controller is offline.
3. We run Setup/domainprep to fix the permission issue, which resolves our issue eventually. After shutting down the primary domain controller, outlook no longer loses connection with Exchange and use other domain controllers for directory and authentication services.
=========
1. We transfer FSMO roles to a new domain controller and set it as a GC.
2. Per the output of the policytest tool, the "Manage auditing and security log" permission for the Exchange Enterprise Servers group is missing from backup domain controllers. Without this permission, the two GC servers cannot be used by Outlook when primary domain controller is offline.
3. We run Setup/domainprep to fix the permission issue, which resolves our issue eventually. After shutting down the primary domain controller, outlook no longer loses connection with Exchange and use other domain controllers for directory and authentication services.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Exchange needs a Global Catalog to funtion. My guess would be the 2003 Server hosting Exchange isn't a GC. So just checking you mean there is the 2003 with Exchange and another DC that gets rebooted and you loose your mailboxes? I'd suggest making the DC with Exchange a GC by following these instructions.
http://support.microsoft.com/kb/313994
Also where does the 2003 point to for DNS? Itself?
Rob