?
Solved

"Exchange Server Unavailable" when DC reboots

Posted on 2007-07-24
10
Medium Priority
?
611 Views
Last Modified: 2009-12-16
Hi,

On my network I have 2 DCs and 1 Exchange 2003 server.All are Win 2003 Std.
Both DCs are global catalogs and have a replica of DNS.

My problem is that when I shut down either DC1 or DC2 then my users cannot access the Exchange server. They get an "Exchange Server Unavailable" msg. The Exchange server shows event 8026, LDAP bind was unsuccessful.

I would presume that if I kept one DC operational that my Exchange server would still function.

Any ideas?

Thanks




0
Comment
Question by:nmxsupport
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 29

Expert Comment

by:mass2612
ID: 19554554
Hi,

What you describe is a common issue I have seen also and never really found a resolution so I'll love to hear what it said. Saying that though when the Exchnage services start they bind to a specific DC. If that DC is shutdown or unavailable then the Exchange server tries to contact it for up to about 30 minutes before failing over and trying another DC. You can speed up the process by restarting the Exchange services and it should bind with the other available DC.

As I said not really a fix but that's what I've seen with this issue so everyone please chime in.

Thanks.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19554555
Many people think the way that you do.
Exchange hooks on to a specific domain controller. If that domain controller goes away, Exchange does not go looking for another DC for around 35 minutes. During that time, Exchange will not function. Nothing you can do about it, other than ensure that your domain controller reboots very quickly and you don't do it during production hours.
If the DC fails or is going to be down for a while, restart the Exchange services which forces Exchange to look for another DC.
Both DCs need to be Global Catalogs for Exchange to use them.

Simon.
0
 

Author Comment

by:nmxsupport
ID: 19554677
Okay
If this is by design, is there a MS TID or KB article referencing this behavious so that I can present to others?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:nmxsupport
ID: 19554689
Finally, I guess the solution is (against MS recommendations) to make the Exchange server also a DC/GC ?
0
 
LVL 28

Expert Comment

by:peakpeak
ID: 19554704
There is. Seems like the list of working DC's are evaluated every 15 minutes according to this article:
http://technet.microsoft.com/en-us/library/aa996247.aspx
0
 

Author Comment

by:nmxsupport
ID: 19554707
Is this "35 minutes" a configurable interval somewhere?
How can I tell which DC thatExchange is currently bound to?
0
 
LVL 28

Expert Comment

by:peakpeak
ID: 19554737
In system manager, choose Properties for the Exchange server, click Direrectory Accrss tab. The Config DC is the important one
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19554871
Making the Exchange server a domain controller is not a good idea.
It is against the best practises and changing the role of the machine after Exchange is installed is not supported. It will cause you more problems than it resolves.
The 30 minute timeout cannot be changed - as with many things in the Exchange world. While Microsoft claim that Exchange looks for DCs after 15 minutes, the real world is 30 minutes.

I would also strongly advise against permanently setting a specific domain controller in Exchange. That can cause problems, particularly if that DC was to fail during the night. Exchange will go looking for another DC on its own, it just takes time.

The thing that puzzles me is why you are shutting down a domain controller anyway. That will cause disruption to your users, it isn't only Exchange that uses one DC, but the user workstations do as well. I only shutdown a DC when I really have to - usually only for a reboot for automatic updates. That reboot takes place out of production hours any way. If I have to shutdown the DC then I will lock Exchange to a specific domain controller, but at least two hours before the work is to begin.

Simon.
0
 

Author Comment

by:nmxsupport
ID: 19555355
Okay sembee, I must confess this is not my network but our customer has had recent problems with backup software and things on a DC and for that reason several reboots of the DC were required during the day. The concern is that we presumed multuple DCs and GCs would provide enough resilience not to cause any probs with exchange.

How can I lock exchange to a specific DC if I need to restart it?
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 19557365
The lock is not 100% fool proof and you cannot lock the server and then reboot the domain controller server immediately. You use the same location that was pointed to you above, and deselect the option to allow Exchange to find the domain controllers automatically.

Simon.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, we will learn to set up the Group Naming policy and will see how it is going to impact the Display Name and the Email addresses of the Group.
There are literally thousands of Exchange recovery applications out there. So how do you end up picking one that’s ideal for your business & purpose? By carefully scouting the product’s features, the benefits it offers you, & reading ample reviews f…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

616 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question