Exchange server does not work after changed DNS

I have changed my internal DNS-server on the LAN.

After that I am unable to use the Exchange server...
Outlook message:
Task 'Microsoft Exchange Server' reported error (0x8004011D) : 'The server is not available. Contact your administrator if this condition persists.'

OWA: I get the login screen but after I am trying to log on it does not work..

What should I config in DNS to get it work again?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vishal BreedProgram ManagerCommented:
Check the application events are looged in application log as in mentioned

If yes; follow the article.

If no; please paste the error event IDs.

What do you mean by "I have changed my internal DNS-server"?

Exchange depends on AD  and  DNS to work properly.

You may need to run the ForestPrep and DomainPrep processes again. Please check you Exchange installation / deployment guide for exact procedures and requirements.

Handersson75Author Commented:
It still points on the old server .... But where?

"LDAP Bind was unsuccessful on directory srv01.domain for distinguished name ''. Directory returned error:[0x51] Server Down. "

"Could not open LDAP session to directory 'srv01.domain' using local service credentials. Cannot access Address List configuration information.  Make sure the server 'srv01.domain' is running.  DC=domain DC=local "
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Vishal BreedProgram ManagerCommented:
Your exchange server is not able to contact Domain Controller (issue known as Directory Access).

Try restarting Exchange / DC. Also install Exchange Best Practice Analyzer to check why your server is not abel to connect to DC.
Handersson75Author Commented:
I have installed a Windows 2003 DNS/DHCP server and disable my old win 2000 server.

But it seems that the DNS is not allright... or may it be something else?

Done with the analyzer... The content is it can not connect with the new server i installed Win 2003 DNS/DHCP. It still wants to connect to the old server.... and beacuse of that I get this errors:

Schema FSMO role failed to respond
Infrastructure FSMO server role failed to respond
PDC Emulator FSMO role failed to respond
RID FSMO server role failed to respond

Vishal BreedProgram ManagerCommented:
Oh!! Seems to be big mess!!

1> Execute "netdom query FMSO" (support tools must be installed; also make sure all roles are pointing to server which you have transffered th roles previosly)

2> On your Exchange server as well as on all workstations & remaining servers; primary DNS (IP configuration) server must be ServerB (I hope ServerB has DNS installed & condfiured).

3> Then execute nslookup & it should come with without errors.

Kindly finish with these 3 steps & check.
What do you mean by "disabling my old win 2000 server".
Is it still available just shutdown?
Did you DCPROMO the machine correctly?

This looks like you have just removed the domain controller without going through the correct procedures. You cannot just create a new domain controller and shutdown the old one. There are things that you have to do.

If the old server is still available, boot it back up again.
If it isn't available then you will have to through disaster recovery procedures for a failed domain controller, including seizing roles, making the new server a global catalog etc. A complete mess.


Sembee is right. If you are adding a domain controller, you should add it while the primary dc is up and then you can promote it and demote the old server.
Handersson75Author Commented:
The server is still online.. just disabled DNS and DHCP.
I run DCPROMO and moved FSMO + global cat.

Also tested with replmon.exe and seems ok....

DNS and DHCP seems to work on the new server... the problem is that the exchangeserver does not understand that it should connect to the new server, it still wants the old server.... "LDAP Bind was unsuccessful on directory server...."

Handersson75Author Commented:
Have not demote the old win 2000 server... Could the errors depend on this?

Did you change the dns setup on the exchange server? It could be that it is pointing to the old server.

Try ipconfig /flushdns on the exchange server.

Handersson75Author Commented:
Yes, I have a new DNS on the new server.... restarted and ipconfig /flushdns is already done...  
Have you rebooted the Exchange server? Exchange doesn't go looking for another domain controller on its own very easily. Rebooting it is the easiest way to force Exchange to look for another DC.


The new dns server has the same ip of the old one or a different one?

Handersson75Author Commented:
Rebooted the exchangeserver... same problem.

The new DNS has a new IP-adress...

It has to be somewhere in the ESM or on the machine the old DC/DNS is specified....or?
Handersson75Author Commented:
except TCP/IP properties for the NIC...

The server that is running the the exchange server should be pointing to the new dns server. This is done from the nic tcp/ip properties.
Handersson75Author Commented:
Yes, the exchange-server nic is pointing to the new dns as primary + it self as the secondary..

More ideas?
Handersson75Author Commented:
Dcdiag on the exchange server:  Any ideas?

C:\Program Files>netdiag


    Computer Name: SRV07
    DNS Host Name: srv07.domain.local
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 3, GenuineIntel
    List of installed hotfixes :

Netcard queries test . . . . . . . : Passed

Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : srv07
        IP Address . . . . . . . . :
        Subnet Mask. . . . . . . . :
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . :

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

Global results:

Domain membership test . . . . . . : Passed

NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
    1 NetBt transport currently configured.

Autonet address test . . . . . . . : Passed

IP loopback ping test. . . . . . . : Passed

Default gateway test . . . . . . . : Passed

NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.

Winsock test . . . . . . . . . . . : Passed

DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'srv07.domain.local.'. [RCODE_SERVER_FAILURE]
            The name 'srv07.domain.local.' may not be registered in DNS.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver ''. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver ''. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.

Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
    The browser is bound to 1 NetBt transport.

DC discovery test. . . . . . . . . : Passed

DC list test . . . . . . . . . . . : Passed

Trust relationship test. . . . . . : Failed
    [FATAL] Secure channel to domain 'DOMAIN' is broken. [ERROR_NO_LOGON_SER

Kerberos test. . . . . . . . . . . : Passed

LDAP test. . . . . . . . . . . . . : Passed
    [WARNING] Failed to query SPN registration on DC 'srv01.domain.local'.
    [WARNING] Failed to query SPN registration on DC 'srv10.domain.local'.
    [WARNING] Failed to query SPN registration on DC 'srvhelsinki.domain.loc

Bindings test. . . . . . . . . . . : Passed

WAN configuration test . . . . . . : Skipped
    No active remote access connections.

Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully

C:\Program Files>


The dns test shows failures. Do you have your server properly defined in dns on the primary dns server?
Do you have a reverse lookup entry for the server's ip address?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Handersson75Author Commented:
The DNS was not config correct. Delete the DNS and created a new one. Solved the problem.

Case closed.
Forced accept.

EE Admin
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.