Solved

Exchange performance and active directory issues

Posted on 2007-11-30
16
403 Views
Last Modified: 2011-10-03
I am getting some funky issues when opening users properties in outlook. If someone internally sends me an e-mail, If I click on their name in the to field and go to the users properties... if i click on organization or phone/notes or member of..... my outlook hangs for outlook is trying to retrieve data from the exchange server, then it shows ourDCname.domainname.net

It seems like 30 - 40 seconds before it displays information. Anyone else encounter this or have any suggestions? I am getting some delay like outlook it requesting too much data from the server. Is this an AD, DNS or WINS issue?

We have 2 DC's in this site. 1 Exchange 2003 server,both DC's are global cataloge servers, one is the PDC with all FSMO roles attached. All are on the same subnet with brand new cabling cat6, gigabit cards. The exchange server is connecting to a fibrechannel SAN and I/O is probably not even a concern we only have 200 or so users in the exchange server.

0
Comment
Question by:oriontech2
  • 8
  • 4
  • 2
  • +1
16 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20383836
Which DC is Exchange using for its global catalog server, itself or the other one?
0
 

Author Comment

by:oriontech2
ID: 20383898
the exchange box is not functioning as a dc ... it is using . . . well how do i find out?
I think you are referring to, the listing under ESM, properties of the server, directory access tab. I am showing all DC's and it has:

DC1 Config (auto) LDAP 389
DC2  DC (auto) LDAP 389
DC1 DC (auto) 389
DC2 GC (auto) 3268
DC1 GC (auto) 3268
0
 
LVL 2

Expert Comment

by:geniph
ID: 20384122
To see which dc is the global catalog, go to Active Directory Sites and Services, expand the site, expand the Servers node, expand the individual servers, then click on NTDS Settings for each server.  One of them should have Global Catalog checked; if not, one of them needs to.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 2

Accepted Solution

by:
geniph earned 250 total points
ID: 20384163
Oh geez, never mind; I see you already have two GCs.  Helps if you read the whole initial question.
Have you run netdiag or dcdiag to see if either report any issues?  I'd also try pinging your Exchange server by name to see if that responds normally.  
The delay in retrieving data from the Exchange server can be caused by any number of things, including an overfull mailbox on the client end, too many processes on the Exchange server, etc.  To start tracking the problem down, you need to first run dcdiag and netdiag to make sure the AD environment is functioning properly, then start drilling down through performance monitor.  But I always start by having the clients clean out their mailboxes, as that's the easiest thing to fix.  ;-)
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20384470
I misinterpreted your first question - thought the Exchange server was a DC, and if that were the case it should be pointing to itself for global catalog.  However, given that it's not a DC, it shouldn't matter.

What if anything else is running on the Exchange box?  Have you checked the event log on that server to see if there are any errors or warnings related to memory or fragmentation of the virtual memory, or any other problems?
0
 

Author Comment

by:oriontech2
ID: 20384636
Yeah its actually my mailbox this is happening on as well as a mutitude of other users, I think it is happening system wide. It isnt a huge concern but I have had a couple complains recently and it makes me think something is misconfigured somewhere. What is wierd though is when I go to IIS on the exchange box and then default web properties, directory security, edit ip address and domain name restrictions, If i hit add then DNS lookup it comes up with 1 of the 3 IP addresses on that box and not the one that is listed and registered under DNS.

Under DNS it lists and A record for 172.16.2.50 which points to exchsrvr1

the three nic cards on the machine are 10.100.90.1, 10.100.90.2, for the SAN connection, they only have subnet masks configured with no default gate. the other is 172.16.2.50/24 172.16.2.1 gw dns is dc1 and dc2 wins is dc1 and dc2

I got these two as a wierd error message, only got this twice today though.
Event Type:      Error
Event Source:      MSExchangeDSAccess
Event Category:      Topology
Event ID:      2104
Date:            11/29/2007
Time:            12:39:21 PM
User:            N/A
Computer:      EXCHSRVR1
Description:
Process EMSMTA.EXE (PID=4036). All the DS Servers in domain are not responding.

For more information, click http://www.microsoft.com/contentredirect.asp.


Event Type:      Error
Event Source:      MSExchangeAL
Event Category:      LDAP Operations
Event ID:      8026
Date:            11/29/2007
Time:            12:39:40 PM
User:            N/A
Computer:      EXCHSRVR1
Description:
LDAP Bind was unsuccessful on directory dc1.netbios.domain.net for distinguished name ''. Directory returned error:[0x51] Server Down.    

For more information, click http://www.microsoft.com/contentredirect.asp.
0
 

Author Comment

by:oriontech2
ID: 20384691
I have pinged and resolved the exchange server successfully. I ran netdiag and dcdiag with no errors.
0
 
LVL 13

Expert Comment

by:vishal_breed
ID: 20384710
* Install (Microsoft Tool) Exchange Troubleshooting Assistant v1.1 from http://technet.microsoft.com/hi-in/exchange/bb288481(en-us).aspx

* Launch it; select "Perfomance Troubleshooter" & follow the wizard.
0
 
LVL 13

Expert Comment

by:vishal_breed
ID: 20384734
Also use Exbpa (Exchaneg Best Practice Analyzer to check your Exchange Server; from http://technet.microsoft.com/hi-in/exchange/bb288481(en-us).aspx

You need to check whether Exchange server or any DC is talking about version of tcpip.sys. If yes then you need to apply KB 913446.
0
 

Author Comment

by:oriontech2
ID: 20385176
no issues with performance were reported
0
 

Author Comment

by:oriontech2
ID: 20385206
which best practices scan should i use?
0
 
LVL 13

Expert Comment

by:vishal_breed
ID: 20385224
You should go for New Scan when ExBPA is launched.
0
 

Author Comment

by:oriontech2
ID: 20386874
new scan and then what.. there are several options
0
 
LVL 13

Assisted Solution

by:vishal_breed
vishal_breed earned 250 total points
ID: 20388476
1> Log on as admin & Launch ExBPA
2> Go to Welcome Screen
3> Select Options for new scan
4> Mention the DC name & connect to Active Directoy Server
5> This will scan your Exchange Environment
6> For Scope; select each check box; means all servers / admin groups.
7> Type of Scan - Health Check
8> Network Speed - 100 Mbps
9> Start Scanning

* This will scan your DCs as well as Exchange configuration. When results are displayed - check for errors/warnings.

* You may also refer "Help" located in Left Pane of Window.
0
 

Author Comment

by:oriontech2
ID: 20454765
after careful review the issue was on our end internally, we had an issue with our firewal blocking connection requests. There is a MS-PRC-EPM timeout, it was defaulted to 1 minute the recommendation is 60 mins. There is an actual fix for netscreen router/firewalls. I will post it below.

set service MS-EXCHANGE-DATABASE timeout 60
set service MS-EXCHANGE-DIRECTORY timeout 60
set service MS-EXCHANGE-INFO-STORE timeout 60
set service MS-EXCHANGE-MTA timeout 60
set service MS-EXCHANGE-STORE timeout 60
set service MS-EXCHANGE-SYSATD timeout 60
set service MS-RPC-EPM timeout 60
save
set policy id 100 top from trust to untrust any any ms-exchange permit
set policy id 100
set service MS-RPC-EPM
exit
save
0
 

Author Closing Comment

by:oriontech2
ID: 31411970
thanks guys i dist points eventhough the solutions were not applicable.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question