VanAlex
asked on
Messed up organization
Hi,
A customer using an evaluation version of Exchange 2003 in a production environment tried installing a new final server on the network with the same name and ip as the evaluation server to bypass the problem created by an expired evaluation.
After "forcing" the installation a bit, now none of the servers work (as I would expect). I guess they messed up the organization at the AD level, since there might be conflicting references to two exchange servers with the same name and IP.
I used adsiedit to remove any references that are explicit to the second server (they tried making it work by giving it a different name), but at this moment the first server doesn't log on when it has network connection, it hangs at "applying computer settings". If we disconnect the cable it, logs on, but we are never able to get any exchange services running (even after reconnecting the cable).
I suspect what I need is to correct the AD info regarding exchange to reference only to the first server, and also, to change the current implementation from an evaluation, to a definitive version (they have a legal key now).
How should I proceed? Thanks. Should I try to change any conflicting references in AD regarding SID and GUIDs to the exchange server?
A customer using an evaluation version of Exchange 2003 in a production environment tried installing a new final server on the network with the same name and ip as the evaluation server to bypass the problem created by an expired evaluation.
After "forcing" the installation a bit, now none of the servers work (as I would expect). I guess they messed up the organization at the AD level, since there might be conflicting references to two exchange servers with the same name and IP.
I used adsiedit to remove any references that are explicit to the second server (they tried making it work by giving it a different name), but at this moment the first server doesn't log on when it has network connection, it hangs at "applying computer settings". If we disconnect the cable it, logs on, but we are never able to get any exchange services running (even after reconnecting the cable).
I suspect what I need is to correct the AD info regarding exchange to reference only to the first server, and also, to change the current implementation from an evaluation, to a definitive version (they have a legal key now).
How should I proceed? Thanks. Should I try to change any conflicting references in AD regarding SID and GUIDs to the exchange server?
ASKER
There was no exchange server previously. Only one server that stopped working when the evaluation ran out. The customer then apparently tried to just install a new server with the same name and IP.
According to new information I got today, they never really erased the account for the first evaluation server, they tried to implement a new server with the same name without success, and just decided to install the second server with a new name.
At this moment I-m not sure any more the problem is what I expected since I get conflicting info from the curstomer.
This is the most recurring error I get at the Exchange server:
Event Type: Error
Event Source: MSExchangeDSAccess
Event Category: Topology
Event ID: 2114
Date: 07-02-2008
Time: 8:05:41
User: N/A
Computer: MAIL
Description:
Process INETINFO.EXE (PID=1444). Topology Discovery failed, error 0x80040a02.
For more information, click http://www.microsoft.com/contentredirect.asp.
I Also get these:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1030
Date: 07-02-2008
Time: 7:56:18
User: NT AUTHORITY\SYSTEM
Computer: MAIL
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
...
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1097
Date: 07-02-2008
Time: 7:56:18
User: NT AUTHORITY\SYSTEM
Computer: MAIL
Description:
Windows cannot find the machine account, No authority could be contacted for authentication. .
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
....
Event Type: Error
Event Source: MSExchangeSA
Event Category: General
Event ID: 1005
Date: 07-02-2008
Time: 7:56:17
User: N/A
Computer: MAIL
Description:
Unexpected error The specified domain either does not exist or could not be contacted. Facility: Win32 ID no: 8007054b Microsoft Exchange System Attendant occurred.
For more information, click http://www.microsoft.com/contentredirect.asp.
Nediag results:
.......................... .......... .
Computer Name: MAIL
DNS Host Name: MAIL.domain.com
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
KB921503
KB924667-v2
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931784
KB932168
KB933360
KB933729
KB933854
KB935839
KB935840
KB936021
KB936357
KB936782
KB938127-IE7
KB939653-IE7
KB941202
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : LAN Team
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : MAIL
IP Address . . . . . . . . : 10.23.10.42
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.23.10.100
Primary WINS Server. . . . : 10.23.10.41
Dns Servers. . . . . . . . : 10.23.10.41
10.23.10.43
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{86268CCA-25A4 -47EC-AB61 -B27D7853D ECD}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{86268CCA-25A4 -47EC-AB61 -B27D7853D ECD}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{86268CCA-25A4 -47EC-AB61 -B27D7853D ECD}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Passed
Secure channel for domain 'DOMAIN' is to '\\DC.domain.com'.
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
According to new information I got today, they never really erased the account for the first evaluation server, they tried to implement a new server with the same name without success, and just decided to install the second server with a new name.
At this moment I-m not sure any more the problem is what I expected since I get conflicting info from the curstomer.
This is the most recurring error I get at the Exchange server:
Event Type: Error
Event Source: MSExchangeDSAccess
Event Category: Topology
Event ID: 2114
Date: 07-02-2008
Time: 8:05:41
User: N/A
Computer: MAIL
Description:
Process INETINFO.EXE (PID=1444). Topology Discovery failed, error 0x80040a02.
For more information, click http://www.microsoft.com/contentredirect.asp.
I Also get these:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1030
Date: 07-02-2008
Time: 7:56:18
User: NT AUTHORITY\SYSTEM
Computer: MAIL
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
...
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1097
Date: 07-02-2008
Time: 7:56:18
User: NT AUTHORITY\SYSTEM
Computer: MAIL
Description:
Windows cannot find the machine account, No authority could be contacted for authentication. .
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
....
Event Type: Error
Event Source: MSExchangeSA
Event Category: General
Event ID: 1005
Date: 07-02-2008
Time: 7:56:17
User: N/A
Computer: MAIL
Description:
Unexpected error The specified domain either does not exist or could not be contacted. Facility: Win32 ID no: 8007054b Microsoft Exchange System Attendant occurred.
For more information, click http://www.microsoft.com/contentredirect.asp.
Nediag results:
..........................
Computer Name: MAIL
DNS Host Name: MAIL.domain.com
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
KB921503
KB924667-v2
KB925398_WMP64
KB925876
KB925902
KB926122
KB927891
KB929123
KB930178
KB931784
KB932168
KB933360
KB933729
KB933854
KB935839
KB935840
KB936021
KB936357
KB936782
KB938127-IE7
KB939653-IE7
KB941202
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : LAN Team
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : MAIL
IP Address . . . . . . . . : 10.23.10.42
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.23.10.100
Primary WINS Server. . . . : 10.23.10.41
Dns Servers. . . . . . . . : 10.23.10.41
10.23.10.43
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{86268CCA-25A4
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{86268CCA-25A4
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{86268CCA-25A4
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Passed
Secure channel for domain 'DOMAIN' is to '\\DC.domain.com'.
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
Greetings VanAlex,
At this point, your AD database must be restored to the point before the second Exchange server was introduced into the network like isaman07 pointed out. You dont say what OS your DC or DCs are running, but I will assume it's Windows 2003. You also don't mention how many DCs in the network, but I'll assume more than one. Here are the high level steps to resolve your situation:
1. Perform an authoritative restore of the AD database to ensure that all restored AD objects replicate to all other DCs (assuming there are more than one). Check this article out for step-by-step directions on how to perform an authoritative restore of AD http://www.windowsitpro.com/Article/ArticleID/41170/41170.html
2. Once you have restored your AD database to the point before the second Exchange server was introduced to the network, force replication to ensure all restored AD objects replicate to other DCs. http://www.windowsnetworking.com/kbase/WindowsTips/Windows2003/AdminTips/ActiveDirectory/ForcingActiveDirectoryReplication.html
3. At this point, the integrity of your AD database should be good and ready for the Exchange server swap. NOTE: before doing anything, make sure you have good full backups of your information stores!!!! I'm a bit unclear as to where the full version of Exchange is going to be installed, but I'll assume that it will be installed on the same box. With that in mind, you have two options: 1) An in-place upgrade by selection "reinstall" of Exchange. Be aware of the fact that you cannot downgrade version of Exchange. In other words, if you have a Enterprise trial version, you cannot downgrade to Standard. 2) Completely uninstall Exchanege 2003 from the server, and reinstall Exchange in "disasterRecovery" mode. An important thing to watch out with this option is the resetting of the computer account where Exchange used to be installed. Check this article if you decide to go this route http://www.msexchange.org/tutorials/Recovering-Failed-Exchange-2003-Member-Server-Using-Disaster-Recovery-Switch.html
4. Restore information stores from your backups.
Hope this helps.
At this point, your AD database must be restored to the point before the second Exchange server was introduced into the network like isaman07 pointed out. You dont say what OS your DC or DCs are running, but I will assume it's Windows 2003. You also don't mention how many DCs in the network, but I'll assume more than one. Here are the high level steps to resolve your situation:
1. Perform an authoritative restore of the AD database to ensure that all restored AD objects replicate to all other DCs (assuming there are more than one). Check this article out for step-by-step directions on how to perform an authoritative restore of AD http://www.windowsitpro.com/Article/ArticleID/41170/41170.html
2. Once you have restored your AD database to the point before the second Exchange server was introduced to the network, force replication to ensure all restored AD objects replicate to other DCs. http://www.windowsnetworking.com/kbase/WindowsTips/Windows2003/AdminTips/ActiveDirectory/ForcingActiveDirectoryReplication.html
3. At this point, the integrity of your AD database should be good and ready for the Exchange server swap. NOTE: before doing anything, make sure you have good full backups of your information stores!!!! I'm a bit unclear as to where the full version of Exchange is going to be installed, but I'll assume that it will be installed on the same box. With that in mind, you have two options: 1) An in-place upgrade by selection "reinstall" of Exchange. Be aware of the fact that you cannot downgrade version of Exchange. In other words, if you have a Enterprise trial version, you cannot downgrade to Standard. 2) Completely uninstall Exchanege 2003 from the server, and reinstall Exchange in "disasterRecovery" mode. An important thing to watch out with this option is the resetting of the computer account where Exchange used to be installed. Check this article if you decide to go this route http://www.msexchange.org/tutorials/Recovering-Failed-Exchange-2003-Member-Server-Using-Disaster-Recovery-Switch.html
4. Restore information stores from your backups.
Hope this helps.
ASKER
As I expected the customer has no backups for the DCs... Just a backup of the mail store.
I was hoping there was something else I could test before going to a radical measure of cleaning the exchange organization from AD, and reinstalling everything.
There are 100 mailboxes in Outlook 2003 clients, with cached contents, and since I imagine exmerge will not work if system attendant and the information store will not start, I wanted to avoid going manually to each client at all costs.
I was hoping there was something else I could test before going to a radical measure of cleaning the exchange organization from AD, and reinstalling everything.
There are 100 mailboxes in Outlook 2003 clients, with cached contents, and since I imagine exmerge will not work if system attendant and the information store will not start, I wanted to avoid going manually to each client at all costs.
Yikes! hmmmm....ok, in the case....are you using the same physical box for Exchange?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Wow what a stupid reason that was going to cost a lot of work.
Hi MOD's really sorry this should have been a PAQ - refund.
Please start the autoclosure process.
I am still learning ;-)
Please start the autoclosure process.
I am still learning ;-)
Let me know.
harout