Messed up organization

Hi,

A customer using an evaluation version of Exchange 2003 in a production environment tried installing a new final server on the network with the same name and ip as the evaluation server to bypass the problem created by an expired evaluation.

After "forcing" the installation a bit, now none of the servers work (as I would expect). I guess they messed up the organization at the AD level, since there might be conflicting references to two exchange servers with the same name and IP.

I used adsiedit to remove any references that are explicit to the second server (they tried making it work by giving it a different name), but at this moment the first server doesn't log on when it has network connection, it hangs at "applying computer settings". If we disconnect the cable it, logs on, but we are never able to get any exchange services running (even after reconnecting the cable).

I suspect what I need is to correct the AD info regarding exchange to reference only to the first server, and also, to change the current implementation from an evaluation, to a definitive version (they have a legal key now).

How should I proceed? Thanks. Should I try to change any conflicting references in AD regarding SID and GUIDs to the exchange server?
VanAlexAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

isaman07Commented:
One thing that i did not get, was there any other exchange servers before the 2003 evaluation server was joined the domain? If not, completely remove the exchange organization from AD by restoring an authoritative backup of AD to a state before the second exchange 2003 was added. Here you will be able\to access your server and remove the exchange server and organization from the domain, once removed you can build a new exchange final server. Yes it takes a lot of work, but if AD is corrupt you will have to deal with it and the best way is the authoritative restore of active directory.

Let me know.
harout
0
VanAlexAuthor Commented:
There was no exchange server previously. Only one server that stopped working when the evaluation ran out. The customer then apparently tried to just install a new server with the same name and IP.

According to new information I got today, they never really erased the account for the first evaluation server, they tried to implement a new server with the same name without success, and just decided to install the second server with a new name.

At this moment I-m not sure any more the problem is what I expected since I get conflicting info from the curstomer.

This is the most recurring error I get at the Exchange server:
Event Type:      Error
Event Source:      MSExchangeDSAccess
Event Category:      Topology
Event ID:      2114
Date:            07-02-2008
Time:            8:05:41
User:            N/A
Computer:      MAIL
Description:
Process INETINFO.EXE (PID=1444). Topology Discovery failed, error 0x80040a02.

For more information, click http://www.microsoft.com/contentredirect.asp.

I Also get these:

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1030
Date:            07-02-2008
Time:            7:56:18
User:            NT AUTHORITY\SYSTEM
Computer:      MAIL
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

...

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1097
Date:            07-02-2008
Time:            7:56:18
User:            NT AUTHORITY\SYSTEM
Computer:      MAIL
Description:
Windows cannot find the machine account, No authority could be contacted for authentication. .

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

....

Event Type:      Error
Event Source:      MSExchangeSA
Event Category:      General
Event ID:      1005
Date:            07-02-2008
Time:            7:56:17
User:            N/A
Computer:      MAIL
Description:
Unexpected error The specified domain either does not exist or could not be contacted. Facility: Win32 ID no: 8007054b Microsoft Exchange System Attendant  occurred.

For more information, click http://www.microsoft.com/contentredirect.asp.


Nediag results:


.....................................

    Computer Name: MAIL
    DNS Host Name: MAIL.domain.com
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 10, GenuineIntel
    List of installed hotfixes :
        KB921503
        KB924667-v2
        KB925398_WMP64
        KB925876
        KB925902
        KB926122
        KB927891
        KB929123
        KB930178
        KB931784
        KB932168
        KB933360
        KB933729
        KB933854
        KB935839
        KB935840
        KB936021
        KB936357
        KB936782
        KB938127-IE7
        KB939653-IE7
        KB941202
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : LAN Team

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : MAIL
        IP Address . . . . . . . . : 10.23.10.42
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.23.10.100
        Primary WINS Server. . . . : 10.23.10.41
        Dns Servers. . . . . . . . : 10.23.10.41
                                     10.23.10.43


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{86268CCA-25A4-47EC-AB61-B27D7853DECD}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{86268CCA-25A4-47EC-AB61-B27D7853DECD}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{86268CCA-25A4-47EC-AB61-B27D7853DECD}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'DOMAIN' is to '\\DC.domain.com'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully


0
bnditCommented:
Greetings VanAlex,

At this point, your AD database must be restored to the point before the second Exchange server was introduced into the network like isaman07 pointed out. You dont say what OS your DC or DCs are running, but I will assume it's Windows 2003. You also don't mention how many DCs in the network, but I'll assume more than one. Here are the high level steps to resolve your situation:

1. Perform an authoritative restore of the AD database to ensure that all restored AD objects replicate to all other DCs (assuming there are more than one). Check this article out for step-by-step directions on how to perform an authoritative restore of AD http://www.windowsitpro.com/Article/ArticleID/41170/41170.html

2. Once you have restored your AD database to the point before the second Exchange server was introduced to the network, force replication to ensure all restored AD objects replicate to other DCs. http://www.windowsnetworking.com/kbase/WindowsTips/Windows2003/AdminTips/ActiveDirectory/ForcingActiveDirectoryReplication.html

3. At this point, the integrity of your AD database should be good and ready for the Exchange server swap. NOTE: before doing anything, make sure you have good full backups of your information stores!!!! I'm a bit unclear as to where the full version of Exchange is going to be installed, but I'll assume that it will be installed on the same box. With that in mind, you have two options: 1) An in-place upgrade by selection "reinstall" of Exchange. Be aware of the fact that you cannot downgrade version of Exchange. In other words, if you have a Enterprise trial version, you cannot downgrade to Standard. 2) Completely uninstall Exchanege 2003 from the server, and reinstall Exchange in "disasterRecovery" mode. An important thing to watch out with this option is the resetting of the computer account where Exchange used to be installed. Check this article if you decide to go this route http://www.msexchange.org/tutorials/Recovering-Failed-Exchange-2003-Member-Server-Using-Disaster-Recovery-Switch.html

4. Restore information stores from your backups.

Hope this helps.
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

VanAlexAuthor Commented:
As I expected the customer has no backups for the DCs... Just a backup of the mail store.

I was hoping there was something else I could test before going to a radical measure of cleaning the exchange organization from AD, and reinstalling everything.

There are 100 mailboxes in Outlook 2003 clients, with cached contents, and since I imagine exmerge will not work if system attendant and the information store will not start, I wanted to avoid going manually to each client at all costs.
0
bnditCommented:
Yikes! hmmmm....ok, in the case....are you using the same physical box for Exchange?
0
VanAlexAuthor Commented:
Hi again...

I was able to solve the problem. The server wasn't part of the Exchange Servers Security Group in AD... They must have deleted it during the the attempt to reinstall a new server with the same credentials.

Regarding the change from trial to definitive, it was quite simple. Do a reinstall on the same server with the final CD, and apply the SP2 immediatly.

Everything is 100%, actually it is the cleanest Event Viewer log I've seen in a long time right now :)

Thanks for your help nonetheless.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
isaman07Commented:
Wow what a stupid reason that was going to cost a lot of work.
0
Glen KnightCommented:
Hi MOD's really sorry this should have been a PAQ - refund.
Please start the autoclosure process.
I am still learning ;-)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.