Exchange 2003 Server - "Windows cannot connect to the domain"

Our email is down!  When I try to login to the domain on our Exchange 2003 Server Standard I ge the following:
"Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found.  Please try again later..."

Both of our DCs work because I am able to authenticate on other machines.  I login the Exchange using the local admin account and saw Event ID: 2114 on Source: MSExchangeDSAccess of Category: Topology.  It reads:
"Process INETINFO.EXE (PID=1200).  Topology Discovery failed, error 0x80040931."

We recently decommissioned our primary DC, maybe it's something to do with the LDAP?
LVL 1
randy915Asked:
Who is Participating?
 
mjutrasConnect With a Mentor Commented:
Check in your Active Directory users and computers for your Exchange Server computer account, if its not here, you need to create it then relink your server to that account with the "network ID" wizard in the system icon in the control panel
0
 
tgtranConnect With a Mentor Commented:
Logged back into Exchange using local admin - change DNS server to point to the DC that host GC
0
 
randy915Author Commented:
It already is...
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
tgtranConnect With a Mentor Commented:
Have you cleaned up DNS to remove the old DC from the database?
Have you tried NLTEST on Exchange server to see if it can contact the correct DC?
Any entries in the hosts/lmhosts file pointing to the old DC?
0
 
randy915Author Commented:
Mjutras  >>  I created a new COMPUTER under the ADU&C \ domain.com \ Computers folder with default options.  We have Certification Authority Service installed BTW so when I went to the System Properties on my Exchange box, I notice under the Computer Name tab that the Change button is greyed out.  What should I do?
0
 
randy915Author Commented:
Tgtran >> OK I did notice and removed a couple of entries within the _tcp subfolders in DNS with the dead DC's IP.  I also changed the _msdcs NS entry to the new DNS server.  Started DNS Client and Server services.  Also added the entries into the host file on the Exchange box.  Is there anything I need to restart besides the DNS services?
0
 
tgtranCommented:
You may want to restart netlogon service on the Exchange box
0
 
mjutrasCommented:
Is your OS win2k3? I'm trying to find an other way to relink the account but right now I'm unable to find an other solution than disjoin and rejoin the AD...
0
 
randy915Author Commented:
Mjutras >> I'm rejoining to the domain as we speak and indeed I noticed the computer account was missing from the AD but now it's been created.  Just waiting for the server to boot back up (Applying computer settings...) but it's take quite a bit of time...  Crossing fingers.
0
 
kieran_bCommented:
You have disjoined and rejoined an exchange server from the domain?

I hope you have last nights backup standing by
0
 
mjutrasCommented:
Yeah thats why I said i was trying to find an other way...
0
 
kieran_bCommented:
Right, but now the asker has done it.
0
 
randy915Author Commented:
... still rebooting.  Kieran_b, it sounds like you don't agree with rejoining an Exchange to the domain?  Am I going to lose data?
0
 
mjutrasCommented:
Since exchange and AD works very closely it could produce some unexpected results! But i'm sure all the data is still safe, you may just have to get tricky with your server.
0
 
kieran_bConnect With a Mentor Commented:
>>Kieran_b, it sounds like you don't agree with rejoining an Exchange to the domain?

Correct, doing that is quite possibly one of the sillier things you can do.

>>you may just have to get tricky with your server.

Should read: you will now have to stuff around for a few hours trying to get to a point where things work, and even then, who knows how long it will last.

Uninstall Exchange, rejoin the domain, reinstall exchange and pray that your databases remount, or get the tapes ready.
0
 
randy915Author Commented:
You were right... logging into the system takes about 90 minutes and once inside I cannot really do much since the system seems to be unstable.  I will try to see if I can make a one time backup of the Exchange store and do a reinstall of the whole thing and see if I can restore back.  Wish me luck...
0
 
randy915Author Commented:
The issue is resolved now.  I had to boot into safe mode and put all the Exchange services to manual so I can get into the system.  I then noticed that the services would not start and would hang there.  Since there were serious permission issues after disjoining/rejoining into the domain, running the Exchange SP2's update.exe /domainprep would also hang.

I also saw errors when running NSLOOKUP on both the Exchange the DCs.

Problem was several folds including the Exchange services not being able to start up because the Exchange machine itself was no longer a member of the Exchange Domain Servers group, so after adding it and giving it full permission I was able to start the services.

Running the Exchange Best Practice Analyzer was the key in solving this.  Thanks for everyone's help.
0
All Courses

From novice to tech pro — start learning today.