How can I completely remove Exchange Server 2007 and all references from Active Directory?
I've had a ton of problems today with Exchange Server 2007 and Active Directory.
My exchange server is running on Windows Server 2003 Standard R2 x64 and I've had to format it twice and every time I format, there is still issues with Active Directory and connectivity issues.
I figure I need to completely wipe out any references to Exchange Server in the Active Directory database.
So far, I have ran ADSIEDIT.MSC and deleted all references to Exchange Server, and in addition, I've removed DNS forward and reverse lookup entries so I can start from scratch.
Am I missing anything or should I consider taking a look at any pre requisits before installing Exchange Server once again?
Must I create a user in AD with all Administrative Access including Domain Admin, Enterprise Admin, Schema Admin, etc in order for Exchange Server to be able to install to AD correctly?
Thanks in Advance.
Chris
My exchange server is running on Windows Server 2003 Standard R2 x64 and I've had to format it twice and every time I format, there is still issues with Active Directory and connectivity issues.
I figure I need to completely wipe out any references to Exchange Server in the Active Directory database.
So far, I have ran ADSIEDIT.MSC and deleted all references to Exchange Server, and in addition, I've removed DNS forward and reverse lookup entries so I can start from scratch.
Am I missing anything or should I consider taking a look at any pre requisits before installing Exchange Server once again?
Must I create a user in AD with all Administrative Access including Domain Admin, Enterprise Admin, Schema Admin, etc in order for Exchange Server to be able to install to AD correctly?
Thanks in Advance.
Chris
ASKER
I only have one active directory and one exchange server. I have installed exchange on the ad server successfully and removed with no issue. I just can't seem to figure this one out.
So you have 2 servers total? What version of Exchange was installed on the AD server? When you say AD server, you mean domain controller? Is the Exchange server a domain controller also?
All you have to do is format the Box
and delete the Exchange 2007 Org from AD, or if the only exchange delete the whole Exchange Key
NOTE: (This will remove all references to the Exchange org so if you have other exchange 2007 servers will kill them also)
Before you do this be sure that if you have multiple DCs that they are replicating forst (you can use DCDIAG and NETDIAG - Installed from support tool directory on the OS CD)
And always make a system state backup of your domain
Note: do this at your own risk, I will not take responsibility if you damage your AD
ADSIEDIT - Configuration [server.domain.local]
CN=Configuration, DC=LAB, DC=NET
CN=Services
CN=Microsoft Exchange - If no other exchange Servers can just delete this
Cn=Domain
CN=Administrative Groups
If other exchange dete this location CN=Exchange Administrative Group (FYDIBOHF23SPDLT) -
and delete the Exchange 2007 Org from AD, or if the only exchange delete the whole Exchange Key
NOTE: (This will remove all references to the Exchange org so if you have other exchange 2007 servers will kill them also)
Before you do this be sure that if you have multiple DCs that they are replicating forst (you can use DCDIAG and NETDIAG - Installed from support tool directory on the OS CD)
And always make a system state backup of your domain
Note: do this at your own risk, I will not take responsibility if you damage your AD
ADSIEDIT - Configuration [server.domain.local]
CN=Configuration, DC=LAB, DC=NET
CN=Services
CN=Microsoft Exchange - If no other exchange Servers can just delete this
Cn=Domain
CN=Administrative Groups
If other exchange dete this location CN=Exchange Administrative Group (FYDIBOHF23SPDLT) -
ASKER
I have a Domain Controller - Server 2003 Standard
I have an exchange Server - Server 2003 R2 x64
So only one domain controller and only one exchange server.
I formatted the exchange server, and re done it twice because when I tried connecting to the domain, it gave me a bunch of errors in the error log in event viewer and the services were failing to start. The closest I've got was when I first installed it and attached to the domain controller the first time around but had to remove and re install because of something (I can't remember) but this was all in one day's time.
I have an exchange Server - Server 2003 R2 x64
So only one domain controller and only one exchange server.
I formatted the exchange server, and re done it twice because when I tried connecting to the domain, it gave me a bunch of errors in the error log in event viewer and the services were failing to start. The closest I've got was when I first installed it and attached to the domain controller the first time around but had to remove and re install because of something (I can't remember) but this was all in one day's time.
ASKER
atkjedi, should I wait a specific period of time after I remove those keys? I have already removed them on Friday as I cannot find any other reference to Exchange Server on the Domain Controller.
The DC should already have replicated by now, seeing as its Monday.
The DC should already have replicated by now, seeing as its Monday.
ASKER
So far, I have updated the system with all windows security updates. I've installed .NET framework 3 SP1 and I've successfully joined the domain under the computer name "OWA".
I'm guessing the next step is to install IIS, Then the Power Shell Client, and then Exchange Server. I will keep you guys posted when I've done that.
Chris
I'm guessing the next step is to install IIS, Then the Power Shell Client, and then Exchange Server. I will keep you guys posted when I've done that.
Chris
ASKER
I haven't installed ES yet, but I did receive the following error messages:
MRxSmb EVENT ID 8003
The master browser has received a server announcement from the computer SERVERX226 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{14F3FC90-8D61
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
AND......
Dnsapi EVENT ID 11197
The system failed to update and remove host (A) resource records (RRs) for network adapter
with settings:
Adapter Name : {14F3FC90-8D61-451A-899D-8
Host Name : owa
Primary Domain Suffix : hq.mrjanitorialsupplies.co
DNS server list :
192.168.0.103, 192.168.0.1
Sent update to server : <?>
IP Address(es) :
192.168.0.101
The reason the update request failed was because of a system problem. For specific error code, see the record data displayed below.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
MRxSmb EVENT ID 8003
The master browser has received a server announcement from the computer SERVERX226 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{14F3FC90-8D61
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
AND......
Dnsapi EVENT ID 11197
The system failed to update and remove host (A) resource records (RRs) for network adapter
with settings:
Adapter Name : {14F3FC90-8D61-451A-899D-8
Host Name : owa
Primary Domain Suffix : hq.mrjanitorialsupplies.co
DNS server list :
192.168.0.103, 192.168.0.1
Sent update to server : <?>
IP Address(es) :
192.168.0.101
The reason the update request failed was because of a system problem. For specific error code, see the record data displayed below.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER
I apparently cannot connect to Active Directory snap-in that I added from the exchange server. Are there steps I can take to troubleshoot that particular issue? I'm assuming that is why the exchange server is not able to install/run properly.
That makes more sense, which is why I asked if you were having other AD issues. Is DNS correct on the Exchange server? Is DNS installed on the Exchange server, or are you pointing to the DC? Is DNS working properly on the DC?
ASKER
I'm now having DNS issues on the Domain Controller machine. Exchange server machine is strictly an exchange server, nothing else.
Im having problems related to zones now, the errors are stating:
---
The DNS server was unable to complete directory service enumeration of zone hq.mrjanitorialsupplies.co
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
The DNS server was unable to complete directory service enumeration of zone 0.168.192.in-addr.arpa. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Im having problems related to zones now, the errors are stating:
---
The DNS server was unable to complete directory service enumeration of zone hq.mrjanitorialsupplies.co
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
The DNS server was unable to complete directory service enumeration of zone 0.168.192.in-addr.arpa. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER
I'm getting a lot of w32tm errors too:
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER
Fixed the time issue, so now just have to deal with the DNS issue.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Are you using .com for your internal network name as well? not .local or .lan? Is this an external DNS server as well? Just curious.
ASKER
I only have one domain and it is hq.mrjanitorialsupplies.co
As some info, the DNS is on the same machine as the active directory domain controller.
I've done tests with dcdiag and netdiag.exe and all tests passed except the WINS service test on netdiag.exe. Unable to query WINS servers, but I think that's normal for my setup.
I still cannot contact the domain controller from the Exchange Server.
As some info, the DNS is on the same machine as the active directory domain controller.
I've done tests with dcdiag and netdiag.exe and all tests passed except the WINS service test on netdiag.exe. Unable to query WINS servers, but I think that's normal for my setup.
I still cannot contact the domain controller from the Exchange Server.
is DNS running on the Exchange server? If not, is it pointing to your DC? Can you browse \\hq.mrjanitorialsupplies.
ASKER
My DNS address is statically set to 192.168.0.103 which is the IP of the DC/DNS server.
I can browse \\hq.mrjanitorialsupplies.
I get the following errors when I log in, in the event viewer:
The system failed to register host (A) resource records (RRs) for network adapter
with settings:
Adapter Name : {5722C9A6-EFB9-428F-A5C5-D
Host Name : owa
Primary Domain Suffix : hq.mrjanitorialsupplies.co
DNS server list :
192.168.0.103, 192.168.0.1
Sent update to server : 192.168.0.103
IP Address(es) :
192.168.0.91
The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. For specific error code, see the record data displayed below.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
--------------------------
The system failed to register host (A) resource records (RRs) for network adapter
with settings:
Adapter Name : {5722C9A6-EFB9-428F-A5C5-D
Host Name : owa
Primary Domain Suffix : hq.mrjanitorialsupplies.co
DNS server list :
192.168.0.103, 192.168.0.1
Sent update to server : 192.168.0.103
IP Address(es) :
192.168.0.91
The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. For specific error code, see the record data displayed below.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I can browse \\hq.mrjanitorialsupplies.
I get the following errors when I log in, in the event viewer:
The system failed to register host (A) resource records (RRs) for network adapter
with settings:
Adapter Name : {5722C9A6-EFB9-428F-A5C5-D
Host Name : owa
Primary Domain Suffix : hq.mrjanitorialsupplies.co
DNS server list :
192.168.0.103, 192.168.0.1
Sent update to server : 192.168.0.103
IP Address(es) :
192.168.0.91
The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. For specific error code, see the record data displayed below.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
--------------------------
The system failed to register host (A) resource records (RRs) for network adapter
with settings:
Adapter Name : {5722C9A6-EFB9-428F-A5C5-D
Host Name : owa
Primary Domain Suffix : hq.mrjanitorialsupplies.co
DNS server list :
192.168.0.103, 192.168.0.1
Sent update to server : 192.168.0.103
IP Address(es) :
192.168.0.91
The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. For specific error code, see the record data displayed below.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER
When I do an ipconfig /registerdns on the exchange machine, it gives me the exact same event error with the name Dnsapi as above.
ASKER
I think i managed to get it to connect now, don't know how. But the exchange server was able to add in the active directory users and computers snap in , into the MMC. Going to check event log for errors when it boots up.
ASKER
rebooted now the problem is back, gettin that A host record issue again.
You said you haven't installed Exchange? Can you remove the Exchange server from the domain, then re-join it? But before rejoining it, remove all traces of it from DNS and AD, if it is not removed on it's own. Then try joining it back to the domain. There might be traces left over from the last time. And if you really want to be sure, change the IP address to something else before joining it back.
ASKER
I haven't installed exchange yet, no.
I just renamed the computer to MAIL instead of OWA, and I joined a workgroup then rejoined back to the domain, rebooting machine now. Will let you know what happens in a second.
I just renamed the computer to MAIL instead of OWA, and I joined a workgroup then rejoined back to the domain, rebooting machine now. Will let you know what happens in a second.
ASKER
Ok, it successfully joined the domain under MAIL as a computer.
It created a forward lookup entry, but no reverse lookup entry for MAIL. Is that normal?
I am able to add in the Active Directory Users and Computers into the MMC from the exchange server, I am also able to connect to \\hq.mrjanitorialsupplies.
No weird entry's in the event log related to group policy's not applying or DNS issues now. So that seems to be good.
Must I create a Pointer Record for the reverse lookup for the Exchange Server?
It created a forward lookup entry, but no reverse lookup entry for MAIL. Is that normal?
I am able to add in the Active Directory Users and Computers into the MMC from the exchange server, I am also able to connect to \\hq.mrjanitorialsupplies.
No weird entry's in the event log related to group policy's not applying or DNS issues now. So that seems to be good.
Must I create a Pointer Record for the reverse lookup for the Exchange Server?
Change the name so that it's not mail. Especially since your internal domain is the same your external. It will create PTR records if you have it set to automatically create PTR records in DNS.
ASKER
Ok I will change it.
ASKER
So far so good, i changed the name to something else, re joined the domain. no errors yet. I'm going to do a few more tests to see, and research some pre req's for Exchange Server 2007 before installing it to make sure I'm good to go.
ASKER
It definitely was DNS that was causing the issues. Thank you for your continuous support.
Make sure that you also install SP1, as that adds functionality and features. And also make sure that you setup reverse dns records with your isp for the office, otherwise you're going to have mail servers rejecting the email.
I apologize for the delay in response, (went out of town) but looks like tntmax got you taken care of, looks like a combo of DNS and AD issues
ASKER
No worries atkjed, Just re installed Exchange, had a ton of errors lol.. *sigh* Will probably ask another question later on today if things don't straighten out.
ASKER
https://www.experts-exchange.com/questions/22552202/Manually-Removing-Exchange-2007.html