Unable to access the GAL with OWA after replacing our main Domain controller.

notes
=====================
-we upgraded our main domain controller from 2003 to 2008.  When i say "main" i am referring to the DC that host our 3 catalogs.  We have 2 other 2003 domain controllers on the network.
-we have not demoted the older 2003 DC yet
-the issue only happens when we power down the older 2003 DC (we currently keep it online for this reason)
-it does not matter if we connect to OWA on the local network or while off-site
-if the old dc is turned off and a user has their default address list set to one of the secondary address list then it goes back to the global address list.
-Outlook web access, and outlooks ssl(using http) both do not show the global address book.
-the "main DC" is also our DNS, WINS, and DHCP server. (if it matters)
-not sure if its related but when clients authenticate to the "site A" DC they do not show up in the network neighborhood.

It almost like there is a setting in exchange 2003 that needs to be set to the new DC however we cannot find anything.
LVL 1
jab56Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

FourBeersCommented:
Sorry to be vague, but I recall having to set a manual registry key to force our exchange server to authenticate against a particular DC.  Although I can't remember which key, I guess you could search the registry for your old DC name in there, might be worth checking in case someone has set this up.
0
LauraEHunterMVPCommented:
If the retired DC is your only Global Catalog Server, you need to designate at least one additional DC as a GC or Exchange will not function.
0
exx1976Commented:
+! on global catalog issue..

Also check in ESM to make sure someone didn't specify a DC to be used..
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

jab56Author Commented:
Hi FourBeers:  I do a search on the registry for the name or IP of our old DC server.

Hi LauraEHunterMVP: We moved all the catalogs to the new 2008 server and removed them from the 2003 server - these all seem to be okay.

Hi exx1976: We looked around the Exchange system manager for the dc server name(or IP) but could not find anything.
0
Exchange_GeekCommented:
Please check events 2080 on your Exchange server to check which server your Exchange is looking for for GC / Dc / Config DC.

Which server is your Exchange server pointing for DNS in your NIC Card ??

Also, please copy paste the screen shot as to what is this secondary address list.

"-if the old dc is turned off and a user has their default address list set to one of the secondary address list then it goes back to the global address list."

Once this DC is down - please check your event viewer of Exchange server for errors. Please post it here.
0
jab56Author Commented:
I did a search in the registery and found..

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ADs\Providers\LDAP\CN=Aggregate,CN=Schema,CN=Configuration,DC=subdivision,DC=division,DC=company,DC=com\File  
  =  %SystemRoot%\SchCache\pdc2003.subdivision.division.company.com_389.sch

HKEY_CURRENT_USER\Software\Microsoft\Exchange\ExBPA\DCSpecified
  =PDC2003

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\ExchangeAdmin EXCHANGE_SVR 0x14d12d40:0x24d771d4\dca740c8c042101ab4b908002b2fe182
  = PDC2003
(I found about 30 of these in a row)
0
jab56Author Commented:
when i say "I found about 30 of these in a row" they are all the same like the last registry entry above.
0
jab56Author Commented:
C:\Documents and Settings\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : exchange_srv
   Primary Dns Suffix  . . . . . . . : subdivision.division.company.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : subdivision.division.company.com
                                       division.company.com
                                       company.com

Ethernet adapter Broadcom NetXtreme Gigabit Ethernet Adapter - Onboard - Link A:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-0F-1F-6B-XX-XX
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : (IP of our mail server - this server)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.1.1
   DNS Servers . . . . . . . . . . . : (IP of our new 2008 DC server)
                                       (IP of a secondary 2003 DC"Site B")
   Primary WINS Server . . . . . . . : (IP of our new 2008 DC server)
   Secondary WINS Server . . . . . . : IP of a secondary 2003 DC "Site B")

PPP adapter RAC Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
   Physical Address. . . . . . . . . : 00-53-45-00-00-00
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.234.235
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . : (empty)
0
AzyreCommented:
http://support.microsoft.com/kb/313994

Take a look at that and make sure that you have another computer set-up as a GC.  
0
AzyreCommented:
How to create a new global catalog on the destination global catalog server
To create a new global catalog:
1.      On the domain controller where you want the new global catalog, start the Active Directory Sites and Services snap-in. To start the snap-in, click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
2.      In the console tree, double-click Sites, and then double-click sitename.
3.      Double-click Servers, click your domain controller, right-click NTDS Settings, and then click Properties.
4.      On the General tab, click to select the Global catalog check box to assign the role of global catalog to this server.
5.      Restart the domain controller.
Note Allow sufficient time for the account and the schema information to replicate to the new global catalog server before you remove the global catalog from the original domain controller.


You'll also want to make sure that you move over all the other FISMO roles if they were residing on the old PDC.
0
jab56Author Commented:
FYI - I see this error....

Event Type:      Warning
Event Source:      MSExchangeSA
Event Category:      OAL Generator
Event ID:      9327
Date:            10/16/2008
Time:            12:53:50 PM
User:            N/A
Computer:      PLEASMAIL
Description:
OALGen skipped some entries in the offline address list '\Global Address List'.  To see which entries are affected, event logging for the OAL Generator must be set to at least medium.
- Default Offline Address List

For more information, click http://www.microsoft.com/contentredirect.asp.
0
jab56Author Commented:
2080 error... I looked and i don't see this event in the event viewer.
0
jab56Author Commented:
FYI - in the GAL our local domain addresses show up however the  lists on other domains don't show up.
0
jab56Author Commented:
Hi Azyre, I looked and all of our domain contollers show that "Global Catalog" is checked. (even the new 2008 and the older 2003 DC)
0
Exchange_GeekCommented:
2080 is an informational item - not error.

Btw your NIC card setting looks fine - i think once the issue comes up it would be good to have a look again at what is going wrong.

Check the errors those appear at the time the issue came up.
0
AzyreCommented:
You shouldn't need them all to be GC's, and in fact you may want to only have the 08 server act as the GC (at least until you bring another machine up to 08)  Also this takes time to replicate so if it was just done you may need to wait for replication.  
0
jab56Author Commented:
sorry for not being clear... It the GAL does show the names for our domain however it does not show the names in the other subdivisions.  This issue has been going on for about 2 months since the day we replaced the main domain controller.

I'll look for the 2080 informational error. BTW would the 2080 msg be in the application Log?

Thanks everyone for your help.
0
Exchange_GeekCommented:
Requesting you to please look into the comment i had posted earlier

"""Also, please copy paste the screen shot as to what is this secondary address list."""

Event id 2080 is an informational event and not informational error.

Could you also increase OAL Generator under MSExchangeSA - server properties - diagnostic logging.
Once, done please rebuild Offline Address List under recepients. Please check events those follow from 9106 in application log - post any errors if you face. Thanks
0
jab56Author Commented:
-These other locations are syncrinized by "identity manager(?)".
-In the outlook 2003 client everything shows up just fine. (see screen shot 2)
untitled.GIF
untitled2.GIF
0
Exchange_GeekCommented:
Seems, to me that the offline mode client is not downloading the correct oab files. Please follow the steps given above.
0
jab56Author Commented:
CURRECTION - It does show everyone from all the departments.  It does not show them in the dropdown.

2080 Message:

Process MAD.EXE (PID=2176). DSAccess has discovered the following servers with the following characteristics:
 (Server name | Roles | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
New2008DC.ci.pleasanton.ca.us      CDG 7 7 1 0 1 1 7 1
Old2003DC.ci.pleasanton.ca.us      CDG 0 0 1 0 0 0 0 0
 Out-of-site:
offsiteDC1.ci.pleasanton.ca.us      CDG 0 0 1 0 0 0 0 0
OffsiteDC2.ci.pleasanton.ca.us      CDG 7 7 1 0 1 1 7 1
 
Then Again after I turned the older 2003 DC back on.....

Event Type:      Information
Event Source:      MSExchangeDSAccess
Event Category:      Topology
Event ID:      2080
Date:            10/17/2008
Time:            1:01:01 PM
User:            N/A
Computer:      PLEASMAIL
Description:
Process MAD.EXE (PID=2176). DSAccess has discovered the following servers with the following characteristics:
 (Server name | Roles | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
New2008DC.ci.pleasanton.ca.us      CDG 7 7 1 0 1 1 7 1
Older2003DC.ci.pleasanton.ca.us      CDG 7 7 1 0 1 1 7 1
 Out-of-site:
OffsiteDC1.ci.pleasanton.ca.us      CDG 0 0 1 0 0 0 0 0
OffisetDC2.ci.pleasanton.ca.us      CDG 7 7 1 0 1 1 7 1
 
0
jab56Author Commented:
When OLD DC was offline.....

Event Type:      Information
Event Source:      MSExchangeSA
Event Category:      OAL Generator
Event ID:      9106
Date:            10/17/2008
Time:            9:55:40 AM
User:            N/A
Computer:      MAILSERVER
Description:
Offline address list generation started.
- Default Offline Address List

For more information, click http://www.microsoft.com/contentredirect.asp.
0
jab56Author Commented:
a warning message....

Event Type:      Warning
Event Source:      MSExchangeSA
Event Category:      NSPI Proxy
Event ID:      9144
Date:            10/16/2008
Time:            4:59:56 PM
User:            N/A
Computer:      MAILSERVER
Description:
NSPI Proxy failed to connect to Global Catalog pleas_pdc.ci.pleasanton.ca.us over transport Rpc/HTTP.  This server is down or unreachable. Clients will not be directed to this GC until it is available again.
0
jab56Author Commented:
no luck on this ... we are going to let this sit for now until we do our exchange 2007 upgrade in a few months.

Thanks everyone for your help.
0
Exchange_GeekCommented:
"Global Catalog pleas_pdc.ci.pleasanton.ca.us" which box is this new2008 or old2003.

Since, you mentioned "We moved all the catalogs to the new 2008 server and removed them from the 2003 server - these all seem to be okay." and why would Exchange announce that we are not going to talk to this GC for a while - also if there is another GC - Exchange should announce it.

How many GC do you have locally in this site ????
0
jab56Author Commented:
Hello, The current three DCs have catalogs on them except the old 2003 server, "pleas_pdc", that we removed them from.  (we removed them from this server when we did the upgrade). So yeah, the pleas_pdc should not be showing up there.

BTW - I ran into this - (http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_22821237.html)  What if we update our mail server to windows server 2003 SP2?
0
Exchange_GeekCommented:
I haven't seen any major concern with SP2 - only problem was seen was with TCP/IP Packets - and MSFT has documented the fix for it long time back.
0
jab56Author Commented:
Close ticket.  We are going to be upgrading to Exchange 2007 soon and hopefully that will fix the problem.

Thanks.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.