Link to home
Start Free TrialLog in
Avatar of Rupert Eghardt
Rupert EghardtFlag for South Africa

asked on

Exchange 2007 - CAS Role Problem

Hi Guys,

Our MS Exchange server is completely down - after the following, and we need help ASAP:

1.  The server ran without any hiccups, when just before December we experienced a problem with OOF.  I end up calling MS for support and the problem was related to the AutoDiscover service.  The problem was linked to the security certificate.

MS instructed me to uninstall the CAS role from the server.
The plan was to reinstall the CAS role after a reboot and apply SP1 (which was previously installed), which should have resolve the problems altogether.

2.  After uninstalling the CAS role, rebooting the server, it does an initial install of the CAS role, but then gives an error message:

The role cannot be installed because the following roles are not current:   MailboxRole
(no errorcode, please see attachment)

3.  We then uninstalled the rollups (5 accumulative), and SP1.
I tried another few reboots, download / installed SP1 again.
Still the same error, the message store won't mount and I get the error about the "MailboxRole" not current.

4.  MS suggested that I extracted the dsproxy.dll from SP1 and copy it into the Exchange installation, I applied rollup-5.

It still fails to install the CAS role.

I am really desperate at this time, as I am not looking forward to rebuild the server, any help will be greatly appreciated.

(I don't know where the evaluation license-error comes from, as it is a fully registered server and never had this before)



Unexpected error The system could not find the environment option that was

Facility: Win32 ID no: c00700cb Microsoft Exchange System Attendant  occurred.

Unable to initialize the Microsoft Exchange Information Store service.   - Error

Error 0x80004005 initializing the Microsoft Exchange Server Internet Conversion

The DSProxy dll is required but cannot be loaded, error 'c00700cb'.

Invalid CPS Protection Agent license information. : The evaluation license
period has

expired. Please update the server with a new license key.


The Microsoft Exchange Information Store service terminated with
service-specific error 0


Avatar of Mestha
Flag of United Kingdom of Great Britain and Northern Ireland image

Not really sure why MS told you to reinstall CAS.
However if you have an open call with MS I would suggest that you pursue it with them further and get the call escalated.

The fact that CAS wouldn't install again would be a red flag to me that something else was wrong with the machine. If it was my system I would be planning to migrate to something else (even a temporary system) so that this one could be rebuilt. It obviously has issues and due to the complexity of the product, fixing them are not that easy. Reinstalling the roles is a very common method of resolving issues.

Was the server original RTM and then went to SP1?
If so, try running the SP1 update again. /mode:Upgrade
Put the rollup in the Updates directory, so that it is used.

Unfortunately, this is a common issue with rollup 4 & 5. Did you uninstall at least rollup 5? Microsoft has recommended this for your issue.

Most likely you probably are going to have to  reinstall a new CAS server. I have been on the phone with microsoft support several times with this. While I realize microsoft states the rollups are necessary, you will probably end up not going to 5 and maybe stop at 4 until microsoft can fix this. It will alleviate lots of frustration. I have been in your situation with several installs.

Wish I could be of more help with this.

Avatar of Rupert Eghardt


I think the reason for the CAS reinstallation was related to the AutoDiscover service.
MS asked for the AutoDiscover directories / service to be deleted / reinstalled, and after this process failed, I was asked to remove the CAS role.

The server was original RTM, but I think the problems started with SP1.  I remember when SP1 was initially released and installed the server did not recognise that SP1 was completely installed at first,
However upon re-installation it rejected the installation of SP1 - as it was already installed.

Rollup 5 was installed trying to resolve the AutoDiscover problems.

All roles are currently on one server, I know that MS suggests that the CAS runs seperately, it may be a good time to consider this change, although I don't think it will fix the current problem with the mailbox role?

I will try to apply SP1 again with the "upgrade" switch.
Is the updates directory part of SP1 or part of the initially installation?
SP1 is a complete install. Therefore your RTM CD/download file can disposed of or deleted, it will no longer be required.
The updates directory should be part of both, but of course Rollup 5 for RTM is different to rollup 5 for SP1.

The fact the service pack didn't install correctly should have raised a flag. That would be a sign that something wasn't right, and any other work done on the server may cause problems. You are most likely in this middle ground area now, between RTM and SP1. If the service pack doesn't install cleanly and continues to throw errors, a rebuild is probably going to be the only solution, because the actual application is damaged.

Separating the roles is only really justified on large sites. I have certainly built sites for 200 people more more and had everything on a single server. However as you have said, I don't think that would help with this issue because the problem is with the mailbox role, not CAS.

I will pursue the call with MS in the morning.
Hopefully we can rescue the installation.
Should it becomes necessary to rebuild, I will rebuild the installation on a new temporary PC box and keep the original server as a backup initially.

I made a copy of the database files already, will the new installation mount this database?  Or should I follow a specific route?
OWA, ActiveSync, IIS could wait till we're back on the main server - I guess?
If you have a spare machine you have two options.

1. Recover Server. This is where you pull the plug on the old one, The new one has the same name etc as the original. Install Exchange with recover server and then hope the databases mount.

2. Standard swing migration. This means building a replacement machine with a new name, installing Exchange and then moving the data using move mailbox and then replicating the public folders. The original server is then removed using add/remove programs.

Of the two, I only do the latter.
In this scenario, if the latter failed at the last point (Removing the server using add/remove programs) because of the application issue, then I would do another temporary build of Exchange (probably in a VM) to do a recover server installation. Once that installation was complete it was immediately removed to remove the server from the domain gracefully. Note that there are no manual removal instructions for Exchange 2007.

1.   Recover server:  If the new installation has the same server name, netbios name, IP, etc.  Will it mount the database - even with a completely new SID?

2.  With the standard swing migration, does the "move mailbox" operation create an external file to be transferred unto the new box?

As long as you don't touch the computer account, only reset it (ie don't delete it) then the settings are picked up by the domain. It is basically how you recover Exchange in the event of a server failure. It is all documented in some depth on Technet.

Sounds like you are thinking of export-mailbox (exmerge on Exchange 2003). Move mailbox is a MAPI task and moves the mailbox between two servers. It doesn't really "import" or use separate file. You have the two servers and the mailbox is moved between them. It is more than just the data, the information about eh mailbox is updated in the domain. If you have both servers running when the users start Outlook they are redirected automatically.

OK, new "target" server, same name, joined to the domain will pickup the SID info from AD?
But I first have to remove the old server from AD?  Will this not delete the computer account from AD?

I don't think option B will work in this scenario, as the message store fails to mount.  Am I correct to say that a fully operational "source" server i.t.o. the message store is required to use the move mailbox task via MAPI?

If the store doesn't mount then move mailbox is not an option.
Therefore recover server is the only choice you have.

You have to treat it as if you had lost the machine. Therefore do not delete the machine account, do not drop the machine from the domain. All you need to do is right lick on the machine in ADUC and choose Reset Computer Account. Then join the replacement machine to the domain using the same domain. It isn't so much as the SID, but the ID of the machine that is important.

It is really important that the machine account is not deleted at all. Deleting it and recreating it is not the same.

Once you start though, there is no going back. The original machine cannot be booted up connected to the network as you will have a machine clash. Therefore you need to have exhausted all other options before doing it.

Avatar of Rupert Eghardt
Rupert Eghardt
Flag of South Africa image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial