Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8921
  • Last Modified:

Exchange services not running shows error

I have a setup

CCR Clustered Mailbox Server
Windows server 2003 enterprise edition x64 - Mailbox1
Windows server 2003 enterprise edition x64 - Mailbox2
Exchange 2007 enterprise sp1

Hub Transport and Client Access Server
Windows server 2003 enterprise edition x64 - HUBCAS
Windows server 2003 enterprise edition x64 - HUBCAS


my ccr mail box server shows the following error

Source: MSExchange ADAccess
Category: Topology
Type: Error
Event ID: 2142
Description:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1300).
Topology discovery failed, error 0x8007077f.
----------------------------------------------
Source: MSExchangeRepl
Category: Service
Type: Error
Event ID: 2141
Description:
The Microsoft Exchange Replication Service attempted to start the RPC server but failed because an error occurred when attempting to read the Exchange Servers Universal Security Group SID from the Active Directory. Error message:
The Exchange Topology service on server localhost did not return a suitable domain controller.
-----------------------------------------------
Source:MSExchangeTransportLogSearch
Category: General
Type: Error
Event ID: 7005
Description:
Microsoft Exchange couldn't read the configuration from the Active Directory directory service because of error: Failed to load config due to exception: Microsoft.Exchange.Common.ExClusTransientException : The Windows Cluster service encountered an error during function ClusterOpenEnum. ---> System.ComponentModel.Win32Exception: The remote server has been paused or is in the process of being started
--- End of inner exception stack trace ---
at Microsoft.Exchange.Common.ExCluster.GetStoreResour cesOnCluster(ClusterHandle clusHandle)
at Microsoft.Exchange.Common.ExCluster.GetActiveCmsOn Node(String nodeName)
at Microsoft.Exchange.Data.Directory.NativeHelpers.Ge tLocalComputerFqdn(Boolean throwOnException)
at Microsoft.Exchange.Data.Directory.SystemConfigurat ion.ADSystemConfigurationSession.FindLocalServer()
at Microsoft.Exchange.Transport.LocalServerConfigurat ion.<>c__DisplayClass2.<TryLoadLocalServer>b__0()
at Microsoft.Exchange.Data.Directory.ADNotificationAd apter.RunADOperation(ADOperation adOperation, Int32 retryCount)
at Microsoft.Exchange.Data.Directory.ADNotificationAd apter.TryRunADOperation(ADOperation adOperation, Int32 retryCount).
--------------------------------------------------

Please help me to solve this.
0
mishalk
Asked:
mishalk
  • 5
  • 4
  • 2
2 Solutions
 
flaphead_comCommented:
Looks like you have DC/GC problems
Look for an MsExchange ADAccess, Topology, 2080 event in the application event log.

What does it contain?
0
 
FearNoMoreCommented:
Install windows support tools and run nltest /dsgetsite
This error is due to the fact that that dsgetsitename fails
Check AD Sites and Services to check if an appropriate subnet has been configured
0
 
mishalkAuthor Commented:
i did run the command nltest /dsgetsite
it give me the site and said the command run successfully
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
mishalkAuthor Commented:
in regards to the ad access warning
MsExchange ADAccess, Topology, 2601
Event Type:      Warning
Event Source:      MSExchange ADAccess
Event Category:      General
Event ID:      2601
Date:            4/21/2009
Time:            4:24:58 PM
User:            N/A
Computer:      UOB-SRV-MBX02
Description:
Process MSEXCHANGEADTOPOLOGY (PID=756). When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account <WKGUID=DC1301662F547445B9C490A52961F8FC,CN=Microsoft Exchange,CN=Services,CN=Configuration,...> - Error code=80040a01.
 The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
mishalkAuthor Commented:
dear FearNoMore:
i refered those links, i am not seeing any erros related to site
0
 
FearNoMoreCommented:
Try running policytest.exe
This utility is located in the
\i386\Server\Setup\ServerRoles\Common folder on the Microsoft Exchange
Server CD.
http://www.eggheadcafe.com/conversation.aspx?messageid=30083789&threadid=30083632
Also try running setup.com /preparead once again
0
 
mishalkAuthor Commented:
hi FearNoMore:

i did run the policytest.exe the result is as follows

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common\policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>
0
 
mishalkAuthor Commented:
i did some changes and now it shows
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/
'E:\exchange_CD_Files\Setup\ServerRoles\Common/' is not recognized as an interna
l or external command,
operable program or batch file.

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"

C:\Documents and Settings\administrator.ADS>
0
 
FearNoMoreCommented:
Now check of you can start the Active Directory topology and the SA service
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now