Exchange services not running shows error

mishalk
mishalk used Ask the Experts™
on
I have a setup

CCR Clustered Mailbox Server
Windows server 2003 enterprise edition x64 - Mailbox1
Windows server 2003 enterprise edition x64 - Mailbox2
Exchange 2007 enterprise sp1

Hub Transport and Client Access Server
Windows server 2003 enterprise edition x64 - HUBCAS
Windows server 2003 enterprise edition x64 - HUBCAS


my ccr mail box server shows the following error

Source: MSExchange ADAccess
Category: Topology
Type: Error
Event ID: 2142
Description:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1300).
Topology discovery failed, error 0x8007077f.
----------------------------------------------
Source: MSExchangeRepl
Category: Service
Type: Error
Event ID: 2141
Description:
The Microsoft Exchange Replication Service attempted to start the RPC server but failed because an error occurred when attempting to read the Exchange Servers Universal Security Group SID from the Active Directory. Error message:
The Exchange Topology service on server localhost did not return a suitable domain controller.
-----------------------------------------------
Source:MSExchangeTransportLogSearch
Category: General
Type: Error
Event ID: 7005
Description:
Microsoft Exchange couldn't read the configuration from the Active Directory directory service because of error: Failed to load config due to exception: Microsoft.Exchange.Common.ExClusTransientException : The Windows Cluster service encountered an error during function ClusterOpenEnum. ---> System.ComponentModel.Win32Exception: The remote server has been paused or is in the process of being started
--- End of inner exception stack trace ---
at Microsoft.Exchange.Common.ExCluster.GetStoreResour cesOnCluster(ClusterHandle clusHandle)
at Microsoft.Exchange.Common.ExCluster.GetActiveCmsOn Node(String nodeName)
at Microsoft.Exchange.Data.Directory.NativeHelpers.Ge tLocalComputerFqdn(Boolean throwOnException)
at Microsoft.Exchange.Data.Directory.SystemConfigurat ion.ADSystemConfigurationSession.FindLocalServer()
at Microsoft.Exchange.Transport.LocalServerConfigurat ion.<>c__DisplayClass2.<TryLoadLocalServer>b__0()
at Microsoft.Exchange.Data.Directory.ADNotificationAd apter.RunADOperation(ADOperation adOperation, Int32 retryCount)
at Microsoft.Exchange.Data.Directory.ADNotificationAd apter.TryRunADOperation(ADOperation adOperation, Int32 retryCount).
--------------------------------------------------

Please help me to solve this.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Looks like you have DC/GC problems
Look for an MsExchange ADAccess, Topology, 2080 event in the application event log.

What does it contain?
Install windows support tools and run nltest /dsgetsite
This error is due to the fact that that dsgetsitename fails
Check AD Sites and Services to check if an appropriate subnet has been configured

Author

Commented:
i did run the command nltest /dsgetsite
it give me the site and said the command run successfully
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
in regards to the ad access warning
MsExchange ADAccess, Topology, 2601
Event Type:      Warning
Event Source:      MSExchange ADAccess
Event Category:      General
Event ID:      2601
Date:            4/21/2009
Time:            4:24:58 PM
User:            N/A
Computer:      UOB-SRV-MBX02
Description:
Process MSEXCHANGEADTOPOLOGY (PID=756). When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account <WKGUID=DC1301662F547445B9C490A52961F8FC,CN=Microsoft Exchange,CN=Services,CN=Configuration,...> - Error code=80040a01.
 The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Author

Commented:
dear FearNoMore:
i refered those links, i am not seeing any erros related to site
Try running policytest.exe
This utility is located in the
\i386\Server\Setup\ServerRoles\Common folder on the Microsoft Exchange
Server CD.
http://www.eggheadcafe.com/conversation.aspx?messageid=30083789&threadid=30083632
Also try running setup.com /preparead once again

Author

Commented:
hi FearNoMore:

i did run the policytest.exe the result is as follows

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common\policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>

Author

Commented:
i did some changes and now it shows
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/
'E:\exchange_CD_Files\Setup\ServerRoles\Common/' is not recognized as an interna
l or external command,
operable program or batch file.

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  !!! Right NOT found !!!
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  !!! Right NOT found !!!

C:\Documents and Settings\administrator.ADS>E:\exchange_CD_Files\Setup\ServerRol
es\Common/policytest.exe

This tool will check every domain controller in the local
domain to see if the "Manage auditing and security logs"
privilege granted to the "Exchange Enterprise Servers"
group by DomainPrep has replicated to that DC.  If the
policy change has not yet replicated to all DCs, then
you should avoid making policy changes on any DC that
has not received those changes yet.

You must have Domain Admin rights to run this tool
successfully.  If you see an error that says:
  !! LsaEnumerateAccountRights returned error 5 !!
then you don't have permission to open the LSA on the
given DC.


===============================================
Local domain is "ads.uob" (ADS)
Account is "ADS\Exchange Enterprise Servers"
========================
  DC      = "DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "DC2"
  In site = "IsaTown"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "UOB-SRV-DC1"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "UOB-SRV-PDNS"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"
========================
  DC      = "UOB-SRV-DC2"
  In site = "Sakheer"
  Right found:  "SeSecurityPrivilege"

C:\Documents and Settings\administrator.ADS>
Now check of you can start the Active Directory topology and the SA service

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial