[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 539
  • Last Modified:

Help! AD/Exchange in Win 2003 SBS not working.

Hi Everyone,

Big problem on our SBS 2003 server.  Exchange 2003 won't start.  Also, SBS server couldn't recognize it's name or domain.  I've re-seized all the roles, cleaned up DNS, seems to have helped somewhat.  

When I type nltest /sc_query:domainName, I get the following error
Status=1355 0x54b ERROR_NO_SUCH_DOMAIN

Exchange's Information Store service won't start.  Basically, Exchange can't find it's name in AD.  I get the following errors in Application event log, all from Exchange System Attendant.

--------------
Microsoft Exchange System Attendant was unable to find the Exchange server object named 'SERVERNAME' in the Active Directory. All known Domain Controllers were checked for this object.

Microsoft Exchange System Attendant failed to start Exchange server 'SERVERNAME'. Error code '0x80072030'.
--------
Any help is greatly appreciated.

Thanks in advance,
Theo



0
Theodosios
Asked:
Theodosios
  • 9
  • 6
  • 5
  • +1
1 Solution
 
LongtimeMCSECommented:
How many servers do you have? I'm going to proceed assuming a single SBS 2003 box.
Make sure DNS is working, AD integrated.
Make sure the server is pointing to itself for DNS
Do an IPCONFIG /REGISTERDNS
Stop & restart the NETLOGON service
from a command prompt, run (optional install of Support Tools) DCDIAG
 
 
0
 
TheodosiosAuthor Commented:
LongtimeMCSE, currently one server, but previously I had added 2 member servers so I could perform a SBS Swing Migration. (www.sbsmigration.com).  DNS is up and running, cleaned up of any old server entries.  Would re-installing Exchange re-add the server name into Active Directory without deleting the store or e-mails?

Thanks,

Theo
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LongtimeMCSECommented:
That would be a really bad idea! Please don't.
I'm familiar with the swing migration procedure and have used it for numerous clients. So you have the initial server; why have you added *2* member servers? Have you DCPROMO'd either of them?
0
 
TheodosiosAuthor Commented:
Swing Migration requires 2, 1 for a temp, and one for the final.  They were DCPROMO'd, had a lot of Active Directory errors, so I removed AD from them and took them offline.  I didn't expect it to have any impact on the production server, and it nay have.

I ran the DCDIAG, and I get the following output...

-------------------------------
Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\SERVERNAME
      Starting test: Connectivity
         ......................... SERVERNAMEpassed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\TRILLYSSVR
      Starting test: Replications
         ......................... SERVERNAMEpassed test Replications
      Starting test: NCSecDesc
         ......................... SERVERNAMEpassed test NCSecDesc
      Starting test: NetLogons
         ......................... SERVERNAMEpassed test NetLogons
      Starting test: Advertising
         Warning: SERVERNAMEis not advertising as a time server.
         ......................... SERVERNAMEfailed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SERVERNAMEpassed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SERVERNAMEpassed test RidManager
      Starting test: MachineAccount
         ......................... SERVERNAMEpassed test MachineAccount
      Starting test: Services
            IsmServ Service is stopped on SERVERNAME
            w32time Service is stopped on SERVERNAME
         ......................... SERVERNAMEfailed test Services
      Starting test: ObjectsReplicated
         ......................... SERVERNAMEpassed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SERVERNAMEpassed test frssysvol
      Starting test: frsevent
         ......................... SERVERNAMEpassed test frsevent
      Starting test: kccevent
         ......................... SERVERNAMEpassed test kccevent
      S            
         ......................... SERVERNAMEfailed test VerifyReferences
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : companyname
      Starting test: CrossRefValidation
         ......................... companyname passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... companyname passed test CheckSDRefDom
   
   Running enterprise tests on : companyname.local
      Starting test: Intersite
         ......................... companyname.local passed test Intersite
      Starting test: FsmoCheck
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
         A Good Time Server could not be located.
         ......................... companyname.local failed test FsmoCheck

Thanks,
Theo
0
 
LongtimeMCSECommented:
I've always added the temp to the production domain, then added the final to the temp only after the temp was taken off the production network.
...especially since the final should have the same name as the original server...
 
Anyway,
 
Ismserv is benign.
Looks like you need a time server though; start the w32time service and set an external  time source.
 
Also, try running NETDIAG. Let's see what we get there.
0
 
TheodosiosAuthor Commented:
Why do I need an external time source?  We've never used one.  How do I set the extrnal time source?

Here are the Netdiag results...

Netcard queries test . . . . . . . : Failed
    GetStats failed for 'Intel(R) PRO/100 S Server Adapter #2'. [ERROR_INVALID_FUNCTION]
    GetStats failed for 'Intel(R) PRO/100 S Server Adapter'. [ERROR_INVALID_FUNCTION]
    GetStats failed for 'Linksys EG1032 v3 Instant Gigabit Desktop Network Adapter Driver'. [ERROR_INVALID_FUNCTION]
    [FATAL] - None of the netcard drivers provided satisfactory results.



Per interface results:

    Adapter : Server Local Area Connection


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Passed

    Adapter : Local Area Connection

        Netcard queries test . . . : Failed
        NetCard Status:          UNKNOWN

        Host Name. . . . . . . . . : SERVERNAME
        IP Address . . . . . . . . : xxx.xxx.xxx.xxx
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . :

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Passed
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

    Adapter : Network Connection - Internet

        Netcard queries test . . . : Failed
        NetCard Status:          UNKNOWN

       

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Skipped
            NetBT is disabled on this interface. [Test skipped]

        WINS service test. . . . . : Skipped
            NetBT is disable on this interface. [Test skipped].

    Adapter : {2944E420-7967-45CD-B3F1-08D6AC84257D}

        Netcard queries test . . . : Passed

       
        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Skipped
            NetBT is disabled on this interface. [Test skipped]

        WINS service test. . . . . : Skipped
            NetBT is disable on this interface. [Test skipped].


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{6B0BE277-92A3-4EC2-B748-09A79B900F84}
        NetBT_Tcpip_{0E5CA40E-F9D8-40EC-B105-4D5DF9D41572}
    2 NetBt transports currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'SERVERNAME.DOMAINNAME.local.'. [ERROR_TIMEOUT]
            The name 'SERVERNAME.DOMAINNAME.local.' may not be registered in DNS.
    PASS - All the DNS entries for DC are registered on DNS server '110.110.110.11' and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{6B0BE277-92A3-4EC2-B748-09A79B900F84}
        NetBT_Tcpip_{0E5CA40E-F9D8-40EC-B105-4D5DF9D41572}
    The redir is bound to 2 NetBt transports.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{0E5CA40E-F9D8-40EC-B105-4D5DF9D41572}
        NetBT_Tcpip_{6B0BE277-92A3-4EC2-B748-09A79B900F84}
    The browser is bound to 2 NetBt transports.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

-------------

Thanks,

Theo

0
 
LongtimeMCSECommented:
NET TIME /QUERYSNTP - shows configured time source
NET TIME /SETSNTP:"192.5.41.40 192.5.41.41" uses Tick & TOCK at the USNO. You only have to set this on the PDC emulator (time source = PDC role)
 
How many NICs do you have installed? Are they all in use? Have you tried rebooting since goign through any of my steps?
0
 
TheodosiosAuthor Commented:
Thanks, I'm using 192.5.41.40 now.
This SBS server has 3 physical NICs and 1 for dial-in, all are  in use.  I've rebooted about an hour ago.

Directory Service event log shows our domain in the global catalogue.

Thanks,

Theo

0
 
TheodosiosAuthor Commented:
Also, if I open ADSIEDIT, the server is shown as the Schema Master correctly.

If I open Active Directory Sites and Services GUI, and if I expand the Services folder, and then the Microsoft Exchange folder, there is a folder in there called Active Directory Connections and it's empty.  Should it be?

Thanks,

Theo
0
 
LongtimeMCSECommented:
May be left over from Exchange 2000. I don't have that on a base SBS 2003 build.
0
 
fnkylinguistCommented:
Theodosios, sounds like you have a DNS problem here.  Microsoft Exchange System Attendant was unable to find the Exchange server object named 'SERVERNAME' in the Active Directory. All known Domain Controllers were checked for this object.

This error tells you that you do not have a name in Active Directory for your exchange server.  The first thing that I would do is ensure that I have cleaned up the failed two servers in the domain, especially if any of them ever had Exchange on them.  

1.> Metadata cleanup is the first step.   http://technet.microsoft.com/en-us/library/cc736378.aspx
2.> After you've done that make sure that a computer account exists for your current SBS box.
3>  Make sure that DNS is up and running and that this box is pointed to itself as the DNS server.  (I.E.  192.168.1. 1 255.255.255.0 DNS:  192.168.1.1)  This is very important as Exchange needs access to DNS and the Domain naming master to start.
4.>  Ensure that DNS is configured correctly.  Theres a good chance that this is where your problem resides.  
4a.>  Exchange uses this ( _msdcs.yourdomain.here) to locate the GC and the Master so make sure this is present and that your master and GC are present.
4b.>  Make sure that there is a zone for this domain and that it has an associated MX record.  Your mx record should exist in the zone that your exchange server belongs to.  

When all these are correct, your store should at least mount.   Let me know if this helps.
0
 
fnkylinguistCommented:
If I open Active Directory Sites and Services GUI, and if I expand the Services folder, and then the Microsoft Exchange folder, there is a folder in there called Active Directory Connections and it's empty.  Should it be?

Yes

I wouldn't poke around here or you'll end up reinstalling your exchange server.  Unless you were having big problems with the box before, you should assume that Exchange is working properly.
0
 
TheodosiosAuthor Commented:
Hi,

All looks fine in DNS.   Also, I've successfully seized the Roles.

However, in the ntdsutil > metadata cleanup, when I go to "list sites in domain", it tells me No Current Site, No Current Domain, No Current Server, no Current Naming Context.
When I asked it to "list servers in site", it came back with the 1 correct SBS server.

Theo

0
 
TheodosiosAuthor Commented:
How do I mount the Store manually?  I can't start the Exchange Information Store service or the Exchange System Attendant service.

I downloaded and ran Microsoft's Exchange Best Practices Analyzer and when I try "Connect to Active directory Server,"   I get the error "No Exchange organization container found in domain.

Thanks,

Theo
0
 
LongtimeMCSECommented:
In NTDSUTIL, have you done the Connect to Server? and connect to domain?
If you're not conenected to a domain, you won't see any sites
 
0
 
TheodosiosAuthor Commented:
Oaky, in ntdsutil, when I type "list domains in site," it shows me the domain, but then it says No current Server, and No Current Naming Context.

When I tyoe "List Servers in Site", it shows me the correct server.

Thanks,
Theo
0
 
fnkylinguistCommented:
Theodosios,

you mentioned up above that this is an SBS 2003 correct?  Can you post the complete IP address configuration of this box?  I'll need IP, subnet, gateway and dns.
0
 
fnkylinguistCommented:
Remember, that the only reason that you're doing metadata cleanup is b/c of a failed demotion.  This can be handled later but for now lets get your store mounted.  Here is a better link for the metadata cleanup.

http://support.microsoft.com/kb/216498
0
 
TheodosiosAuthor Commented:
Hi fnkylinguist,

I'm not allowed to send out I.P.  infomation, for security reasons.  I've already completed the metadata cleanup, and the old Domain Controllers are removed.  Only the main SBS 2003 server remains.  

How does one get a store mounted?

Thanks,
Theo
0
 
fnkylinguistCommented:
OK.  Make sure that this SBS2003 box has all the roles and especially this one, Domain naming master.  Make sure that this box is also a global catalog server.  Please run this command, dcdiag /test:dns and post the results.
0

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

  • 9
  • 6
  • 5
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now