Solved

Event ID 8197 Exchange 2003 repeated application error

Posted on 2010-08-18
106
1,414 Views
Last Modified: 2012-05-10
After a very lengthy bout with an exchange 2003 migration / hardware change and successful removal of duplicate public folders I still have a reoccuring error

Event Type:      Error
Event Source:      MSExchangeFBPublish
Event Category:      General
Event ID:      8197
Date:            8/11/2010
Time:            2:50:04 PM
User:            N/A
Computer:      EXCHANGE
Description:
Error initializing session for virtual machine EXCHANGE. The error number is 0x80040111. Make sure Microsoft Exchange Store is running.

For more information, click http://www.microsoft.com/contentredirect.asp.

After reading the microsoft KB article it appears I am missing the ExchangeAdmin profile in my registry.  How can I resolve this error?
HBC2.JPG
0
Comment
Question by:HBCONET
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 48
  • 33
  • 25
106 Comments
 

Author Comment

by:HBCONET
ID: 33469176
Anyone out there?
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33469717
hey for some reason I missed it earlier..
Will check this
0
 

Author Comment

by:HBCONET
ID: 33488614
Help me someone :(
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 28

Expert Comment

by:sunnyc7
ID: 33491542
did you see Method 3 here ?
http://support.microsoft.com/kb/828764/en-us
0
 

Author Comment

by:HBCONET
ID: 33497479
Yes I saw method three and I have no exchange admin profile and the article doesn't say how to create one or how to resolve when the profile is missing.
Chris
0
 

Author Comment

by:HBCONET
ID: 33504548
anybody out there?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33504679
is the system attendant service running on this server?
0
 

Author Comment

by:HBCONET
ID: 33504695
Yes
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33504779
using adsiedit what do you see for the siteFolderServer under properties of:
CN=YourExchAdminGroup,CN=Administrative Groups,CN=YourExchOrg,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=yourdomain,DC=com
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33504810
you may want to consider creating new system folders
http://support.microsoft.com/kb/822444
0
 

Author Comment

by:HBCONET
ID: 33504989
I did that in my last question posted for duplicate public folders.  Please explain the path in adsiedit. I have an exchange 2003 server  I'm looking under cn=Configuration,dc=mydomain,dc=com for the above path correct?
0
 

Author Comment

by:HBCONET
ID: 33517837
Anybody got any suggestions?
0
 

Author Comment

by:HBCONET
ID: 33523045
Ok now I am recieving this error on my Bes 5.0.2 express server that has the exchange system manager installed on it.  
Event Type:      Warning
Event Source:      MSExchangeCDO
Event Category:      None
Event ID:      1639
Date:            8/25/2010
Time:            11:47:42 AM
User:            N/A
Computer:      ISA
Description:
The description for Event ID ( 1639 ) in Source ( MSExchangeCDO ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: EX:/O=HBCONET/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=AHERSHEY.
Data:
0000: 0f 01 04 80               ...¿    

It repeats for the same user every 10 mins and I have had one other user posting the warning once.

0
 

Author Comment

by:HBCONET
ID: 33523061
also on the exchange server am getting this error along with the event id 8197

Event Type:      Error
Event Source:      MSExchangeSA
Event Category:      MAPI Session
Event ID:      9175
Date:            8/25/2010
Time:            5:12:47 AM
User:            N/A
Computer:      EXCHANGE
Description:
The MAPI call 'OpenMsgStore' failed with the following error:
The information store could not be opened.
The logon to the Microsoft Exchange Server computer failed.
MAPI 1.0
ID no: 80040111-0286-00000000

For more information, click http://www.microsoft.com/contentredirect.asp.

0
 

Author Comment

by:HBCONET
ID: 33530988
Anybody Please????
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33531043
the 9175 typically occurs when a database is offline

i have a diagnostic idea, i am trying to test it...
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33531299
Open Exchange System Manager and browse down to your server
right-click and view the properties
go to the directory access tab
change the show to global catalog servers

then from a command prompt run the following replacing the dc=mydomain,dc=com to match your domain and replacing SERVERNAME with the global catalog server(s) shown from the previous step
ldifde -f output.ldf -d"dc= mydomain,dc= com " -t 3268 -p subtree -r"(&(objectclass=*)(name= SERVERNAME ))"

please post the output
0
 

Author Comment

by:HBCONET
ID: 33531503
I need some help with syntax??

U:\>ldifde -f output.ldf -d"dc= hbconet,dc= com " -t 3268 -p subtree -r"(&(objec
tclass=*)(name= SERVER1 ))"
Invalid Parameter: Bad argument '-ddc= hbconet,dc= com '

LDIF Directory Exchange

General Parameters
==================
-i              Turn on Import Mode (The default is Export)
-f filename     Input or Output filename
-s servername   The server to bind to (Default to DC of computer's domain)
-c FromDN ToDN  Replace occurences of FromDN to ToDN
-v              Turn on Verbose Mode
-j path         Log File Location
-t port         Port Number (default = 389)
-u              Use Unicode format
-w timeout      Terminate execution if the server takes longer than the
                specified number of seconds to respond to an operation
                (default = no timeout specified)
-h              Enable SASL layer encryption
-?              Help

Export Specific
===============
-d RootDN       The root of the LDAP search (Default to Naming Context)
-r Filter       LDAP search filter (Default to "(objectClass=*)")
-p SearchScope  Search Scope (Base/OneLevel/Subtree)
-l list         List of attributes (comma separated) to look for
                in an LDAP search
-o list         List of attributes (comma separated) to omit from
                input.
-g              Disable Paged Search.
-m              Enable the SAM logic on export.
-n              Do not export binary values
-x              Include deleted objects (tombstones)

Import
======
-k              The import will go on ignoring 'Constraint Violation'
                and 'Object Already Exists' errors
-y              The import will use lazy commit for better performance
                (enabled by default)
-e              The import will not use lazy commit
-q threads      The import will use the specified number of threads
                (default is 1)

Credentials Establishment
=========================
Note that if no credentials is specified, LDIFDE will bind as the currently
logged on user, using SSPI.

-a UserDN [Password | *]            Simple authentication
-b UserName Domain [Password | *]   SSPI bind method

Example: Simple import of current domain
    ldifde -i -f INPUT.LDF

Example: Simple export of current domain
    ldifde -f OUTPUT.LDF

Example: Export of specific domain with credentials
    ldifde -m -f OUTPUT.LDF
           -b USERNAME DOMAINNAME *
           -s SERVERNAME
           -d "cn=users,DC=DOMAINNAME,DC=Microsoft,DC=Com"
           -r "(objectClass=user)"
No log files were written.  In order to generate a log file, please
specify the log file path via the -j option.

U:\>
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33531558
no spaces after the "="

ldifde -f output.ldf -d"dc=hbconet,dc=com " -t 3268 -p subtree -r"(&(objectclass=*)(name=SERVER1 ))"
0
 

Author Comment

by:HBCONET
ID: 33531629
Invalid Parameter: Bad argument '-ddc=hbconet,dc=com'
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33531775
Can you just run

ldifde -f C:\export.ldf -v
and upload the file

we will look into the object from the file.

You are running this from the DC - correct ?

thanks
0
 

Author Comment

by:HBCONET
ID: 33531798
no I am running from the exchange server. I will run from the DC.
0
 

Author Comment

by:HBCONET
ID: 33531889
Here ya go!
export.txt
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33532074
Now run this

ldifde -f "c:\output2.ldf" -t 3268 -p subtree -d "dc=hbconet,dc=com" -r "(&(objectclass=*)(name=EXCHANGE))"
0
 

Author Comment

by:HBCONET
ID: 33532109
Here ya go!
output2.txt
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33532122
Jim.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33532517
i'm going to review shortly, still sick and struggling
0
 

Author Comment

by:HBCONET
ID: 33532611
ok thank you
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33532658
i may be losing my mind at this point, but it appears that this exchange server is also a domain controller
servicePrincipalName: ldap/exchange.hbconet.com
servicePrincipalName: ldap/exchange.hbconet.com:3268
servicePrincipalName: ldap/EXCHANGE
servicePrincipalName: ldap/EXCHANGE:3268

not only a domain controller, but also a global catalog
is this true?

if it is, then you need to move it into the Domain Controllers OU
0
 

Author Comment

by:HBCONET
ID: 33532721
no this is not a domain controller. The previous exchange server was  a DC.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33532780
@sunnyc7 - i only have a mixed 2007/2010 environment and I can't remember if this is expected for NSPI proxy of Outlook clients. i'm going to contact a client to pull this query for me in the mean time.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33532792
I have 2003 network, will check.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33532794
You've to give me sometime.. @ I am stuck with a client on a remote machine.
will post back.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33532835
i think we need to use ADSIEdit and remove the LDAP servicePrincipalNames
the exchange server could be attempting to query itself

we have the values in the ldf output file so it is safe to remove
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33532852
typcial values:
servicePrincipalName: exchangeMDB/mail.contoso.com
servicePrincipalName: exchangeMDB/MAIL
servicePrincipalName: exchangeRFR/mail.contoso.com
servicePrincipalName: exchangeRFR/MAIL
servicePrincipalName: SMTPSVC/MAIL
servicePrincipalName: SMTPSVC/mail.contoso.com
servicePrincipalName: HOST/MAIL
servicePrincipalName: HOST/mail.contoso.com
0
 

Author Comment

by:HBCONET
ID: 33532918
ok where exactly should I look for these values?  Cn=Configuration,Dc=hbconet,DC=com..CN=services?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33533111
under the domain configuration
CN=EXCHANGE,CN=Computers,DC=hbconet,DC=com
0
 

Author Comment

by:HBCONET
ID: 33533218
just remove the ldap strings all together or add the correct ldap server?
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33533252
Jim

2 ideas:
a) I am thinking of deleting SPN's which doesnt have a FQDN

These one's from the output here
http:#33532109

servicePrincipalName: exchangeRFR/EXCHANGE
servicePrincipalName: exchangeMDB/EXCHANGE
servicePrincipalName: ldap/EXCHANGE
servicePrincipalName: ldap/EXCHANGE:3268
servicePrincipalName: SMTPSVC/EXCHANGE
servicePrincipalName: HOST/EXCHANGE

--
b) I tested ADFind on 3 different networks with 3 differnet OS.
http://www.joeware.net/freetools/tools/adfind/index.htm

adfind -sc c:computername > c:\adfind.txt

I am pretty sure the errors are because there is no SPN for - LDAP/............GUID..........msdcs.domain.com > entry on HBCONET's ldifde

>servicePrincipalName: ldap/c92519a6-42ff-4695-8077-257e75958cd8._msdcs.CLIENTX.com / 2003
>servicePrincipalName: ldap/c23825f2-c3ab-431c-8fb5-23f6063f5c0b._msdcs.CLIENTy.com / 2000
>>servicePrincipalName: ldap/c27b05c7-0425-48cb-9279-a824642501cc._msdcs.CLIENTz.com / 2008

What do you think ?
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33533264
Jim
let me know
@ sorry for posting late. Was testing this on 3/4 networks.

2003 / 2000 / 2008 = Domain they are running right now.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33533293
Take back the last one @ MSDCS.
there is a MSDCS entry in the original export.txt

@ back to FQDN entry's
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33533350
Ok this is confusing

--------
2 different exports - from earlier.
Which one did you run from which server ?
Did you run both from the same server ?

SERVER1 is a GC - please confirm
there is a ldap entry for _msdcs in the first export.

--------
LDIFDE from DC - (EXCHANGE)

sAMAccountName: EXCHANGE$
sAMAccountType: 805306369
serverReferenceBL: CN=EXCHANGE,CN=Servers,CN=CorpOfficeSite,CN=Sites,CN=Configuration,DC=hbconet, DC=com
dNSHostName: exchange.hbconet.com
servicePrincipalName: ldap/exchange.hbconet.com
servicePrincipalName: ldap/exchange.hbconet.com:3268
servicePrincipalName: ldap/EXCHANGE
servicePrincipalName: ldap/EXCHANGE:3268
servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/exchange.hbconet.com:3268
servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/EXCHANGE:3268
servicePrincipalName: exchangeRFR/EXCHANGE
servicePrincipalName: exchangeRFR/exchange.hbconet.com
servicePrincipalName: exchangeMDB/EXCHANGE
servicePrincipalName: exchangeMDB/exchange.hbconet.com
servicePrincipalName: MSSQLSvc/exchange.hbconet.com:1433
servicePrincipalName: NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/exchange.hbconet.com
servicePrincipalName: DNS/exchange.hbconet.com
servicePrincipalName: HOST/exchange.hbconet.com/HBCONET
servicePrincipalName: HOST/exchange.hbconet.com/hbconet.com
servicePrincipalName: SMTPSVC/EXCHANGE
servicePrincipalName: SMTPSVC/exchange.hbconet.com
servicePrincipalName: HOST/EXCHANGE
servicePrincipalName: HOST/exchange.hbconet.com

===========

sAMAccountName: SERVER1$
sAMAccountType: 805306369
operatingSystem: Windows Server 2003
operatingSystemVersion: 5.2 (3790)
operatingSystemServicePack: Service Pack 2
serverReferenceBL: CN=SERVER1,CN=Servers,CN=CorpOfficeSite,CN=Sites,CN=Configuration,DC=hbconet,DC=com
dNSHostName: server1.hbconet.com
rIDSetReferences:CN=RID Set,CN=SERVER1,OU=Domain Controllers,DC=hbconet,DC=com

servicePrincipalName: MSSQLSvc/server1.hbconet.com:1067
servicePrincipalName: MSSQLSvc/server1.hbconet.com:1894
servicePrincipalName: MSSQLSvc/server1.hbconet.com:1066
servicePrincipalName: SMTPSVC/SERVER1
servicePrincipalName: SMTPSVC/server1.hbconet.com
servicePrincipalName: MSSQLSvc/server1.hbconet.com:1040
servicePrincipalName: ldap/server1.hbconet.com/ForestDnsZones.hbconet.com
servicePrincipalName: ldap/server1.hbconet.com/DomainDnsZones.hbconet.com
servicePrincipalName: exchangeAB/SERVER1
servicePrincipalName: exchangeAB/server1.hbconet.com
servicePrincipalName: MSSQLSvc/server1.hbconet.com:1172
servicePrincipalName: MSSQLSvc/server1.hbconet.com:1135
servicePrincipalName: NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/server1.hbconet.com
servicePrincipalName: GC/server1.hbconet.com/hbconet.com
servicePrincipalName: HOST/server1.hbconet.com/HBCONET
servicePrincipalName: HOST/SERVER1
servicePrincipalName: HOST/server1.hbconet.com
servicePrincipalName: HOST/server1.hbconet.com/hbconet.com
servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2/1a6b98cf-b1a4-4c7b-acf9-466ac468a839/hbconet.com
servicePrincipalName: LDAP/1a6b98cf-b1a4-4c7b-acf9-466ac468a839._msdcs.hbconet.com
servicePrincipalName: LDAP/server1.hbconet.com/HBCONET
servicePrincipalName: LDAP/SERVER1
servicePrincipalName: LDAP/server1.hbconet.com
servicePrincipalName: LDAP/server1.hbconet.com/hbconet.com
servicePrincipalName: DNS/server1.hbconet.com

0
 

Author Comment

by:HBCONET
ID: 33533423
Sry Jim i ran:  ldifde -f "c:\output2.ldf" -t 3268 -p subtree -d "dc=hbconet,dc=com" -r "(&(objectclass=*)(name=EXCHANGE))"
from the exchange server

Here it is from the DC
output2DC.txt
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33533471
There is no msdcs when you run ldifde from DC and there is one when you run it from Exchange ?

Jim @
how do we figure out this GUID
servicePrincipalName: LDAP/1a6b98cf-b1a4-4c7b-acf9-466ac468a839._msdcs.hbconet.com

HBCONET
Please confirm if Server1 is the global Catalog.

===================

sAMAccountName: EXCHANGE$
sAMAccountType: 805306369
serverReferenceBL: CN=EXCHANGE,CN=Servers,CN=CorpOfficeSite,CN=Sites,CN=Configuration,DC=hbconet,DC=com
dNSHostName: exchange.hbconet.com
servicePrincipalName: ldap/exchange.hbconet.com
servicePrincipalName: ldap/exchange.hbconet.com:3268
servicePrincipalName: ldap/EXCHANGE
servicePrincipalName: ldap/EXCHANGE:3268
servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/exchange.hbconet.com:3268
servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/EXCHANGE:3268
servicePrincipalName: exchangeRFR/EXCHANGE
servicePrincipalName: exchangeRFR/exchange.hbconet.com
servicePrincipalName: exchangeMDB/EXCHANGE
servicePrincipalName: exchangeMDB/exchange.hbconet.com
servicePrincipalName: MSSQLSvc/exchange.hbconet.com:1433
servicePrincipalName: NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/exchange.hbconet.com
servicePrincipalName: DNS/exchange.hbconet.com
servicePrincipalName: HOST/exchange.hbconet.com/HBCONET
servicePrincipalName: HOST/exchange.hbconet.com/hbconet.com
servicePrincipalName: SMTPSVC/EXCHANGE
servicePrincipalName: SMTPSVC/exchange.hbconet.com
servicePrincipalName: HOST/EXCHANGE
servicePrincipalName: HOST/exchange.hbconet.com
0
 

Author Comment

by:HBCONET
ID: 33533589
server1 is the DC and currently the ONLY DC
0
 

Author Comment

by:HBCONET
ID: 33533594
will be back in one hour (Lunch) :)
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33533596
go into ad sites and services and expand the CorpOfficeSite to view a list of servers
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33533625
serverReferenceBL: CN=EXCHANGE,CN=Servers,CN=CorpOfficeSite,CN=Sites,CN=Configuration,DC=hbconet,DC=com
states that your server EXCHANGE is a domain controller and currently is a member of the CorpOfficeSite AD Site

if that is not the case, then you need to clean out AD of these entries
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33533642
@endital
I am going with you @ exchange is probably a DC
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33533651
I need a break @ LDIFDE's and LDAP's.

brb in about 1-2 hrs
0
 

Author Comment

by:HBCONET
ID: 33534676
Ok Exchange and HBCExchange exist in AD sites and services. Both were old decommisioned DC. I reused the exchange Acct when I changed hardware and this info must have remained from them being DC's. Can I simply delete them from sites and services as both servers accts are NOT DC's ? Also what would be the next step?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33535272
yes, you need to remove these servers from there
http://support.microsoft.com/kb/216498
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33535807
We can always go into how were the DC's removed, but lets focus on the kb and remove the old dc's.

0
 
LVL 32

Expert Comment

by:endital1097
ID: 33535843
@sunncy7 - welcome back :)
0
 

Author Comment

by:HBCONET
ID: 33535849
I don't believe exchange was ever a DC but HBCEXCHANGE was dcpromo ed and removed from the network after the process no metadata was cleaned.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33535865
@endital
Thanks dude :)

HBCONET > Let me know when you are done with the process from Endital's kb link above.

thanks
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33535872
we need to make sure that the only servers listed in AD sites and services are active domain controllers
otherwise exchange may attempt to contact them for directory info
0
 

Author Comment

by:HBCONET
ID: 33535891
ok and running the kb from Server1 (my only dc) correct
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33535901
yes, that would be the best place
0
 

Author Comment

by:HBCONET
ID: 33536230
ok I only had server1 listed in the meta data so nothing to clean there. Removed all DNS A, CNAME, etc for the former HBCEXCHANGE and cleaned out AD sites and services and only list server1. Next? :)
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33536287
you'll need to restart exchange services to get the updates
0
 

Author Comment

by:HBCONET
ID: 33536367
ok restarted. Got  event id 8197 and 1005 :(  
0
 

Author Comment

by:HBCONET
ID: 33536395
Event Type:      Error
Event Source:      MSExchangeSA
Event Category:      Monitoring
Event ID:      1005
Date:            8/26/2010
Time:            4:29:00 PM
User:            N/A
Computer:      EXCHANGE
Description:
Unexpected error <<0xc1050000 - Network problems are preventing connection to the Microsoft Exchange Server computer. Contact your system administrator if this condition persists. MAPI was unable to load the information service emsabp.dll. Be sure the service is correctly installed and configured. Microsoft Exchange Address Book ID no: 00040380-0000-00000000>> occurred.

For more information, click http://www.microsoft.com/contentredirect.asp.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33536528
I will take a dig tomorrow @
0
 

Author Comment

by:HBCONET
ID: 33536549
Ok how about you endital 1097 ?  Thanks Sunnc7.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33536565
he is sick today :(
0
 

Author Comment

by:HBCONET
ID: 33536746
FYI this is attributtes for servicePrincipalName  
Chris
HBC2.JPG
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33536812
Will let you know chris.
I was on 3/4 networks today LDIFDE'ing and adfind'ing and comparing with your result.

Need to zoom out and think if i am missing something.

I guess @endital is doing the same thing.
he's sick though :(

Getwellsoonjim.
0
 

Author Comment

by:HBCONET
ID: 33536958
Ok thanks cya tommorrow
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33537055
Cya
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33537540
I will look some more tonight
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33538175
remove all of the ldap spn values for EXCHANGE to start
i am going to review the files now
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33538240
also now that these servers have been removed from ad sites and services run
setup /domainprep again
0
 

Author Comment

by:HBCONET
ID: 33541583
Good morning!  You want me to get rid of these correct?

servicePrincipalName: ldap/exchange.hbconet.com
servicePrincipalName: ldap/exchange.hbconet.com:3268
servicePrincipalName: ldap/EXCHANGE
servicePrincipalName: ldap/EXCHANGE:3268
servicePrincipalName:
 E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/exchange.hbconet.com:3268
servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2-ADAM/EXCHANGE:3268

Also does it matter where I use ADSIEdit? Exchange or DC?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33541646
i would run it from the DC
i would also run the exchange setup with the /domainprep switch after these changes, refresh the domain permissions and groups
0
 

Author Comment

by:HBCONET
ID: 33541679
Exchange setup?  Using the cd's for exchange?  
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33541727
yes, from a command prompt run setup /domainprep
0
 

Author Comment

by:HBCONET
ID: 33541913
ok I ran the command . So far no 8197 error
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33541937
great, so far
just to keep you up to speed since this has been a long thread
the changes we made were simply correcting some directory issues from orphaned AD objects that happen to be your current production exchange server

a good test now would be to restart the system attendant again
0
 

Author Comment

by:HBCONET
ID: 33541959
ok just got another 8197 error
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33542006
what about the 1005? i think they are all tied together under the same issue, but one may be resolved before the other. namely i think the 8197 needs one or two more steps.

can you check that registry key again now to see if the EXadmin<Guid> key is present? the start of the thread :)
0
 

Author Comment

by:HBCONET
ID: 33542055
Yes I got a 1005 as well and no Exadmin Guid under profiles :(.
0
 

Author Comment

by:HBCONET
ID: 33542194
Well one promising site is I noticed that users are logged into the public folders. Previously only the NT/authority was the only one logged to the new public folders
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33542211
that is progress, so the users can no access public folders via outlook
my next questiong was going to be, are all the exchange services running, but that answers it
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33542238
i'd like to verify the results of what we've done to by running this again

ldifde -f output.ldf -d"dc= yourdomain,dc= com " -t 3268 -p subtree -r"(&(objectclass=*)(name= SERVER1 ))"

thanks, we're getting there
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33542263
@endital
This deserves an article of it's own.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33542306
@sunnyc7 - we've met the character limit, soon we'll have the number of posts equal to that :)  i love a good challenge
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33542396
:))

@ldifde

You can download and use ADFIND too
http://www.joeware.net/freetools/tools/adfind/index.htm

extract to desktop / c:\adfind\
start > run > cmd
cd to where you extracted

adfind -sc c:SERVERNAME

<-- heavily promoting joeware after I found those tools.
0
 

Author Comment

by:HBCONET
ID: 33542459
Here ya go
output3.txt
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33542489
You ran this from server1 - the DC ?

I see a
servicePrincipalName: LDAP/1a6b98cf-b1a4-4c7b-acf9-466ac468a839._msdcs.hbconet.com

Which was not there earlier.
0
 

Author Comment

by:HBCONET
ID: 33542521
I ran this from the exchange.  
  ldifde -f "c:\output4.ldf" -t 3268 -p subtree -d "dc=hbconet,dc=com" -r "(&(objectclass=*)(name=exchange))"
output4.txt
0
 

Author Comment

by:HBCONET
ID: 33542628
Why did the these return?

servicePrincipalName: ldap/exchange.hbconet.com
servicePrincipalName: ldap/exchange.hbconet.com:3268
servicePrincipalName: ldap/EXCHANGE
servicePrincipalName: ldap/EXCHANGE:3268
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33544013
are you sure this server had dcpromo run against it to demote it? it sounds like a service is re-registering these spn values.
0
 

Author Comment

by:HBCONET
ID: 33554702
Could it be the adam instance that is loaded on this exchange server?  I loaded the instance for Webroot(Our mailsweeper servers off sight) to be able to use ldap for sucessful authentification of Domain email accounts.
0
 

Author Comment

by:HBCONET
ID: 33554704
It blocks email comming from non-user accounts
0
 

Author Comment

by:HBCONET
ID: 33554727
Getting these outlook sync errors
Geeting these sync errors in outlook

17:55:02 Synchronizing server changes in folder 'Deleted Items'
17:55:02 Downloading from server 'exchange.hbconet.com'
17:55:32          120 item(s) added to offline folder
17:55:32          85 item(s) deleted in offline folder
17:55:32 Synchronizing server changes in folder 'Junk E-mail'
17:55:32 Downloading from server 'exchange.hbconet.com'
17:55:32 Downloading from server 'exchange.hbconet.com'
17:55:32          1 view(s)/form(s) updated in offline folder
17:55:32          1 view(s)/form(s) deleted in offline folder
17:55:32 Error synchronizing folder
17:55:32              [8004010F-501-8004010F-0]
17:55:32              The client operation failed.
17:55:32              Microsoft Exchange Information Store
17:55:32              For more information on this failure, click the URL below:
17:55:32              http://www.microsoft.com/support/prodredirect/outlook2000_us.asp?err=8004010f-501-8004010f-0
17:55:32 Done
17:55:32 Microsoft Exchange offline address book
17:55:32       0X8004010F
0
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 250 total points
ID: 33554808
Can you run best practices analyzer
Exchange 2003


Google for
Download exchange 2003 bpa and click on the first download link


8004010f is oab sync error
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33554813
Oab is distributed threough public folders

Will post when I get home in a few hrs

0
 
LVL 32

Assisted Solution

by:endital1097
endital1097 earned 250 total points
ID: 33555004
that adam instance would explain the ldap spn values and could be the potential issue
that should not be running on the exchange server
0
 

Author Comment

by:HBCONET
ID: 33555022
I'll remove it. I ran the analyzer and fixed this citical issue.
HBC2.JPG
0
 

Author Comment

by:HBCONET
ID: 33555035
Got Rid of Adam and got this error.

Event Type:      Error
Event Source:      MSExchangeFBPublish
Event Category:      General
Event ID:      8207
Date:            8/29/2010
Time:            7:53:47 PM
User:            N/A
Computer:      EXCHANGE
Description:
Error updating public folder with free-busy information on virtual machine EXCHANGE. The error number is 0x8004010f.

For more information, click http://www.microsoft.com/contentredirect.asp.
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33555194
that error is object not found

use system manager to browse the system folders to ensure it is present
you can also select to update the offline address book
0
 

Author Comment

by:HBCONET
ID: 33555220
Yep I did that and browsered to the correct folder even though it was listed the same except this time I was able to rebuild the default offine address book. I dismounted the information store and then remounted it. I got my last 8197 error approximately one hour ago before removing ADAM. Only got the one  error 8207.  I then proceeded to restart all exchange services including system attendant and noticed  I had no 1005 error and no 8197!!!! So far looking good!!!!!!
0
 
LVL 32

Expert Comment

by:endital1097
ID: 33555290
that's good news...
are you still getting the 0x8004010f error

so to summarize, this server was still listed in AD Site and Services as a DC and had ADAM installed
two good reasons to have directory lookup issues
0
 

Author Closing Comment

by:HBCONET
ID: 33555296
The best practices analyzer located a critical issue combined with removing ADAM and rebuilding the offline address book has fixed all issues including the outlook sync problem.  Thanks for working this out Sunnyc7 and endital1097 especially on a Sunday evening!
0
 

Author Comment

by:HBCONET
ID: 33555300
Yes you are correct and thank you so much! This thing was driving me crazy!
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question