Solved

Exchange 2007 problems post-migration

Posted on 2011-02-15
10
1,375 Views
Last Modified: 2012-08-13
Hi
I was last month in the middle of an SBS2003 to SBS2008 migration, using the Swing Migration method, when a family issue forced me to hand over the job in progress to another individual for completion. Now I am back in the saddle and the customer is having problems with Exchange 2007 SP1 (rollup 10 installed). Specifically, they are having problems both sending and receiving emails *sometimes*, some of the Exchange services will not start after an update, and there are quite a few Exchange errors in the event logs.  I had hoped to revert to the point in the migration where I'd left it but the indiviual in quesiton overwrote the backups I'd made AND formatted the TempDC I was using so I have no fallback.  The TempDC is still listed in the AD and is also the routing group master. Using ADSIEdit I see may references to it but haven't changed any of them for fear of doing further damage.  It's such a mess I'm tempted to start from scratch but the client doesn't want that!

I am hoping someone here can help me with this.  The very first error I see in the Applicaiton Event Log is

CertificationAuthority    91   "Could not connect to the Active Directory. Active directory Certificate Services will retry when processing requres Active Directory access."
THEN
MSExchange ADAccess    2114    "Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1552). Topology discovery failed, error 0x80040952 (LDAP_LOCAL_ERROR (Client-side internal error or bad LDAP message)). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, "Microsoft LDAP Error Codes." Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers."

There are quite a few more if you want them.
Cheers
CW

0
Comment
Question by:Seedubya
  • 6
  • 4
10 Comments
 
LVL 4

Assisted Solution

by:RobertParten
RobertParten earned 250 total points
ID: 34901446
Hmmm, check AD sites and services and see if the temp DC is still listed, if so you can try to delete it and then restart the server. Best I can say at this point is take a backup of what you have and in the event that fails you can revert back.
0
 

Author Comment

by:Seedubya
ID: 34901591
Thanks for the VERY swift reply.
It's still listed alright. What are the potential pitfalls in deleting it?
0
 
LVL 4

Expert Comment

by:RobertParten
ID: 34901610
I had the same issue with mine, except that the DC no longer existed and I got those MSEXCHANGETOPOLOGY messages. I deleted the DC from it and ensured that the other DC was in tehre...in your case that should list itself.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:Seedubya
ID: 34901750
Ok, here goes....
0
 
LVL 4

Expert Comment

by:RobertParten
ID: 34901820
Let me know how it works out for you.
0
 

Author Comment

by:Seedubya
ID: 34902466
No improvement - I don't think the CA role is installed properly - which might be why I'm getting Error 91
0
 

Accepted Solution

by:
Seedubya earned 0 total points
ID: 34905155
All the exchange errors are now clear.
I managed this by setting the Exchange Topology Service to Delayed Startup, this appears to give the AD time to come up fully. All the services now start automatically.
I also re-installed my self-genned certificate which has cleared up the CA errors.

Thanks for trying.
0
 
LVL 4

Expert Comment

by:RobertParten
ID: 34906474
Good job on that! I generally don't use self-signed certs though and I wonder why you have to delay start the topology service...sounds like the migration was a little botched because you weren't there. I will keep your solution in my books in the event I run into this as well.
0
 

Author Comment

by:Seedubya
ID: 34916004
We use pop connectors and an ISP smarthost so no need for a proper cert. Although as I'm finding this may not be as clearcut as I thought in SBS2008.  See my other open question for the details on that.  Thanks again Robert.
0
 

Author Closing Comment

by:Seedubya
ID: 34941222
The answer did not directly help me. However it got me investigating other avenues which did help me so it was a catalyst.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
In-place Upgrading Dirsync to Azure AD Connect
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question