• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1380
  • Last Modified:

Exchange 2007 problems post-migration

Hi
I was last month in the middle of an SBS2003 to SBS2008 migration, using the Swing Migration method, when a family issue forced me to hand over the job in progress to another individual for completion. Now I am back in the saddle and the customer is having problems with Exchange 2007 SP1 (rollup 10 installed). Specifically, they are having problems both sending and receiving emails *sometimes*, some of the Exchange services will not start after an update, and there are quite a few Exchange errors in the event logs.  I had hoped to revert to the point in the migration where I'd left it but the indiviual in quesiton overwrote the backups I'd made AND formatted the TempDC I was using so I have no fallback.  The TempDC is still listed in the AD and is also the routing group master. Using ADSIEdit I see may references to it but haven't changed any of them for fear of doing further damage.  It's such a mess I'm tempted to start from scratch but the client doesn't want that!

I am hoping someone here can help me with this.  The very first error I see in the Applicaiton Event Log is

CertificationAuthority    91   "Could not connect to the Active Directory. Active directory Certificate Services will retry when processing requres Active Directory access."
THEN
MSExchange ADAccess    2114    "Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1552). Topology discovery failed, error 0x80040952 (LDAP_LOCAL_ERROR (Client-side internal error or bad LDAP message)). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, "Microsoft LDAP Error Codes." Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers."

There are quite a few more if you want them.
Cheers
CW

0
Seedubya
Asked:
Seedubya
  • 6
  • 4
2 Solutions
 
RobertPartenCommented:
Hmmm, check AD sites and services and see if the temp DC is still listed, if so you can try to delete it and then restart the server. Best I can say at this point is take a backup of what you have and in the event that fails you can revert back.
0
 
SeedubyaAuthor Commented:
Thanks for the VERY swift reply.
It's still listed alright. What are the potential pitfalls in deleting it?
0
 
RobertPartenCommented:
I had the same issue with mine, except that the DC no longer existed and I got those MSEXCHANGETOPOLOGY messages. I deleted the DC from it and ensured that the other DC was in tehre...in your case that should list itself.
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
SeedubyaAuthor Commented:
Ok, here goes....
0
 
RobertPartenCommented:
Let me know how it works out for you.
0
 
SeedubyaAuthor Commented:
No improvement - I don't think the CA role is installed properly - which might be why I'm getting Error 91
0
 
SeedubyaAuthor Commented:
All the exchange errors are now clear.
I managed this by setting the Exchange Topology Service to Delayed Startup, this appears to give the AD time to come up fully. All the services now start automatically.
I also re-installed my self-genned certificate which has cleared up the CA errors.

Thanks for trying.
0
 
RobertPartenCommented:
Good job on that! I generally don't use self-signed certs though and I wonder why you have to delay start the topology service...sounds like the migration was a little botched because you weren't there. I will keep your solution in my books in the event I run into this as well.
0
 
SeedubyaAuthor Commented:
We use pop connectors and an ISP smarthost so no need for a proper cert. Although as I'm finding this may not be as clearcut as I thought in SBS2008.  See my other open question for the details on that.  Thanks again Robert.
0
 
SeedubyaAuthor Commented:
The answer did not directly help me. However it got me investigating other avenues which did help me so it was a catalyst.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now