Change Global Catalogue affects Exchange 2007

Hello,

I am trying to change the Global catalague in our domain. I have went to Active Directory Sites and Services and changed the GC to the other 2 gc servers I wanted. I rebooted the Exchange server and it still does not see the new GC. It seems to be pointing to on particular GC. I went to EMC and right clicked on the Recipient Configuration and selected the specific GC i want it to use and then rebooted the server and it still uses the old GC.

Why can't I change the GC that it is pointing to?Also, I thought that once you restart the exchange topology service it will look for the first avaliable GC.
rha_mtlAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
MichaelVHConnect With a Mentor Commented:
What version of Exchange 2007 are you running?

Something just struck me: There is a known issue with Exchange 2007 SP2 and Windows Server 2008 R2 DCs.
Normally, you cannot upgrade to SP2 when having 2008R2, but since you had a 2003 DC in the game that was possible.

So, if you have SP2 and you did not apply the "patch" for Server 2008R2; that would explain why Exchange 2007 is failing when you remove the 2003 DC.

Try following the steps outlined in this article please:
http://msexchangeteam.com/archive/2009/09/15/452494.aspx

Kind regards,

Michael
0
 
BusbarSolutions ArchitectCommented:
is it picking a functional one or an old removed one!
0
 
Mike KlineCommented:
Just one thing; how big is your domain?  The reason I ask is because you should try to make all your DCs GCs.

Thanks

Mike
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
MichaelVHCommented:
Did you try selecting another Configuration DC?
http://technet.microsoft.com/en-us/library/aa998227(EXCHG.80).aspx
0
 
rha_mtlAuthor Commented:
My domain is very small. 3 DC's and they are GC's. I want to remove one of them. Lets say I deselect dc2 and then restart the server I can't connect to the server via outlook. I wait 20 minutes and still nothing. I select dc2 again as GC and now I can connect.  

I have selected dc1 as the configuration domain controller which is the one I want and this one is also a GC.
0
 
NavdeepCommented:
Hi,

unless you have hardcoded the GC exchange will not pickup the DC/GC of your own choice. The reason being that DC/GC selection is an automatic process. Exchange will look for DC/GC in its own site first and then out of site, in case if you have your DC/GC in same site so exchange will automatically pickup the one. If you haven't change the default DC/GC selection. Once you demote the GC exchange will automatically select the new DC/GC
0
 
rha_mtlAuthor Commented:
This is what its suppose to do, I know. But when I unselect a gc. Exchange outlook clients can no longer connect the exchange server. Only until I select that GC again does clients.

This is what I did I removed the gc and then restarted the topolgy service and this is one of the errors in the event viewer

 Unhandled Exception "Could not find any available Global Catalog in forest abc.ca."
Stack Trace:    at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)

The onnly thing that is different is that this is a windows 2003 gc server dc and the other 2 that are to be used are windows 2008 r2 servers. Does this make a difference
0
 
rha_mtlAuthor Commented:
This is another error from the Transport service

The service will be stopped. Reason: Microsoft.Exchange.Transport.TransportComponentLoadFailedException: Loading of component 'SmtpOutConnectionHandler' failed. ---> Microsoft.Exchange.Transport.TransportComponentLoadFailedException: Microsoft Exchange couldn't read the configuration from the Active Directory directory service. ---> Microsoft.Exchange.Data.Directory.SystemConfiguration.ErrorExchangeGroupNotFoundException: The Exchange group with GUID "6c01d2a7-f083-4503-8132-789eeb127b84" was not found. This group was automatically created during Exchange Setup, but has been subsequently removed. ---> Microsoft.Exchange.Data.Directory.ADTransientException: Could not find any available Global Catalog in forest abc.ca.
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType)
   at Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String preferredServer, Boolean isWriteOperation, Boolean isNotifyOperation, ADObjectId& rootId)
   at Microsoft.Exchange.Data.Directory.ADSession.GetReadConnection(String preferredServer, ADObjectId& rootId)
   at Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCreator, CreateObjectsDelegate arrayCreator)
   at Microsoft.Exchange.Data.Directory.ADSession.FindByWellKnownGuid[TResult](Guid wellKnownGuid, String containerDN)
   at Microsoft.Exchange.Data.Directory.ADSession.ResolveWellKnownGuid[TResult](Guid wellKnownGuid, String containerDN)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ReceiveConnector.PermissionGroupPermissions.<>c__DisplayClass1.<GetSidForExchangeKnownGuid>b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ReceiveConnector.PermissionGroupPermissions.GetSidForExchangeKnownGuid(ADRecipientSession session, Guid knownGuid, String containerDN)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.SmtpSendConnectorConfig.GetDefaultPermission()
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.SmtpSendConnectorConfig.GetDefaultSDForEnterpriseRelayConnector()
   at Microsoft.Exchange.Protocols.Smtp.SmtpOutConnectionHandler.Load()
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Protocols.Smtp.SmtpOutConnectionHandler.Load()
   at Microsoft.Exchange.Transport.SequentialTransportComponent.<>c__DisplayClass2.<Load>b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Transport.SequentialTransportComponent.Load()
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Transport.SequentialTransportComponent.Load()
   at Microsoft.Exchange.Transport.Components.Activate()

For more information, see Help and Support Center at
0
 
MichaelVHCommented:
That 2003 DC? what version is it? Is it SP1+?
0
 
rha_mtlAuthor Commented:
It is Windows 2003 SP2 Enterprise
0
 
MichaelVHCommented:
It seems that a Exchange Security Group cannot be found. The Group's GUID is "6c01d2a7-f083-4503-8132-789eeb127b84".
What you should do is take a look here:
http://technet.microsoft.com/en-us/library/bb288907(EXCHG.80).aspx

Check first, which group (and if) is missing. Use the guide to "repair" the security groups.
0
 
rha_mtlAuthor Commented:
isn't it odd though that once i set it back to gc with 2003 sp2 exchange works fine.As soon as I remove the dc+gc windows 2003 sp2 and only on the windows 2008 r2 domain it starts with these issues. Is it possible there is something wrong with the replication of active directory between 2003 sp2 and 2008 r2.
0
 
MichaelVHCommented:
Rha,

that is very much possible. Therefor you need to check if the DC's are actually equal (verifying groups etc).

Michael
0
 
NavdeepCommented:
Hi,

issue the following command and check for replication

repadmin /syncall
repadmin /replsummary
0
 
rha_mtlAuthor Commented:
ok i did a comparison and I am missing the

Microsoft Exchange System Objects Container

On the 2003 sp2 it has it but not the 2008 r2. Cna I manually create this with the objects as well. Or do I need to run the setup /p to have "repair" it and add in ot the 2008 r2 servers
0
 
MichaelVHCommented:
If you create it manually it won't have the GUID that Exchange is looking for; so you need to run the setup /p

BUT

as v-2nas said, if your error come from a bad replication than you might have some other issues going on as well.
I suggest that you do the following:
1. run repadmin /replsummary to check for replication errors.
2. If you find any, solve them first. (btw: you can force a replication by running repadming /syncall)
3. Run the setup /P

Greets,

Michael
0
 
rha_mtlAuthor Commented:
i ran the repadmin /syncall and i know see the container that is missing. I will let it run the night and try again tomorrow
0
 
NavdeepCommented:
Also check if you have inbound connection objects created between dc for successful replication to take place.
0
 
BusbarSolutions ArchitectCommented:
looks like something is wrong with AD, can you check AD and confirm that no errors in AD replication. and that the new GC is promoted to a GC
0
 
rha_mtlAuthor Commented:
well I ran a dcdiag and everythng is fine. I am not sure how to do inbound connections verification. I removed the 2003 sp2 gc and i restarted the exchange topology service and it still giving me the error where users cannot connect to the outlook. it is still giving me this erorr message
Event Type:      Information
Event Source:      MSExchangeTransport
Event Category:      Components
Event ID:      7001
Date:            2/24/2011
Time:            10:01:37 AM
User:            N/A
Computer:      RHA-EXCHANGE1
Description:
The service will be stopped. Reason: Microsoft.Exchange.Transport.TransportComponentLoadFailedException: Loading of component 'SmtpOutConnectionHandler' failed. ---> Microsoft.Exchange.Transport.TransportComponentLoadFailedException: Microsoft Exchange couldn't read the configuration from the Active Directory directory service. ---> Microsoft.Exchange.Data.Directory.SystemConfiguration.ErrorExchangeGroupNotFoundException: The Exchange group with GUID "6c01d2a7-f083-4503-8132-789eeb127b84" was not found. This group was automatically created during Exchange Setup, but has been subsequently removed. ---> Microsoft.Exchange.Data.Directory.ADTransientException: Could not find any available Global Catalog in forest rha-dc.mtl.rha.ca.
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType)
   at Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String preferredServer, Boolean isWriteOperation, Boolean isNotifyOperation, ADObjectId& rootId)
   at Microsoft.Exchange.Data.Directory.ADSession.GetReadConnection(String preferredServer, ADObjectId& rootId)
   at Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCreator, CreateObjectsDelegate arrayCreator)
   at Microsoft.Exchange.Data.Directory.ADSession.FindByWellKnownGuid[TResult](Guid wellKnownGuid, String containerDN)
   at Microsoft.Exchange.Data.Directory.ADSession.ResolveWellKnownGuid[TResult](Guid wellKnownGuid, String containerDN)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ReceiveConnector.PermissionGroupPermissions.<>c__DisplayClass1.<GetSidForExchangeKnownGuid>b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ReceiveConnector.PermissionGroupPermissions.GetSidForExchangeKnownGuid(ADRecipientSession session, Guid knownGuid, String containerDN)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.SmtpSendConnectorConfig.GetDefaultPermission()
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.SmtpSendConnectorConfig.GetDefaultSDForEnterpriseRelayConnector()
   at Microsoft.Exchange.Protocols.Smtp.SmtpOutConnectionHandler.Load()
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Protocols.Smtp.SmtpOutConnectionHandler.Load()
   at Microsoft.Exchange.Transport.SequentialTransportComponent.<>c__DisplayClass2.<Load>b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Transport.SequentialTransportComponent.Load()
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Transport.SequentialTransportComponent.Load()
   at Microsoft.Exchange.Transport.Components.Activate()

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

0
 
MichaelVHCommented:
That's because you're still missing an Exchange Group with GUID: "6c01d2a7-f083-4503-8132-789eeb127b84".

Have you recreated the groups in Server 2008?
0
 
rha_mtlAuthor Commented:
no I did a repladmin /syncall and it seemed to replicate fine and then I saw the Microsoft Exchange Objects so I fugured it was fine.

How do recreate the groups? Is it setup /p from the installation media?
0
 
NavdeepCommented:
Hi,

run setup.com /PrepareAD and setup.com /PrepareDomain

http://www.msexchange.org/tutorials/Installing-Exchange-2007-Part1.html
0
 
MichaelVHCommented:
rha,

indeed Setup /P (same as Setup /PrepareAD) and setup /PrepareDomain. Don't forget to add your Exchange Organization name

setup /PrepareAD /On:nameoftheorg

Grts,

Michael
0
 
rha_mtlAuthor Commented:
do I only run

setup /PrepareAD /On:nameoftheorg

or do I also run

setup /PrepareDomain
0
 
NavdeepCommented:
There is only 1 exchange org in the forest, so either you can specify your exchange org name or leave it. it will work.

If you have single domain then you can skip prepare domain as suggested by Michaelhvh

For more precise information you can check this technet article
http://technet.microsoft.com/en-us/library/bb125224%28EXCHG.80%29.aspx
0
 
rha_mtlAuthor Commented:
After running these commands this is what I see in the event viewer

Process MSEXCHANGEADTOPOLOGY (PID=8152). When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account <WKGUID=DC1301662F547445B9C490A52961F8FC,CN=Microsoft Exchange,CN=Services,CN=Configuration,...> - Error code=80040934.
 The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.
0
 
MichaelVHCommented:
0
 
rha_mtlAuthor Commented:
the server that exchange is on is not a gc though. Now that I have put back the gc it is now starting
0
 
rha_mtlAuthor Commented:
I find it strange that when I right click on the exchange server under server configuration and on the system settings tab under

Domain Controller server being used by exchange has 2 servers listed and neither is the 2 new 2008 r2 dc+gc. It is listing our 2 old 2003 servers dc 1 and 2. Under global catalogue servers it has dc1 there I as I have removed gc from dc2.

this seems strange for some reason it is not seeing our 2008 r2 dc+gc.

Although I have changed the configuration domain controller to the new dc2008r2-1. on both the server and organization
0
 
NavdeepCommented:
are all  your DC/GC in same site or different site?
0
 
rha_mtlAuthor Commented:
they are all on in the same site
0
 
rha_mtlAuthor Commented:
after i do the setup.com /preparead and setup.com /preparedomain  should I reboot the server first uncheck the dc 2003 sp2 then reboot the server?
0
 
NavdeepCommented:
sorry didn't get this
"first uncheck the dc 2003 sp2 then reboot the server"
0
 
rha_mtlAuthor Commented:
i mean

Do I first uncheck the 2003 sp2 server as a gc and then reboot the exhnage server and see if it will pick up the new 2008 r2 gc's. What I have been doing is just stopping the exchange topology server (which stops almost all the services and then restarting the service. If it starts then I start the exchange transport service if it starts then I know it works.
0
 
NavdeepCommented:
No need to reboot exch reboot the dc and restart topology service
0
 
rha_mtlAuthor Commented:
which dc do i reboot the 2003 sp2 or dc 2008 r2
0
 
NavdeepCommented:
I think there is a communication gap. If it's talking off GC tick from DC. Then you need to reboot the DC otherwise not required.
0
 
rha_mtlAuthor Commented:
what i did is reboot exchange and the dc 2003 and the dc 2008 r2 and I still cannot get exchange 2007 to see the dc2008 r2. Strange
0
 
rha_mtlAuthor Commented:
I have exchange 2007 sp3 installed though. Does this still apply?
0
 
MichaelVHCommented:
SP3 should normally have support for Server 2008R2. So I'd say no. Nonetheless; try running the exBPA with the xml-files to see whether they bring something up or not.
0
 
rha_mtlAuthor Commented:
Is it possible I need to re-apply exchange sp3 because now I have added 2008 r2 dc's?
0
 
NavdeepCommented:
R u already on sp3
0
 
rha_mtlAuthor Commented:
yes
0
 
NavdeepCommented:
Hi,

Run Exbpa report form Exchange 2007 side from the EMC and see if it highlight the problem.
0
 
rha_mtlAuthor Commented:
I have run it and it does not show anything out of the ordinary.
0
 
NavdeepCommented:
So where are we now this. Didn't get to hear from you
0
 
rha_mtlConnect With a Mentor Author Commented:
I finally found what the issue was. I ran the best practise ananlyzer on the 2008 r2 dc. It told me that it was missing accounts in the domain policy. I added the groups it was missigng and voila everything is functioning.  Thanks for your help. Since you directed in the right direction with the best practises i will award you the points.
0
 
ModalotEE ModeratorCommented:
Sorry, wrong answer accepted.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.