Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2003 to Exchage 2010 Migration, need an explanation for a behavior i am facing

Posted on 2011-02-28
11
Medium Priority
?
555 Views
Last Modified: 2012-05-11
i started a migration from Exchange 2003 to Exchage 2010 , and on installation for the Exchange 2010 server to my enivornment the setup failed for all roles with a "Service could not enterRunning State" error .
then i figured that i had to add the servers that i will install Exchange 2010 on to the AD Security group "Exchange Enterprise Servers". well everything worked fine afterwards.
now every while i go to check the AD directory group i found that the servers are removed "like every 12 hours or so"and i have to manualy add them again. "may be with every AD replication am not sure"
does any one has an explanation for this behavior ?
0
Comment
Question by:Mohamed ElManakhly
  • 5
  • 4
  • 2
11 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34997460
this is unusual.

Did you run :

D:\setup /PrepareLegacyExchangePermissions
D:\setup /PrepareSchema
D:\setup /PrepareAD

Before you performed the installation?
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 34997489
Hi there,

assuming that you've been able to install Exchange, I presume that the schema exentions went fine as well (or else Exchange wouldn't setup).

It seems to me that you - indeed - might have some replication issue within AD. Certainly because after x-time your server-accounts disappear.

Did you already check replication? If yes, did it bring up any errors?

Michael
0
 
LVL 13

Author Comment

by:Mohamed ElManakhly
ID: 34997536
well yes deployment went fine no problems . yet  i am going to review the replication events more for more info,
but today i added the Computer accounts to the group and then i forced replication using repadmin , i then went to every domain controller in 3 sites and confirmed that the group membership updated fine.it was there on every domain controller i have
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 74

Accepted Solution

by:
Glen Knight earned 2000 total points
ID: 34997551
you haven't by anychance setup restricted groups for these groups have you?
See here for further details: http://technet.microsoft.com/en-us/library/cc756802(WS.10).aspx
0
 
LVL 13

Author Comment

by:Mohamed ElManakhly
ID: 34997554
@demazter .. nope i left the AD prepartion to be done by the exchange Setup. in the prganization preparation step.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34997561
might be worth running them as this adds all the required permissions.
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 34997564
I've had a similar issue before, in our case it was a local security policy gone bad. We had to rebuild it using secedit.

Grts,

Michael
0
 
LVL 13

Author Comment

by:Mohamed ElManakhly
ID: 34997606
@demazter , i will try rerunning the commands again manually.

@michaelIVH will give it a go too.

0
 
LVL 13

Author Comment

by:Mohamed ElManakhly
ID: 35005744
well guys i tried the above suggestions but reached no where , same behavior.. yet i almost figuredout whats going on so i thought i would let you know , here is what i did ..
1- added another computer account "Non Exchange" to the same group "Exchange Enterprise Servers" along with the Exchange 2010 Computer accounts.
2-waited for the replication and checked the group membership again. Exchange Servers were flushed , yet the Computer Account "Non Exchange" is still there.
3- i noticed that the common thing is that Exchange Servers were members of the "Exchange Domain Servers" AD group which is by default a member of the "Exchange Enterprise Servers" AD group, while the Computer Account "Non Exchange" Was not.
4- i added the non Exchange account to the "Exchange Domain Servers" , after replication it was flushed away too .

so apparently Computer accounts can not be member of both groups if AD replication finds ita member of "Exchange Domain Servers" it automatically flushes it from the "Exchange Enterprise Servers" . yet i am still wondering if that was the case why wasn't i able to continue the installation in first place , why did i had to add the computer accounts to the Exchange Enterprise Servers for the installation to complete successfully .
0
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 2000 total points
ID: 35005749
running the preparead commands in my very first post would have fixed this if you had been running it with the correct permissions.
0
 
LVL 13

Author Closing Comment

by:Mohamed ElManakhly
ID: 35015033
Doing my tests mentioned in my comment helped figuring out most of the cause.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question