Solved

Cannot connect to Exchange 2007 with Mac OSX 10.6 client running Outlook or Entourage

Posted on 2011-03-19
11
487 Views
Last Modified: 2012-05-11
I have a network with currently 5 servers:

3 Windows 2008 Servers
2 Windows 2003 Servers

2 2008 Servers are domain controllers but, up until today, one of the 2003 servers was the PDC (for lack of a better term, it held all the FSMO roles).  This server was also running Exchange 2003 which we have since migrated to Exchange 2007 running on a Server 2008 box. I was in this morning to begin the process of transferring all of the FSMO roles to the newest 2008 server so we can retire the old 2003 box.

I upgraded the AD to the newest, transferred all 5 FSMO roles to the new server as well as DNS and DHCP and waited for replication to complete.

I then shut down the old 2003 server to test logins to the network.  Everything from the windows client side was clean and snappy.  Drives mapped, printers worked, Outlook connected to Exchange.  No issues with ANY Windows OS through XP , Vista and Windows 7.

The Macs however seem to have limited ability to connect to the network while the old DC is turned off.  The login is EXTREMELY slow and mapped drives eventually function.  They cannot connect to the Exchange Server at all. When I power the old server back up, the Macs can get back onto the network and all is well.  I have tried unbinding a Mac from the domain and rebinding to the new domain controller.  That process works fine but when I shut down the old DC again, the Mac is sluggish in the logon and still cannot connect to Exchange.

Any help of what I may be overlooking would be appreciated.

0
Comment
Question by:InterFACT
  • 6
  • 4
11 Comments
 
LVL 10

Accepted Solution

by:
MiniDevo earned 500 total points
ID: 35172887
It sounds like the Macs aren't connecting to the new AD at all, but are instead using cached credentials. Ensure you've got the active directory set up correctly;
http://www.techrepublic.com/article/solutionbase-connect-your-macs-to-windows-small-business-server/161636

Also, ensure that the windows server can 'see' the Macs.
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 35173020
did you ever specified the IP address of logon domain under the Mac?

i
0
 

Author Comment

by:InterFACT
ID: 35173331
yes, we used the IP of the DC to bind to the domain in Network Account Server on the macs.

thanks
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 14

Expert Comment

by:Justin Yeung
ID: 35173629
used netstat  under network ulitity and see where is it looking for LDAP connection.

see what ip it is trying to get to.
0
 

Author Comment

by:InterFACT
ID: 35181429
the LDAP connection is looking for the old server.  is there a way to force it to the new server IP?  

thanks in advance!
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 35184137
directory utility --> advanced option--> administrative --> preferred server --> ip number for you dc
0
 

Author Comment

by:InterFACT
ID: 35200506
Thanks Justin.  I will look at this on the weekend and hopefully it fixes my issue.
0
 

Author Comment

by:InterFACT
ID: 35232367
specifying a prefered server did not resolve the issue.  I still get disconnected from outlook/entourage and the smb share script takes 8 minutes rather then less than one minute when the old server is power down.  I wonder if it has anything to do with digitally signing on the new windows server 2008 servers?
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 35305087
on directory utiltiy under Active directory domain, it should come up with your joined domain name.

however if you ping that name what ip is it resolved?

if it is not resolved correctly make sure you have the correct A record under dns
0
 

Assisted Solution

by:InterFACT
InterFACT earned 0 total points
ID: 35542962
This turned out to be an invalid old entry in the user keychain.  Deleted that entry and all is well.
0
 

Author Closing Comment

by:InterFACT
ID: 35714925
The comment from MiniDevo got us looking in the right direction otherwise we were stumped.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Read this checklist to learn more about the 15 things you should never include in an email signature.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question