Link to home
Create AccountLog in
Avatar of isaackhazi
isaackhazi

asked on

Exchange 2010 - 2 servers - mails being relayed from wrong server

We have Exchange 2010 mailbox, client access and hub transport on our mailserver in our head office with about 150 mailboxes.

Recently i setup another 2010 on another server for a branch office in another city with the same roles installed as above. with 25 mailboxes migrated to this server successfully.

We have a 1 mbps dedicated private link connection between the two offices.

Problem is, now all the mailboxes in the first server are somehow sending emails through the second server and when the connection between the first and second exchange server (private link between two cities) is lost, the users at the head office (first server) are unable to send emails.

In EMC > Server Configurateion > Hub Transport
I'd created a send connector initially and attached the first server as the source server for this connector. Later, while i was setting up the second exchange server, i created another send connector and attached that server's name as the source server for the second connector.

i would like to know why emails sent from mailboxes in the first server and sent to the second server first and then sent out using the send connector in the second server. and how can this be fixed?

also, we used exchange 2003 until 2010 was deployed for both servers this month. there was message tracking facility easy to use in system manager in exchange 2003. i cannot find any interface on exchange 2010 to track emails. i would like some help on that too.
Avatar of MegaNuk3
MegaNuk3
Flag of United Kingdom of Great Britain and Northern Ireland image

Message tracking is in EMC\Toolbox
Also is the first server logging any issues for the first Send Connector? Have you tried recreating it?

Maybe do a "Get-SendConnector | fl" and see what the difference is between the two.
Avatar of isaackhazi
isaackhazi

ASKER

i tracked one of the messages i'd sent to my colleague earlier who sits right next to me in the same office (mailboxes on the server1). this is the report i get from message tracking tool on EMC:

Delivery Report for  xxx@prtr.com ¿(xxx@prtr.com)¿


Submitted
3/28/2011 11:54 AM server1.domain.local
The message was submitted to server2.domain.local.

Delivered
3/28/2011 11:54 AM server2.domain.local
The message was successfully delivered.



as you can see above, even though both our mailboxes are on server1.domain.local, the mail still goes through server2.domain.local

any idea why?
btw, thnks for helping me locate message tracker.
Is server1 a hub transport server? Is it logging any transport events if it is?
both the servers have hub transport, mailbox and client access roles installed.

right now, a new issue has risen. eventhough server1 email are also going out through server2, users @ server2 are unable to send external emails.
and how do i check if its logging any transport events?
due to the new issue i mentioned earlier, i just found this out:

server1 sends external emails through server2 and server2 sends external emails through server1

how do i reverse this?
UPDATE:

Now both server1 and server2 sends out email through server2.

i want to know how to make server1 send out email from server1 itself.
even when i send internal emails from my mailbox to another mailbox (which are both in server1) and track using EMC message tracking tool. it says:

Submitted
3/28/2011 6:11 PM server1.domain.local
The message was submitted to server2.domain.local

Delivered
3/28/2011 6:11 PM server2.domain.local
The message was successfully delivered.

eventhough both my mailbox and the recipient inbox are in server1


and when i send email from a user mailbox in server2 to my mailbox in server1, i get this tracking detail:

Submitted
3/28/2011 5:52 PM server2.domain.local
The message was submitted to server2.domain.local

Delivered
3/28/2011 5:52 PM server2.domain.local
The message was successfully delivered.

any idea wats happening?
Do you have DAG? It might be time to recreate that Send Connector

In the application event log on server1 you should see Transport events. You can also try Test-mailflow |fl on server1
no DAG

and i already recreated send connectors yesterday. for server1 and well as server2

under event viewer, i can see MsExchange Management and Microsoft > Exchange > High Availability/MailboxDatabaseFailure/Troubleshooters. so, where do i find transport events?

test-mailflow |fl on server1 shows this:

[PS] C:\Windows\system32>Test-mailflow |fl


RunspaceId         : c9fc523b-e30d-447d-be92-2c828c66ccc8
TestMailflowResult : Success
MessageLatencyTime : 00:00:16.8893061
IsRemoteTest       : False
Identity           :
IsValid            : True
Start-> Run-> eventvwr
Windows logs->application log
no error logs for transport.
the only recent events for MsExchangeTransport is for category "configuration".
and they are:

- A configuration update for Microsoft.Exchange.Transport.ReceiveConnectorConfiguration has successfully completed.
- A configuration update for Microsoft.Exchange.Transport.AcceptedDomainTable has successfully completed.
- A configuration update for Microsoft.Exchange.Transport.TransportServerConfiguration has successfully completed.
- A configuration update for Microsoft.Exchange.Transport.TransportSettingsConfiguration has successfully completed.
- A configuration update for Microsoft.Exchange.Transport.X400AuthoritativeDomainTable has successfully completed.
- A configuration update for Microsoft.Exchange.Transport.RemoteDomainTable has successfully completed.

server2 (which is off site in another city) is acting like the primary server and server1 (which should be primary) is completely dependent on server2 for sending internal and external emails as well as public folders. if i create a public folder on server1 and not replicate to server2, then i cannot send emails to that public folder. very strange. it has become very annoying now.
Sounds like an AD issue. Are both servers in the same AD domain? Maybe do a netdiag and dcdiag and see if they come back clean.
someone please help. this is becoming too much to deal with now. when any of the servers go down or the private link between both the cities gets disconnected, no one can send or receive internal emails.

this is how internal emails between users who's mailboxes are on server1 are sent and received.
when user1 sends email to user2 (who sits right next to him), the mail is sent by server1 to server2 over the internet and then depending on the queue on server2, the mail is sent back to server1 for delivery. the same for users on server2 as well. they send each other emails, it comes to our server first and then sent back to them! this is getting really ridiculous!

and during this disconnection, all emails sent by users are queued and even after the connection is restored, it results in so much delay for delivery and it takes hours to become fast again (for the queue to become normal).

another issue is the public folders. everything was fine when i migrated from exchange 2003 to exchange 2010. later, when the second exchange 2010 server was installed and deployed, i made a mistake in replicating public folders between these two exchange 2010 servers. i followed the same technique of copying public folders from exchange 2003 to exchange 2010. i ran the add pf replica command on the first exchange 2010 server (server1) and then move all replicas to server2.and it moved all the public folders which were meant for server1 users as well to server2. now users connected to server1 find it very slow to connect with their public folders.

please help. i'm not convinced its an AD issue, but i'm willing to try any troubleshooting steps to get this fixed any way possible.

both the servers are running exchange 2010 sp1 on windows server 2008 r2. i cant find netdiag and dcdiag commands in the server, but will search online and post the results soon.
Click the 'Request Attention' button on this question to get it posted to more zones and have additional experts made aware of it.
Open a cmd prompt on both servers and do
Nltest /dsgetsite

And see if they both return valid site names that are different.
Also do EMS
Get-ADSite | fl

and see if any are showing HubSiteEnabled=True
Also do EMS
Get-MailboxServer | ft identity, submissionServerOverrideList

And see if any are listing a submissionServerOverrideList
Another interesting tool is:
EMC\Toolbox\Routing Log Viewer

Do File-->open log file--> browse server files-->sort by date modified --> open newest

This will show most of the values that we were doing EMS commands for earlier
upon running Nltest /dsgetsite on both the servers, the same results were obtained as they are using the same Default-First-Site for AD

running Get-ADSite | fl on EMS gave HubSiteEnabled = false

running Get-MailboxServer | ft identity, submissionServerOverrideList, both servers gave the following result:

Identity                                                    SubmissionServerOverrideList
--------                                                      ----------------------------
SERVER1                                                  {}
SERVER2                                                  {}

also, i recreated send connectors for both the servers.
on server2, i deleted the existing send connector and recreated again and now external emails send from mailboxes in server2, go out directly from server2
on server1, upon doing the same, deleted existing and recreated new and the situation still remains the same. when external emails are send from mailboxes in server1, it still goes to server2 and then send from there.

this has had no impact on internal emails though. even after re-creating both the send connectors. internal emails sent between 2 mailboxes which are both located in server1, they still goto server2 first and then delivered back in server1. the same with server2 mailboxes as well.
ASKER CERTIFIED SOLUTION
Avatar of MegaNuk3
MegaNuk3
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
we already have different subnets for both the offices. for example, our office (hq) with server1 is 192.168.0.xxx and the branch office with server2 is 192.168.5.xxx, but ofcourse subnet mask is the same for both - i.e 255.255.255.0

is that okay?

as for different default first sites, how do i go about creating a new one for exchange usage?
thank you meganuk3
and once new default first site is created, what all changes do i need to make on AD or exchange so that the no servers or network gets disconnected from the existing settings?
Subnet mask is fine.

Just go into AD Sites and services and create a new site and assign a subnet to it. Move a DC into that site so it will service logon and exchange requests. Exchange and machines will automatically pick up the change.
Avatar of Glen Knight
Exchange uses the Active Directory Sites to route mail.

You need to ensure your Active Directory Sites are configured correctly and that the appropriate site connectors are setup, along with the subnets.

If they are not Exchange will not use it and you will see the bahaviour you are seeing.

So setup a second Site, move your DC in to this site and make sure you have the subnets configured for that site.  Setup an Inter-site IP connector.

then reboot the Exchange server.
So....to be clear.


In Active Directory Sites and Services, create a new site, you will have a Default First site already.

Then create a subnet, and link it to the new site, the subnet must be the IP range in use at the second site (hopefully this is different from your main site?)

Once you have done that, create a new Inter-Site Connector, you won't have many options here if there are only 2 sites.

Move the DC, in to the new site by simply dragging and dropping it.

Then reboot the Exchange Server.
>>>Exchange and machines will automatically pick up the change

No they won't not without a reboot.
Yes, as demazter says. If the machine hasn't picked up the site change you will need to reboot it. Exchange will automatically pick up the DC site move and this change should be seen in the 2080 event on the exchange server.

You can run
Nltest /dsgetsite
To confirm what site the machine thinks it is in.
i created a new default first site, hooked up a site link between the two default first sites, assigned the server2's subnet to the newly created default first site. now how do i move SERVER2 (DC) from the first to the second site? i right-clicked the server and hit move, but its only showing me the initial default-first-site.
>>>now how do i move SERVER2 (DC) from the first to the second site

Just drag it and drop it in to the correct location.

and i cant seem to drag the DC to the new site as well.
can you see both sites in Active Directory Sites and services? When you say you created one with the same name you should have specified a different name for it.

Can you post a screenshot of your active directory sites and services please?
i created a new site with a different name, created a intersite IP transport as well as smtp transport, associated the IP transport as the link between the two sites.
associated the subnet used by the second server and the users at that location to the newly created second first site.

but i cant move or drag the appropriate DC to the new site.

the initial default first site has two subfolders in it:
EdgeSyncService
Servers (where the servers are listed)

the newly created one does not have any subfolders.

did i forget to do something after creating the site? or do i have to restart some service or something like thaT?
>>transport as well as smtp transport
You don't need to do this.

You should see a servers container under the new site, you can then drag your DC from the servers container on the original site to the one on the new site.

as i said before, or as you can see in the screenshot attached, making a new site did not result in servers container.

exp1.jpg
Just for fits and giggle, can you create a new site, does the servers container appear under there?
nope. deleted the one i created, and then created a new one. still no containers listed.
something very odd going on there then because I just created a new site and the server container appeared immediately.

When you create the new site, what options do you get?
I'll let demazter run with this as he has more time on his hands than me (apparently) ;-)
thanks for all the help so far meganuk3,

demazter,
i click on new site, it asks me to create an ip connector between the two later or there may be replication issues.
during the first try, i created the ip connector first and then created the second site.
during the second try, i created the site first and then later hooked the connector to it.
both of that doesnt seem to make any difference.

then i enter the name for the new default first site, click ok and then its finished. i see the new site, but no containers in it. then i go and connect the ip connector and associate the subnet to the new site.

and if you highlight the new site and hit refresh? Or double click it?
tried that already.

highlighting and refreshing does nothing. so does double-clicking!
if i rightclick the new site and goto properties, i can see the subnet associated with it. and some option for location, object, security and attribute editor/
From the picture you posted, it looks like you have a site within a site. If you press the "-" symbol next to the first site does the 2nd site disappear?
GOOD CATCH!!

Yes, right click on Sites, not the existing site and create the new site there.
nope. its not within the site. and if i collapse (hit the minus), the second one does not disappear. maybe this screenshot will give you a better picture.
exp2.jpg
can i do some adsi edit sort of manual editing to create a servers container for the new site and add the appropriate server to it? since it does not seem to be working like normal (as you guys expected it to)
Shame! That was looking so promising.

No, don't use ADSI Edit, let me ponder this one.
i got excited too for a second!

but anyway, 've got one more day to fix this. monday onwards i will be on holiday (which was preplanned) and i really really want to fix this before leaving. i dont want to vpn in from my vacation and make sure mails are going through in the office everyday!

btw, the newly created default first site has nothing in it, no ntds settings, no licensing site settings, which are all there in the initial default first site.
Might be an AD replication issue. You have so many GCs it might not show the servers container until all your GCs have replicated around that you have a new site. Did you create the new Site from one of the GCs or from a workstation with the AD management tools installed? Create another site direct on a GC if so.

I can concur with demazter that as soon as I create a new site, the Servers container is immediately underneath it...
i created from one of the DCs which hosts exchange 2010 and i also tried it from another DC which hosts our old exchange 2003.

and all other GCs are in our own office on a gigabit switched network. i still dont see servers container or any other contents inside the newly created site.

until i joined this company last year, the domain/ad was all running windows 2003 and exchange 2010... later last year i replaced a few servers and raised the functional level to 2003 so 2008 can be installed. at the time, i had prepped the ad for 2008 version.. later for exchange 2010, i had to install 2008 r2, and i prepper ad and domain for that too.. did i miss out anything?
I don't think so, i've just asked a few other people and they are a bit confused by this too.

Can you run DCDIAG on the server you are creating the site on please and post the results.
server1 i was referring to earlier, which is where i've created the new defaultfirstsite, is prtrmailserver. this is the server running exchange 2010 in my office, which is the headoffice.
server2 is second exchange 2010 server called prtresserver which is in our branch office about a 100 kms from here in another town.
both the above servers run windows server 2008 r2 standard sp1 and exchange 2010 standard sp1

prtritserver is a server that i use at office. runs windows server 2008 r2 enterprise.

prtrtestserver mentioned in the results below is a failed dc and is not part of the system anymore. i'd removed traces of it from AD using ntdsutil.

the rest of the servers run either win server 2008 32bit or windows server 2003 32 bit

here are the results of running dcdiag on server1 (prtrmailserver):


C:\>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = PRTRMAILSERVER
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site\PRTRMAILSERVER
      Starting test: Connectivity
         ......................... PRTRMAILSERVER passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site\PRTRMAILSERVER
      Starting test: Advertising
         ......................... PRTRMAILSERVER passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... PRTRMAILSERVER passed test FrsEvent
      Starting test: DFSREvent
         ......................... PRTRMAILSERVER passed test DFSREvent
      Starting test: SysVolCheck
         ......................... PRTRMAILSERVER passed test SysVolCheck
      Starting test: KccEvent
         ......................... PRTRMAILSERVER passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... PRTRMAILSERVER passed test
         KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... PRTRMAILSERVER passed test MachineAccount
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=ForestDnsZones,DC=PRTR,DC=local
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=DomainDnsZones,DC=PRTR,DC=local
         ......................... PRTRMAILSERVER failed test NCSecDesc
      Starting test: NetLogons
         ......................... PRTRMAILSERVER passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... PRTRMAILSERVER passed test ObjectsReplicated
      Starting test: Replications
         [Replications Check,PRTRMAILSERVER] A recent replication attempt
         failed:
            From PRTRTESTSERVER to PRTRMAILSERVER
            Naming Context: DC=ForestDnsZones,DC=PRTR,DC=local
            The replication generated an error (1256):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.

            The failure occurred at 2011-04-07 21:10:40.
            The last success occurred at 2011-04-01 10:49:51.
            618 failures have occurred since the last success.
         [PRTRTESTSERVER] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         [Replications Check,PRTRMAILSERVER] A recent replication attempt
         failed:
            From PRTRTESTSERVER to PRTRMAILSERVER
            Naming Context: DC=DomainDnsZones,DC=PRTR,DC=local
            The replication generated an error (1256):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.

            The failure occurred at 2011-04-07 21:10:40.
            The last success occurred at 2011-04-01 10:44:52.
            618 failures have occurred since the last success.
         [Replications Check,PRTRMAILSERVER] A recent replication attempt
         failed:
            From PRTRTESTSERVER to PRTRMAILSERVER
            Naming Context: CN=Schema,CN=Configuration,DC=PRTR,DC=local
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2011-04-07 21:11:01.
            The last success occurred at 2011-04-01 10:44:51.
            618 failures have occurred since the last success.
            The source remains down. Please check the machine.
         [Replications Check,PRTRMAILSERVER] A recent replication attempt
         failed:
            From PRTRTESTSERVER to PRTRMAILSERVER
            Naming Context: CN=Configuration,DC=PRTR,DC=local
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2011-04-07 21:10:40.
            The last success occurred at 2011-04-01 10:44:51.
            618 failures have occurred since the last success.
            The source remains down. Please check the machine.
         [Replications Check,PRTRMAILSERVER] A recent replication attempt
         failed:
            From PRTRTESTSERVER to PRTRMAILSERVER
            Naming Context: DC=PRTR,DC=local
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2011-04-07 21:11:22.
            The last success occurred at 2011-04-01 10:51:14.
            618 failures have occurred since the last success.
            The source remains down. Please check the machine.
         ......................... PRTRMAILSERVER failed test Replications
      Starting test: RidManager
         ......................... PRTRMAILSERVER passed test RidManager
      Starting test: Services
         ......................... PRTRMAILSERVER passed test Services
      Starting test: SystemLog
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   20:21:49
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   20:21:49
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   20:37:36
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   20:37:36
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   20:52:55
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   20:52:55
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   21:08:25
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 04/07/2011   21:08:25
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         ......................... PRTRMAILSERVER failed test SystemLog
      Starting test: VerifyReferences
         ......................... PRTRMAILSERVER passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : PRTR
      Starting test: CheckSDRefDom
         ......................... PRTR passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... PRTR passed test CrossRefValidation

   Running enterprise tests on : PRTR.local
      Starting test: LocatorCheck
         ......................... PRTR.local passed test LocatorCheck
      Starting test: Intersite
         ......................... PRTR.local passed test Intersite







SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
192.168.0.2 is server gateway: fortigate100A firewall + router
192.168.0.7 js user gateway : forigate 60b

192.168.0.4 is old exchange 2003 server prtrexchange (primary dns)
192.168.0.10 is new exchange 2010 server prtrmailserver (secondary dns)
192.168.5.5 is the second new exchange 2010 server prtresserver


okay. i'll start with my server:

C:\>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : PRTRITSERVER
   Primary Dns Suffix  . . . . . . . : PRTR.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : PRTR.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-18-8B-12-5E-F2
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4cfd:2037:2141:db9b%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.7
   DHCPv6 IAID . . . . . . . . . . . : 234887307
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-27-2D-63-00-18-8B-12-5E-F2

   DNS Servers . . . . . . . . . . . : 192.168.0.10
                                       192.168.0.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{79E9EDA2-4B42-4FF7-A717-1E7D2D00948D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes



this is the DHCP server + file/print : prtrserver

Windows IP Configuration

   Host Name . . . . . . . . . . . . : PRTRSERVER
   Primary Dns Suffix  . . . . . . . : PRTR.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : PRTR.local

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
 VBD Client) #2
   Physical Address. . . . . . . . . : 84-2B-2B-4C-60-67
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::896a:2eb8:b37:583c%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.2
   DHCPv6 IAID . . . . . . . . . . . : 193211179
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-21-CA-B4-84-2B-2B-4C-60-66

   DNS Servers . . . . . . . . . . . : 192.168.0.3
                                       192.168.0.4
   Primary WINS Server . . . . . . . : 192.168.0.3
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{45EC8029-D38E-428F-A740-43B44F6CA
F9A}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


this is the old exchange 2003 server - prtrexchange
if this server is disconnected, dns throughout the domain doesnt work, no one can login as well
also the remote and routing access server.

Windows IP Configuration

   Host Name . . . . . . . . . . . . : PRTREXCHANGE
   Primary Dns Suffix  . . . . . . . : PRTR.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : PRTR.local

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . : prtr.local
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
2
   Physical Address. . . . . . . . . : 00-14-22-1E-D4-0C
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.4
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.2
   DNS Servers . . . . . . . . . . . : 192.168.0.4
                                       192.168.0.3
   Primary WINS Server . . . . . . . : 192.168.0.3

PPP adapter RAS Server (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
   Physical Address. . . . . . . . . : 00-53-45-00-00-00
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.206
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :


this is the second exchange 2010 server prtresserver:
runs dhcp, remote + routing, exchange, file + print server at our branch office.

C:\>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : PRTRESSERVER
   Primary Dns Suffix  . . . . . . . : PRTR.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : PRTR.local

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.5.143(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
 VBD Client)
   Physical Address. . . . . . . . . : BC-30-5B-D2-49-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::743b:f723:b727:1352%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.5.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.5.1
   DHCPv6 IAID . . . . . . . . . . . : 180105307
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-1A-84-AE-BC-30-5B-D2-49-01

   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.0.10
                                       192.168.0.4
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{51981E4E-3458-4CCA-BBA3-5B19FE8C9F89}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes



so how do i go about fixing this AD issue?

so once the ad replication issue is fixed, then the new default first site should be able to host the server containers, and after i move the second exchange server to the new default website, the issue with mail relaying would be fixed?
hey guys!!!!

finally i was able to create new site with servers containers in it!!!!!!

at first, i cleaned up the remnants of all dead servers from AD using ntdsutil and adsiedit, then recreated the site, made sure it got replicated on all GC DCs but still no servers container.

then, I clicked on delegate control and added myself and the administrator account to full permission. and after that, created the new site and that resulted in servers container in it!!!!!
i think it was no replication issue, it was some sort of permission issue by the looks of it!

so i've added the second exchange server to this new site. i cant restart now both the exchange servers now. But there's lunchbreak in half an hour. so i'll restart then and see if things have been fixed!

will let you guys know about the results in half an hour!

so excited!!!!
i bring good news gentlemen!!!

its finally fixed!!!!!!!!!!!!!!!!!!!!!!!!!!!! now all internal emails sent between users with mailboxes in server1 are delivered instantly without being cross-relayed to server2!!!! the same for users at server2 as well!! emails have suddenly become lightning fast!!!! reduced queue time! its all sorted now!!! same for outgoing mails too. now they go out straight from the mail server bearing the mailbox!!!

thanks guys!!! i've learnt so much during this last two weeks!!!! and now i can holiday in peace!!!

i've still got a few issues with the old mail server running exchange 2003. i cant turn it off coz then no one is able to login, browse the internet or ping another pc/dc... sort of like primary dns controller or something. but i guess it can wait. nothing that important as the mail issue!

your help is much appreciated!

cheers from bangkok!
Glad to hear it is working like it is supposed to now. I learnt something new about sites and permissions there...

Feel free to close the question and award points however you see fit, don't forget you can split points and award points for assisted solutions.

Have a good holiday.
thanks for everything meganuk3, demazter!

i'll post a new question about that old exchange 2003 server soon after i'm back from holiday!

enjoy your well deserved points!

cheers
much knowledge gained thanks to the expertise of meganuk3 and demazter
Thanks for the points. Your old e2k3 server appears to be a DNS server. So you may want to remove it's IP address from DHCP so the clients stop using it.