• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5907
  • Last Modified:

How to Change Exchange 2010 AD Server

Im working for a SMB in which they have 2 active directory servers and 1 MS exchange 2010 server. The exchange server was using ad-server01 as its perfered domain server. ad-server01 is down as it has failed. Until i am able to get it up again is there a way to point exchange to ad-server02? or better yet point exchange to both at one time for fail over?

thanks
0
mxrider_420
Asked:
mxrider_420
2 Solutions
 
hasivCommented:

Hi,

When Exchange server is installed on a member server and got multiple domain controllers (AD servers) in the forest

if one AD server goes down, exchange will automatically use the next available AD servers. incase if not working as expected there is an option to change the DC

Please refer
http://technet.microsoft.com/en-us/library/aa998227.aspx 
0
 
Viral RathodConsultantCommented:
There is no need to manually change the AD server ,The ADTopology Service should detect the new GC :

http://social.technet.microsoft.com/Forums/en-US/exchangesvrgeneral/thread/91b9eb98-5d08-4635-9f8c-7b72434a0283/

You have build a new Domain controller for the exchange environment and you wanted your exchange servers to user this domain controllers then below command can help is setting the same. You can also statically exclude not to use specific domain controller with the command

http://powershell.com/cs/forums/p/1901/2630.aspx
0
 
mxrider_420Author Commented:
i have 2 DC's that are both GC servers. but it is not picking up the second. i even verrified the DNS settings and all is well. Is there anything else i can do?

0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
mxrider_420Author Commented:
i guess basically i want to make it dynamic. not static.. correct?
0
 
MegaNuk3Commented:
The AD topology service should be logging an event every 15 minutes in the Application event log. Can you confirm both GCs are seen in that event?
0
 
mxrider_420Author Commented:
what server you want me to look for? look at the AD server log or the mail server log?>
0
 
mxrider_420Author Commented:
This is what one server shows:

Log Name:      MSExchange Management
Source:        MSExchange CmdletLogs
Date:          2/27/2011 5:05:50 PM
Event ID:      6
Task Category: (1)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      eclipse.intra.exchangesolution.ca
Description:
The description for Event ID 6 from source MSExchange CmdletLogs cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

Get-OrganizationConfig
{}
intra.exchangesolution.ca/Admins/Andrew Sangster
Exchange Management Console-Local
4884
22
00:00:00.0156303
View Entire Forest: 'True', Configuration Domain Controller: 'ad-server.intra.exchangesolution.ca', Preferred Global Catalog: 'ad-server.intra.exchangesolution.ca', Preferred Domain Controllers: '{ ad-server.intra.exchangesolution.ca }'
Microsoft.Exchange.Data.Directory.SystemConfiguration.OrgContainerNotFoundException: Couldn't find the Enterprise Organization container.
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetRootOrgContainerId(String fqdn, NetworkCredential credential)
   at Microsoft.Exchange.Configuration.Tasks.GetSingletonSystemConfigurationObjectTask`1.InternalBeginProcessing()
   at Microsoft.Exchange.Configuration.Tasks.Task.BeginProcessing()
ServerOperation

the message resource is present but the message is not found in the string/message table

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchange CmdletLogs" />
    <EventID Qualifiers="49152">6</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-02-27T22:05:50.000000000Z" />
    <EventRecordID>44</EventRecordID>
    <Channel>MSExchange Management</Channel>
    <Computer>eclipse.intra.exchangesolution.ca</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Get-OrganizationConfig</Data>
    <Data>{}</Data>
    <Data>intra.exchangesolution.ca/Admins/Andrew Sangster</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>Exchange Management Console-Local</Data>
    <Data>4884</Data>
    <Data>
    </Data>
    <Data>22</Data>
    <Data>00:00:00.0156303</Data>
    <Data>View Entire Forest: 'True', Configuration Domain Controller: 'ad-server.intra.exchangesolution.ca', Preferred Global Catalog: 'ad-server.intra.exchangesolution.ca', Preferred Domain Controllers: '{ ad-server.intra.exchangesolution.ca }'</Data>
    <Data>Microsoft.Exchange.Data.Directory.SystemConfiguration.OrgContainerNotFoundException: Couldn't find the Enterprise Organization container.
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetRootOrgContainerId(String fqdn, NetworkCredential credential)
   at Microsoft.Exchange.Configuration.Tasks.GetSingletonSystemConfigurationObjectTask`1.InternalBeginProcessing()
   at Microsoft.Exchange.Configuration.Tasks.Task.BeginProcessing()</Data>
    <Data>ServerOperation</Data>
    <Data>
    </Data>
  </EventData>
</Event>


like i said the Preferred server is down and prolly will not be back up, how do i make exchange 2010 PERMANTLY use another AD server because its obviously not auto detecting my other GC DC?
0
 
MegaNuk3Commented:
The exchange server should be registering a 2080 event every 15 minutes in the app log is it?

Otherwise to set a static list have a look at:
http://social.technet.microsoft.com/Forums/en/exchange2010/thread/1f012f8a-76cb-45b9-b6c9-6f95d857e3c4
0
 
mxrider_420Author Commented:
It says "Unless you have a very compelling reason to do this, I recommend you let Exchange find your DCs automatically and not set any static settings."... any reason why Exchange isnt going to my dc2 automatically?
0
 
MegaNuk3Commented:
Run policytest and see if it says exchange can see your other DC properly. You should be seeing a 2080 event on your exchange server where it lists all the DCs it can see.

Maybe do a get-exchangeserver | fl and see if someone has previously set exchange to ignore your new DC
0
 
mxrider_420Author Commented:
I get this when that happens:

The term 'GetServerSettings' is not recognized as the name of a cmdlet, function, script file, or operable program.


and i cant open the GUI because it says it cant connect to:

[mail.intra.exchangesolution.ca] Connecting to remote server failed with the following error message : The WinRM client
 received an HTTP server error status (500), but the remote service did not include any other information about the cau
se of the failure. For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
0
 
MegaNuk3Commented:
Did you run policytest from the exchange server command prompt?
0
 
mxrider_420Author Commented:
Its exchange 2010... doesnt seem to like that command.

neither exchange mmc or power shell can connect to mail.intra.domain.com


i even reinstalled WinRM for IIS again.... hmmmmm this is driving me crazy, and when i try and force to point to another DC it errors out.
0
 
mxrider_420Author Commented:
it says Kerbros authentication failed for MMC. i assume its back to my original problem because it cant reach a DC?..
0
 
mxrider_420Author Commented:
SOrry, policy test said:

Local domain is "intra.exchangesolution.ca" (INTRA)
LookupAccountName returned error 1332
Abnormal exit from PolicyTest
[PS] C:\Windows\system32>

its not connecting to its self (the mail server)
0
 
MegaNuk3Commented:
Ignore policytest for now, it seems like it only works in coexistence environments
0
 
MegaNuk3Commented:
The EMS command is
Set-ExchangeServer -staticexcludedDomainControllers <dc name>

Is your exchange server not registering a 2080 event ID in the event log?
0
 
mxrider_420Author Commented:
excuse my my ignorance but where do i dind this in event logger? and on the DC or on the exchange server?
0
 
MegaNuk3Commented:
Exchange server application event log, there should be a 2080 event every 15 minutes
0
 
mxrider_420Author Commented:
i didnt see a 2080 but i see ALOT of these

Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1364). Topology discovery failed, error 0x80040a02 (DSC_E_NO_SUITABLE_CDC). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, "Microsoft LDAP Error Codes." Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers.
0
 
mxrider_420Author Commented:
i also see this which i find interesting. as eclipse server is the second DC as the first was named ad-server and has been removed from the schema, so the last one in the SMB (for now) is eclipse and NOW it looks as tho its looking for a response from eclipse but not getting one. yet eclipse is working fine. even rebooted.

Process MAD.EXE (PID=1544). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
 (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
eclipse.intra.exchangesolution.ca      CDG 1 7 7 1 0 0 1 7 1
 Out-of-site:
0
 
MegaNuk3Commented:
You are missing the SACL right. From the exchange source or SP1 source, run "setup.com /PrepareAD" from the eclipse GC, then reboot your Exchange server or wait 15 minutes for the next AD topology  event

If that doesnt work then Have a read of this and the comments:
http://www.howexchangeworks.com/2010/07/exchange-2010-error-process.html
0
 
mxrider_420Author Commented:
is that an adprep command?
0
 
mxrider_420Author Commented:
its exchange 2010.. can you help me how to run that command?

sorry i really appreciate it. also. do you have ro tun adprep on all the GC's that you want to enable exchange to use?
0
 
mxrider_420Author Commented:
PS. i was wrong i do see 2080 error too.....
0
 
mxrider_420Author Commented:
this is what my server shows now:

eclipse.intra.exchangesolution.ca      CDG 1 7 7 1 0 0 1 7 1
0
 
MegaNuk3Commented:
Setup.com /PrepareAD is an Exchange command. You should only need to run "setup.com /prepareAD" from one GC and it should update all GCs. You need to run it from the EXchange source files or Exchange 2010 SP1. Open a command prompt, navigate to the source and then run the command.

After running the command on your GC, try "gpupdate /force" so the GC refreshes its policy and then see if the next 2080 event has changed.

If it still doesn't work then try the other steps in the article I posted.
0
 
mxrider_420Author Commented:
This linka nd the guidance from MegaNuk3 seemed to solve my issue.

http://support.microsoft.com/kb/925825

0
 
mxrider_420Author Commented:
The issue was resolved by forcing a gpo update and then statically mapping the exchange server to the new GC domain controller.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now