jinfeld
asked on
MSExchangeAB Event ID 1008 The endpoint is a duplicate (1740) After migration from SBS 2003
After migrating from SBS 2003 to SBS 2011, Exchange 2010 was working well. After 20 days I uninstalled Exchange on the old server, ran dcpromo to remove active directory and things still ran well. Then I rebooted the old server and the error in the title started to appear and I can't start the Microsoft Exchange Address Book service. It doesn't seem to affect the users who are on Outlook 2003, 2007 and 2010. How do I locate that duplicate endpoint and kill it?
You don't needo to remove the old one from console, you can simply set the new server as a address book generation server from the properties of address book at exchange server.
ASKER
In Exchange 2010 SP1, where do you set the new server as an address book generation server? I can't find an object called "address book" to set any properties.
ASKER
You can check at below location at ADSIEDIT.MSC
First start adsiedit and browse to CN=Configuration, CN=Services, CN=Microsoft Exchange, CN=First Organization, CN=Address Lists Container, CN=Offline Address Lists and open the properties of CN=Default Offline Address List
This is the place in adsi where you can find exact detail of exchange server pointing to address boos service. But It is my personal recommendation to take a back of active directory before making any change there.
First start adsiedit and browse to CN=Configuration, CN=Services, CN=Microsoft Exchange, CN=First Organization, CN=Address Lists Container, CN=Offline Address Lists and open the properties of CN=Default Offline Address List
This is the place in adsi where you can find exact detail of exchange server pointing to address boos service. But It is my personal recommendation to take a back of active directory before making any change there.
Is there any event recorded in the servers related to the same.
ASKER
If I understand your question, that is the title of this thread: MSExchangeAB Event ID 1008 The endpoint is a duplicate (1740)
“The endpoint is a duplicate” means the port has already been taken by another process. The issue may occur if the service has statically bound to a specific port and another service is also listening on that port. Have you set the MSExchangeAB service to a static port? Please check the entries in the “MSExchangeAB” container
HKLM\SYSTEM\CurrentControl Set\Servic es\MSExcha ngeAB
Can you restart the MSExchangeAB service?
Please check the status of the “Remote Procedure Call” service and the “Microsoft Exchange Active Directory Topology” service on the server. Please disable windows firewall temporarily to troubleshoot the issue
Please run the commands below on the exchange server to test the AD connectivity
NLTEST /DSGETSITE
NLTEST /DSGETDC: Domain Name /GC
Please run "DCdiag.exe /v" and 'Netdiag.exe /v" command on the GC and check if there is any failed tests in the result
Please run ExBPA against the exchange server for health check
HKLM\SYSTEM\CurrentControl
Can you restart the MSExchangeAB service?
Please check the status of the “Remote Procedure Call” service and the “Microsoft Exchange Active Directory Topology” service on the server. Please disable windows firewall temporarily to troubleshoot the issue
Please run the commands below on the exchange server to test the AD connectivity
NLTEST /DSGETSITE
NLTEST /DSGETDC: Domain Name /GC
Please run "DCdiag.exe /v" and 'Netdiag.exe /v" command on the GC and check if there is any failed tests in the result
Please run ExBPA against the exchange server for health check
ASKER
Unfortunatley, I saw that posting which lead me to make my request on this site.
I have no parameters in the registry for HKLM\SYSTEM\CurrentControl Set\Servic es\MSExcha ngeAB
I can't restart MSExchangeAB because every time I do, it gives me the error and fails to start.
Netdiag is no longer used by 2008 R2
RPC is running as is Microsoft Exchange Active Directory Topology
Stopping the firewall didn't help
NLTEST /DSGETSITE
Default-First-Site-Name
The command completed successfully
NLTEST /DSGETDC:motionpro2.local /GC
DC: \\MPSERVER11.MotionPro2.lo cal
Address: \\192.168.254.8
Dom Guid: 9d820358-596b-464e-8431-93 b038ede317
Dom Name: MotionPro2.local
Forest Name: MotionPro2.local
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST CLOSE_SITE FULL_SECRET WS
The command completed successfully
I found this error in dcdiag:
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
A warning event occurred. EventID: 0x800034FA
Time Generated: 11/02/2011 20:09:33
Event String:
Following is the summary of warnings and errors encountered by File Replication Service while polling the Domain Controller MPSERVER11.MotionPro2.loca l for FRS replica set configuration information.
Could not find computer object for this computer. Will try again at next polling cycle.
and this error
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC MPSERVER11.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=DomainDnsZones,DC=Motio nPro2,DC=l ocal
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=Motio nPro2,DC=l ocal
* Security Permissions Check for
DC=ForestDnsZones,DC=Motio nPro2,DC=l ocal
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=Motio nPro2,DC=l ocal
* Security Permissions Check for
CN=Schema,CN=Configuration ,DC=Motion Pro2,DC=lo cal
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=Motion Pro2,DC=lo cal
(Configuration,Version 3)
* Security Permissions Check for
DC=MotionPro2,DC=local
(Domain,Version 3)
......................... MPSERVER11 failed test NCSecDesc
I have no parameters in the registry for HKLM\SYSTEM\CurrentControl
I can't restart MSExchangeAB because every time I do, it gives me the error and fails to start.
Netdiag is no longer used by 2008 R2
RPC is running as is Microsoft Exchange Active Directory Topology
Stopping the firewall didn't help
NLTEST /DSGETSITE
Default-First-Site-Name
The command completed successfully
NLTEST /DSGETDC:motionpro2.local /GC
DC: \\MPSERVER11.MotionPro2.lo
Address: \\192.168.254.8
Dom Guid: 9d820358-596b-464e-8431-93
Dom Name: MotionPro2.local
Forest Name: MotionPro2.local
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST CLOSE_SITE FULL_SECRET WS
The command completed successfully
I found this error in dcdiag:
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
A warning event occurred. EventID: 0x800034FA
Time Generated: 11/02/2011 20:09:33
Event String:
Following is the summary of warnings and errors encountered by File Replication Service while polling the Domain Controller MPSERVER11.MotionPro2.loca
Could not find computer object for this computer. Will try again at next polling cycle.
and this error
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC MPSERVER11.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
DC=DomainDnsZones,DC=Motio
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=Motio
* Security Permissions Check for
DC=ForestDnsZones,DC=Motio
(NDNC,Version 3)
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=Motio
* Security Permissions Check for
CN=Schema,CN=Configuration
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=Motion
(Configuration,Version 3)
* Security Permissions Check for
DC=MotionPro2,DC=local
(Domain,Version 3)
......................... MPSERVER11 failed test NCSecDesc
First of all run setup /rodcprep in any of your global catalog server that is not hosting any fsmo role.
Run below command to check if frs is replicating properly.
net view share
Do you have any antivirus or any network application installed with exchange box??
Run below command to check if frs is replicating properly.
net view share
Do you have any antivirus or any network application installed with exchange box??
In the meanwhile you can also search for
[HKEY_LOCAL_MACHINE\SYSTEM \CurrentCo ntrolSet\s ervices\NT DS\Paramet ers\NSPI interface protocol sequences] and search for a port bind eg. 6004.
DO NOT toutch this if the server is global catalog, if it have been global catalog in the past, you can delete the key and restart the server.
[HKEY_LOCAL_MACHINE\SYSTEM
DO NOT toutch this if the server is global catalog, if it have been global catalog in the past, you can delete the key and restart the server.
ASKER
This was a migration from Small Business Server 2003 to SBS 2011. 2003 is running but no longer a DC (I ran dcpromo to demote it) and Exchange 2003 has been uninstalled. That means this one box is Exchange 2011, GC and FSMO role. Net View /all lists all the desktop PCs and the old server.
NSPI interface protocol sequences > ncacn_http:6004
If the endpoint conflict is happening on port 6004, can I just direct the MSExchangeAB service to use a different port? If so, is it done in the registry? If yes, what is the key name, what port should I specify and what is the formatting of that entry?
Also, things were fine while both the old server and the new servers were running. This started after uninstalling Exchange 2003.
NSPI interface protocol sequences > ncacn_http:6004
If the endpoint conflict is happening on port 6004, can I just direct the MSExchangeAB service to use a different port? If so, is it done in the registry? If yes, what is the key name, what port should I specify and what is the formatting of that entry?
Also, things were fine while both the old server and the new servers were running. This started after uninstalling Exchange 2003.
Can I know why you have placed an exchange 2010 with a GC togather, the best configuration for all exchange is to place the exchange in a different box not to the same place, and this is making a problem for you. because GC is also using the port that is required by exchange, I would recommend you to make a small box with 2008 R2 and install domain controller there and move all fsmo roles and as I said before check for the registry key in exchange, delete that and restart exchange.
I agree this was working fine before because the GC/FSMO and exchange 2010 were in a different box but now you have bring all of them togather, this is your problem.
I agree this was working fine before because the GC/FSMO and exchange 2010 were in a different box but now you have bring all of them togather, this is your problem.
ASKER
Under SBS 2011 that is the way it always works - everything on one box. We only have 30 users.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This whole thing could have been avoided if the original error message, "MSExchangeAB Event ID 1008 The endpoint is a duplicate (1740)" had simply added "Port XXXX in use by another service". Or even better: "MSExchangeAB is failing to start because it is attempting to use Port 6002, already in use by spnsrvnt.exe".
Thank you: abhijitmdp for all of your help and guidance. It kept us on the track to resolve this port conflict issue.
Jerry
Thank you: abhijitmdp for all of your help and guidance. It kept us on the track to resolve this port conflict issue.
Jerry
The PORT-Thing made my day!
Thanks! :) Sentinel delayed ... and all works ...
Thanks! :) Sentinel delayed ... and all works ...