Exchange 2010 - Active Directory error 0x51 LDAP

Hi all.

We've got two domain controllers. The second is a new one.
First DC ist Windows 2008 Standard, second Windows 2008 R2 Enterprise.
The Exchange Server is 2010 Standard Service Pack 2.

We need the second DC for failover if the first goes down. We tried this szenario (shut down the first domaincontroller) but Exchange is not work on.
We tried to Add the second DC as PreferredServer with the "Set-ADServerSettings" Command in the PowerShell.
[PS] C:\>Set-ADServerSettings -PreferredServer dc2.local
We get the following error message:
An Active Directory error 0x51 occured when trying to check the suitability of server dc2.local
'Active Directory response: The LDAP server is unavailable.
CategoryInfo: NotSpecified: (0:Int32) [Set-ADServerSettings], SuitabilityDirectoryException
FullyQulifiedErrorid: 96AD2D25, Microsoft.Exchange.Management.ADServerSettings.SetADServerSettings
OpusretisAsked:
Who is Participating?
 
OpusretisAuthor Commented:
Yes we use the AD integrated DNS - both DC's are DNS Server and they are replicated.

The Exchange is pointing in his networksettings primarly to dc1 and alternatively to dc2.
0
 
Kini pradeepPrincipal Cloud and security consultantCommented:
couple of things first.
once you install the windows 2008 r2 DC, it is advisable to move the FSMO roles from 2008 to R2.
Is the 2008 R2 DC also a Global catalog server ?

In the Exchange console do you see the DC (2008 r2) Listed ?
0
 
OpusretisAuthor Commented:
The new one is a global Catalog server.
I did not move the FSMO roles to the new one yet.
Yes the new DC is listed in the exchange console
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Kini pradeepPrincipal Cloud and security consultantCommented:
1. any errors reported in AD (replication, FRS/DFS)
2. what does running nltest /dsgetdc:domainname show. does it list the domain controller with the correct site details.
3. does running dcdiag /v on the new DC report any errors ?
0
 
OpusretisAuthor Commented:
1. I've got errors in DFS from the time where we shut down the first dc to test exchange but that is comprehensible. Further I got one warning today - maybee a short interrupt
Event ID: 5014 - "The DFS Replication service is stopping communication with partner dc1 for replication group domain system volume due to an error. The service will retry the connection periodically"
14 seconds later I've got the information that the connection is successfully reestablished.

2. If I run this command on the exchange, I get the details of the first dc only. The details seems to be correctly (we've got only one site, this is the Default-First-Site-Name).
If I run this command on the new dc I get only the details of the new dc. the details seems to be correctly.

3. Please see attached file
dcdiag.txt
0
 
Kini pradeepPrincipal Cloud and security consultantCommented:
what about DNS, where is the Exchange server  pointing for DNS ?
assuming you are using the AD integrated DNS,
0
 
OpusretisAuthor Commented:
No more answers from Experts
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.