Avatar of walidaam
walidaam
Flag for United Arab Emirates asked on

AD error on exchange server.

i Have domain with win 2003 DC and 2008 DC the 2008 has exchange 2007.
the 2008 server drive crashed and the only way was to retrieve it from old Image but the active directory is an old replica .
the server is up but when i tried to replicate i have the next AD error : the target principal name is incorrect and the AD on 2008 server is out of date.
Windows Server 2008Exchange

Avatar of undefined
Last Comment
walidaam

8/22/2022 - Mon
d3ath5tar

Honestly I wouldn't have restored the DC portion of it. Exchange on a DC is not supported unless you are using SBS and in the even of a crash it makes things a lot more complicated since because exchange is installed on the DC, exchange will not work properly if you demote the DC.

I would seriously suggest you split the DC and Exchange. Obviously though, that means you will have to buy hardware for another DC.

So I guess we have two options but which way we jump depends on a few things. SO before we get in to the options, can you confirm please;

Which of the two DCs holds the FSMO roles?
Is exchange working on the restored DC? Or are both Ex and AD offline on that server currently?
Do you have any spare equipment we can do shuffle with if needs be?
walidaam

ASKER
it was the win 2008 exchange server before it's failure hold the FSMO .
i have a SMB server but is windows 2008 foundation
d3ath5tar

ok, so ...

'Is exchange working on the restored DC? Or are both Ex and AD offline on that server currently?
Do you have any spare equipment we can do shuffle with if needs be? '
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
walidaam

ASKER
Exchange ar working Fine the problem with domain user authentication only .
what kind of equipment? another server ?
d3ath5tar

ideally yes. another server. That will allow Exchange and the DC functionality to split but maintaining two DCs.

Next question then... since neither DC is syncing with the other, which have you been updating as your primary? If different staff have been updating different servers you are going to lose that current data from which ever server we don't mark as the primary to reload AD from.
walidaam

ASKER
the 2008 server was the primary but since the failure we have no modification  to the 2003 server except change one user password.
i can upgrade the foundation server to stander edition and use it as a backup DC.
but what is the steps you have in mind exactly.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
d3ath5tar

Well we have two options since there are little changes made.

1. Demote the 2003 DC, remove all its DC related data in AD and then either promote it back in

or

2. Demote the 2003 DC, remove all its DC related data in AD and rebuild it as 2008 to match your existing server. This would be the preferred of the two options.

Neither of these options covers splitting your DC/Exchange combo. That would require a lot more work. Out of the two options above, rebuilding the DCs to match would be preferable.
walidaam

ASKER
do you advise to add a third DC first ?
walidaam

ASKER
after we solve the AD problem I'll open a new Question about splitting DC/Exchange to work on it.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
walidaam

ASKER
if any other instruction before Demote the 2003 DC Please let me Know.
d3ath5tar

Worth adding a third DC purely for resiliency while the work is carried out since I don't know if you're previous drive crashed becasue of hardware or software corruption as we haven't discussed that side of things.
walidaam

ASKER
Hardware. It was RAID 5 but after replacing the faulty one the system  volume not recovered.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
d3ath5tar

System Volume not recovered?
walidaam

ASKER
yes the c: drive but i have an old Image file i used it to recover the drive.
d3ath5tar

how old? Depending on age ot could be in the tombstone period.
Your help has saved me hundreds of hours of internet surfing.
fblack61
walidaam

ASKER
11 months
ASKER CERTIFIED SOLUTION
d3ath5tar

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
walidaam

ASKER
Hi
I go for the hard part and i reinstall the 2003 server i have only 4 users need to modify.
but i have a problem with XP client it reject the password and accept it only if the network cable disconnected .

mail and file server working fine now .
please advise.
walidaam

ASKER
THANK YOU I solve the XP PC problem.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.