Unable to add exernal contacts in Exchange 2010 DC error
Hi trying to add an external contact using the exchange 2010 MMC, under contacts, i get to the last page and get the following issue
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:01
Ian Scandrett
Failed
Error:
Active Directory operation failed on WSCDC2.cnet.wsc.nsw.gov.au
Active directory response: 000020E1: SvcErr: DSID-03200674, problem 5002 (UNAVAILABLE), data 0
.
The server is unavailable.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.140).aspx?v=14.2.247.1&t=exchgf1&e=ms.exch.err.Ex872538
Exchange Management Shell command attempted:
New-MailContact -ExternalEmailAddress 'SMTP:ian@justfixit.org.au
Elapsed Time: 00:00:00
Not sure what is going on here, I think there may be some issues going on been noticing some other strange AD issues lately like enabling a disabled account using the AD mmc on my PC dosnt actual go though i have to rdp to one of the DCs and do it
I have two DCs both server 2008 r2, 1 is a VM and 1 is physical
I have two Exchange 2010 servers, both VMs both 2008 r2
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:01
Ian Scandrett
Failed
Error:
Active Directory operation failed on WSCDC2.cnet.wsc.nsw.gov.au
Active directory response: 000020E1: SvcErr: DSID-03200674, problem 5002 (UNAVAILABLE), data 0
.
The server is unavailable.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.140).aspx?v=14.2.247.1&t=exchgf1&e=ms.exch.err.Ex872538
Exchange Management Shell command attempted:
New-MailContact -ExternalEmailAddress 'SMTP:ian@justfixit.org.au
Elapsed Time: 00:00:00
Not sure what is going on here, I think there may be some issues going on been noticing some other strange AD issues lately like enabling a disabled account using the AD mmc on my PC dosnt actual go though i have to rdp to one of the DCs and do it
I have two DCs both server 2008 r2, 1 is a VM and 1 is physical
I have two Exchange 2010 servers, both VMs both 2008 r2
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
DC1 repadmin /syncall /AePdq
and
DC1 repadmin /syncall /aedq
Syncing all NC's held on WSCDC1.
Syncing partition: DC=ForestDnsZones,DC=cnet,DC=wsc,DC= nsw,DC=gov ,DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: DC=DomainDnsZones,DC=cnet,DC=wsc,DC= nsw,DC=gov ,DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: CN=Schema,CN=Configuration,DC=cnet,D C=wsc,DC=n sw,DC=gov, DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: CN=Configuration,DC=cnet,DC=wsc,DC=n sw,DC=gov, DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=gov,DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
and
DC1 repadmin /syncall /aedq
Syncing all NC's held on WSCDC1.
Syncing partition: DC=ForestDnsZones,DC=cnet,DC=wsc,DC= nsw,DC=gov ,DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: DC=DomainDnsZones,DC=cnet,DC=wsc,DC= nsw,DC=gov ,DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: CN=Schema,CN=Configuration,DC=cnet,D C=wsc,DC=n sw,DC=gov, DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: CN=Configuration,DC=cnet,DC=wsc,DC=n sw,DC=gov, DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=gov,DC=au
SyncAll reported the following errors:
Error contacting server CN=NTDS Settings,CN=WSCDC2,CN=Servers,CN=WSC ,CN=Sites, CN
=Configuration,DC=cnet,DC=wsc,DC=nsw ,DC=gov,DC =au (network error): 1722 (0x6ba):
The RPC server is unavailable.
ASKER
DC2 repadmin /syncall /AePdq
and
repadmin /syncall /aedq
DsBindWithCred to WSCDC2 failed with status 1722 (0x6ba):
The RPC server is unavailable.
and
repadmin /syncall /aedq
DsBindWithCred to WSCDC2 failed with status 1722 (0x6ba):
The RPC server is unavailable.
ASKER
Rebooted DC2 and now the errors seem to have gone away, What service do i need to monitor for that???
Also, i tried adding the contact again and now get access denied?
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
firstname surname
Failed
Error:
Active Directory operation failed on WSCDC2.cnet.wsc.nsw.gov.au
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
The user has insufficient access rights.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.140).aspx?v=14.2.247.1&t=exchgf1&e=ms.exch.err.Ex6AE46B
Exchange Management Shell command attempted:
New-MailContact -ExternalEmailAddress 'SMTP:user@email.com-Name 'firstname(External)' -Alias 'alias name' -FirstName 'first' -Initials '' -LastName 'last'
Elapsed Time: 00:00:00
Also, i tried adding the contact again and now get access denied?
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:00
firstname surname
Failed
Error:
Active Directory operation failed on WSCDC2.cnet.wsc.nsw.gov.au
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
The user has insufficient access rights.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.140).aspx?v=14.2.247.1&t=exchgf1&e=ms.exch.err.Ex6AE46B
Exchange Management Shell command attempted:
New-MailContact -ExternalEmailAddress 'SMTP:user@email.com-Name 'firstname(External)' -Alias 'alias name' -FirstName 'first' -Initials '' -LastName 'last'
Elapsed Time: 00:00:00
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
RPC Server is unavailable is being seen simply cause the DC is not reachable.
Were you able to change the Config DC and then re-try with your test?
Regards,
Exchange_Geek
Were you able to change the Config DC and then re-try with your test?
Regards,
Exchange_Geek
ASKER
Please see below results for commands run
DC2:
repadmin /syncall /AePdq
Syncing all NC's held on WSCDC2.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
repadmin /syncall /Aedq
Syncing all NC's held on WSCDC2.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
DC1:
repadmin /syncall /AePdq
Syncing all NC's held on WSCDC1.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
repadmin /syncall /Aedq
Syncing all NC's held on WSCDC1.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
When I go into Adsedit and have a look at the File Replication Service it only shows my two domain controllers, there does not appear to be anything unusual in this section.
DC2:
repadmin /syncall /AePdq
Syncing all NC's held on WSCDC2.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
repadmin /syncall /Aedq
Syncing all NC's held on WSCDC2.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
DC1:
repadmin /syncall /AePdq
Syncing all NC's held on WSCDC1.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
repadmin /syncall /Aedq
Syncing all NC's held on WSCDC1.
Syncing partition: DC=ForestDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: DC=DomainDnsZones,DC=cnet,
SyncAll terminated with no errors.
Syncing partition: CN=Schema,CN=Configuration
SyncAll terminated with no errors.
Syncing partition: CN=Configuration,DC=cnet,D
SyncAll terminated with no errors.
Syncing partition: DC=cnet,DC=wsc,DC=nsw,DC=g
SyncAll terminated with no errors.
When I go into Adsedit and have a look at the File Replication Service it only shows my two domain controllers, there does not appear to be anything unusual in this section.
I'm out of this thread. Good Luck guys.
Regards,
Exchange_Geek
Regards,
Exchange_Geek
At this point, check event logs for any AD errors on the DC's.
Within exchange, I would try simply rebooting the server, allow exchange to get new Kerberos tickets from the domain controllers that now appear to be working 'better'.
Within exchange, I would try simply rebooting the server, allow exchange to get new Kerberos tickets from the domain controllers that now appear to be working 'better'.
ASKER
Hi Exchange_Geek
I changed the domain controller in the Organisation as per your post to the main domain controller and it now works I can create the External Record. I will run the commands and see what I can find on stats and post.
I changed the domain controller in the Organisation as per your post to the main domain controller and it now works I can create the External Record. I will run the commands and see what I can find on stats and post.
ASKER
Thanks I will schedule a reboot tonight of the Exchange server and monitor to see how it goes
Run the following commands from each DC:
repadmin /syncall /AePdq
repadmin /syncall /Aedq
Report any errors.
Launch ADSIEDIT.msc
Under the Default naming context, go to System | File Replication service | Domain System Volume (SYSVOL share) container -
Look at named objects...
DO you see any DC's that do not belong? Do you see anything missing?