Link to home
Create AccountLog in
Avatar of nac_
nac_Flag for United States of America

asked on

Exchange 2007 will not connect to Win 2008R2 Domin Controller

I have (2) 2003 DCs, now I've added (2) 2008R2 DCs. Exchange will only use the old 2003 domain controllers/catalog servers. I have tried excluding and turning off one of the old servers and Exchange will not use any of the 2008R2 servers. I fear that after demoting the old 2003 DCs my exchange server will fail.

Is this normal behavior, am I missing something?
All DCs have GC role. Exchange 2007 is on a standalone 2003 server.
Avatar of Amit
Amit
Flag of India image

I guess firewall is not enabled on 2008. Secondly, you are able to ping the new DC from Exchange. Can you restart AD topology services in your Exchange server and check again.

Also make sure 2008 dc is in same site.
Avatar of nac_

ASKER

Ok, the firewall is on, but no connectivity issues, pings fine. Restarted the topology services here is the info. All servers are in the same site/subnet.

(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
2008r2a      CDG 1 7 7 1 0 0 1 7 1
2003a      CDG 1 7 7 1 0 1 1 7 1
2003b      CDG 0 0 0 1 0 0 0 0 0
2008r2b      CDG 1 7 7 1 0 0 1 7 1
 Out-of-site:
2008r2c      CDG 1 7 7 1 0 0 1 7 1

Only 2003a server will show up in Exchange, 2003b is excluded right now.
Ok, goto to cmd and type set l and check which dc it is pointing currently, also are you using AD integrated dns, if so, can you add this new dc also in dns section under nic setting.
Event id 2080 shows that Exchange is recognizing all of them, what is that you are reading/checking that shows Exchange is looking purely at 2003 DC.

Regards,
Exchange_Geek
ASKER CERTIFIED SOLUTION
Avatar of Manpreet SIngh Khatra
Manpreet SIngh Khatra
Flag of India image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of nac_

ASKER

set l shows:
LOGONSERVER=\\2003b
Yes on AD DNS, I will add the IP shortly

This is from "Get-ExchangeServer servername -status | FL"
StaticDomainControllers           : {}
StaticGlobalCatalogs              : {}
StaticConfigDomainController      :
StaticExcludedDomainControllers   : {2003b}
CurrentDomainControllers          : {2003a}
CurrentGlobalCatalogs             : {2003a}
CurrentConfigDomainController     : 2003a
nac_: You have the answer why Exchange is only understanding 2003a ..... simple cause it cant find SACL rights on the other DC's.

- Rancy
Avatar of nac_

ASKER

Thanks Rancy, we posted at the same time. My GPO was not applied to the new DCs and "manage auditing and security log" was not set correctly.
Yup saw the time match :) and good to be able to assist and have a tough one with top Experts "Exchange_Geek and Amit" :)

- Rancy