Solved

Exchange routing group not working

Posted on 2013-01-21
9
541 Views
Last Modified: 2013-01-26
I had a working environment with exchange 2003on a 2003 server and exchange 2010 on a 2008 R2 server and a bidirectional routing group in between.
I was in the process of migrating mailboxes from 2003 to 2010, when suddenly one of the mailbox migrations failed with an error message implying insufficient rights. I was investigating as people started complaining about missing inbound mail, and outbound mail stuck in the out-box.
I then found that the CA-service on my certificate server had stopped, and would not start again. (Bad key) Following advice from microsoft forums, I reinstalled CA, and restored the latest backup .  Now both exchange 2003 and 2010 starts without errors, but the routing group connector on the 2003 is stuck with 110 messages. The CA is used for the 2003 only.
Any clues?
0
Comment
Question by:MrWhy
  • 6
  • 2
9 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 300 total points
ID: 38801876
Delete the RGC from Exchange 2010 using remove-routinggroupconnect and recreate would be the first thing I would do. RGCs often fail for no reason.

Were you issusing SSL certificates from that CA? If so, and they are on either server you may have reissue them.

Simon.
0
 

Author Comment

by:MrWhy
ID: 38801899
Ok. One more symptom. When restarting the 2003 i get four errors in application events:
ID 8026: LDAP BINDwas unsuccessful on directory. x.y.y.no for distinguished name ". Directory returned error: (0x51) Server down.

ID 8260: Could not open LDAP Session to directory "x.y.y.no" using server credentials.
Cannot access address list configuration information. Make sure the server 'x.x.x.no' is running.

     (note about that one. x.x.x.no was my old domain controller, whis has been demoted and removed from the domain, then recreated with the same name as my CA, as suggested by microsoft. My new domain controller is v.y.z.no )

Then the same two ID's are repeated, but the information "DC=y,DC=z,DC=no is appended at the end.
0
 

Author Comment

by:MrWhy
ID: 38802009
Yes I issued SSL certificates for the old 2003 for owa. I bought one for the 2010.

I have trouble figuring out the syntax for remove-routinggroupconnect. I tried:

remove-routinggroupconnect -identity "xxx RGC"

I get the error "The operation couldn't be performed because "xxx RGC" matches multiple entries.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38802012
Those errors mean that Exchange cannot connect to the domain controller.
Check that the Exchange 2003 server hasn't been hard coded to a specific domain controller (Properties of the server in ESM) and the DNS settings are correct.

Simon.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:MrWhy
ID: 38802054
In the server properties Under "Directory access" The new domain controller is listed three times, as type Config, dc and gc, if that was what you meant. Otherwise DNS seems correct.
0
 

Author Comment

by:MrWhy
ID: 38802066
Domain controller checked, and working. No errors in the logs.
0
 
LVL 52

Assisted Solution

by:Manpreet SIngh Khatra
Manpreet SIngh Khatra earned 200 total points
ID: 38802401
Are required service running on Exchange 2010 and on Exchange 2003 we need to have SMTP and Routing engine running

DO you see any error or warning events in Exchange 2003 ?
Is the Mail-flow affected both way ?
Hope the remote registry is also started ?

- Rancy
0
 

Assisted Solution

by:MrWhy
MrWhy earned 0 total points
ID: 38802675
Problem solved. This started with time getting out of sync on differen servers due to time drift in internal vmware clock. That caused servers to have momentarily wrong time during startup, causing kerberos to fail, and in turn disrupting various services on different servers. It affected the domain controller, the Certificate server, and both of the exchange servers in various ways, producing all kinds of errors. Mid startup, the servers synced their time to the domain controller, just to make the problem harder to spot.
After correcting that, and syncing time throughout the domain using "net time /set", I restored the CA, and recreated the routing groups like suggested above.
Hey presto. Everything works.

Thanks for the help guys.
0
 

Author Closing Comment

by:MrWhy
ID: 38821825
My comment describes the cause of the problem, and part of the solution not mentioned by the others. Their help were still invaluable.
0

Featured Post

Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now