Link to home
Create AccountLog in
Avatar of CCMITServices
CCMITServices

asked on

Exchange 2007 Installation Error - Cannot Find Global Catalog

I have a fresh setup of Windows 2008 Server R2 on 3 virtual servers (using Amazon Web Services) and am running into issues installing Exchange 2007.

During Exch 2k7 installation I receive the error that "Setup encountered a problem while validating the state of Active Directory: Could not find any available Global Catalog in forest xxx.xxx.com."

This entire environment is brand new with a fictional domain that was created about a week ago.  It is a simple setup with a single forest.

I originally received this error when running 2 servers (a GC and the Exch server) and have since created another server to be a second GC but the Exch installation still throws up that error.  The GC's are both running DNS and both servers show up as GC's in AD Sites & Services.  The Exch server is logging in to the domain administrator account so it can see the GC's.  I have run the command "ServerManagerCmd -I RSAT-ADDS" as several online forums suggested to do so.

At this point I'm not sure what I'm missing.  I'm familiar with the older versions of everything (Server 2003, Exchange 2003) so if you reference newer functions and checks please be specific.

Thanks in advance.
Avatar of Manpreet SIngh Khatra
Manpreet SIngh Khatra
Flag of India image

After you upgraded the DC to GC was is restarted ? Its necessay
Which server holds the FSMO roles and is this Single domain environment ?

- Rancy
Avatar of CCMITServices
CCMITServices

ASKER

Everything has been restarted.  It is a single domain environment and all 5 FSMO roles are assigned to the original server on which I created the domain (first one to run dcpromo after installing the AD DS role).
Is it a GC as well ? run the below command
nltest /dsgetgc

- Rancy
The Exchange server is not a GC.  Both of the other servers are.

Here is the output from that command when run from the Exch server:

PS C:\Users\administrator.BULLDOG6> nltest /dsgetdc:bulldog6.bushwood.com
           DC: \\AMAZONA-OIJ6EBK.bulldog6.bushwood.com
      Address: \\10.0.0.23
     Dom Guid: 4928ae62-4a9e-4bf5-846b-35b3ea5e5b69
     Dom Name: bulldog6.bushwood.com
  Forest Name: bulldog6.bushwood.com
 Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
        Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WS
The command completed successfully

The IP address 10.0.0.23 is the address of the newly created 3rd server which is just running domain services (is a GC).
First check if any firewall issue persist. Use Port Query GUI tool to check the necessary ports. Download from here
http://www.microsoft.com/en-us/download/details.aspx?id=24009

Next make sure GC is in the same AD site, as Exchange 2007 server. Also note GC server should be windows 2003 SP1 or above.

Finally, check if these VM's are setup correctly to communicate with each other and time sync is working properly.
All 3 servers were created and added to the same subnet within the Amazon Web Services Virtual Private Cloud (VPC).  That VPC has a security group policy applied to it in general (subnet to/from Internet) but there is no ACL applied within the subnet so all servers can communicate with each other.  I downloaded the Port Query tool but I'm not sure which ports to check to confirm this.

In AD Site & Services the 2 GC's show up but the Exch server does not as it is just a member server.  There is just 1 site, Default-First-Site-Name, and it contains the 2 GC's.  Do I need to do something to add it to the Site?

Lastly the 3 VM's all show the same time, down to the second.

I just made a change to the network settings of each server and staticly applied the IP addresses (they were previously DHCP reservations) and have removed all dns suffixes added by Amazon Web Services.  Now the primary dns suffixes are bulldog6.bushwood.com and bushwood.com, followed by us-east-1.ec2-utilities.amazonaws.com which automatically comes back following a reboot.  It apparently made no difference as I still receive the "Cannot find at least one global catalog server" error.
DHCP IP's are not supported for DC or Exchange server. I better suggest you to rebuild the environment again with Static IP address, both for DC and Exchange.
So switching them now after setting up the AD domain services is too late?
SOLUTION
Avatar of Amit
Amit
Flag of India image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Thank you.   Will set up new with static IP's and report back.
Still no dice.  Deleted all old VM's and created 2 new ones, AD server and EXCH server.  Set static IP's, installed the AD DS role on AD server, created the bulldog6.bushwood.com domain, ran "ServerManagerCmd -i RSAT-ADDS" on the EXCH server, multiple reboots along the way, and still getting the error.
Oddly enough I was able to run the "setup /PrepareSchema" and "setup /PrepareAD" commands successfully from the Exchange server.  How is it I'm able to complete those steps yet during the setup GUI it tells me that it can't find a global catalog?  Is there a conflict with Windows Server 2008 R2 and Exchange 2007?
Try with the DomainController switch specifying a specific DC to run the command again using command prompt

- Rancy
Rancy, what is the syntax of that command?  So far I've been using the Exchange setup GUI.
/DomainController:<FQDN of domain controller>

How to Modify an Exchange Installation
http://technet.microsoft.com/en-us/library/bb124273%28v=EXCHG.80%29.aspx

Setup.com /mode:<setup mode> /roles:<server roles to install> [-OrganizationName:<name for the new Exchange organization>] [/TargetDir:<target directory>] [/SourceDir:<source directory>] [/UpdatesDir:<directory from which to install updates>] [/DomainController:<domain controller>] [/AnswerFile:<filename>] [/DoNotStartTransport] [/EnableLegacyOutlook] [/LegacyRoutingServer] [/EnableErrorReporting] [/NoSelfSignedCertificates] [/AdamLdapPort] [/AdamSslPort] [.AddUmLanguagePack:<UM language pack name] [/RemoveUmLanguagePack:<UM language pack name>] [/?]

- Rancy
I ran the command "setup.com /mode:Install /roles:M,H,C,U /domaincontroller:amazona-38t0q1g.bulldog6.bushwood.com" but the same error popped up, "Cannot find at least one global catalog server running Windows Server 2003 Service Pack 1 or later in the local Active Directory site."
What is the service pack level on your current DC.
Windows Server 2008 R2 Datacenter, SP 1, same as the Exch server.
So your saying the DC is Windows 2008 SP1 .... humm

Any other DC that you can upgrade to GC ?

- Rancy
Before blowing all VM's away and starting over I had 2 DC's, both operating as GC's but still had no success.  I can create another VM and add it as a GC but will have to do that this evening.  I will report back.
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
I wasn't able to resolve this issue and have been pulled into another project so I have divided the points between the 2 users that provided assistance.  If I am able to return to this task and get it fixed I will try to post the solution.