Solved

Exchange 2010 and AD Issue

Posted on 2013-11-14
6
287 Views
Last Modified: 2013-11-14
Scenario

DC1 - Exchange 2010 /DNS/GC
DC2 - DNS/GC - PDC
DC3 - DNS/GC

I am currently working on demoting DC1 as a domain controller and leaving just for Exchange server.  As a first test I have stopped the ADDS service on DC1 and hoping the exchange to work using the other DCs.

Webmail worked fine but outlook got disconnected and kept on asking for credential. Also active sync stopped working on the mobile devices.

So far Exchange is not pointing to DC1.

Am I missing something here or need to look for more things before I do another test.
What are the other things I should consider.
0
Comment
Question by:itcaptain
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 6

Expert Comment

by:smithandandersen
ID: 39648950
I would imagine all your FSMO roles are on 1st DC
Move to another DC then test
0
 
LVL 1

Author Comment

by:itcaptain
ID: 39648976
No FSMO roles are on DC2 and DC3
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39649143
You absolutely cannot promote or demote a domain controller after exchange has been installed. It does break and there is no way to restore the functionality.
0
Office 365 Training for Admins

Learn how to provision tenants, synchronize on-premise Active Directory, and implement Single Sign-On with these master level course.  Only from Platform Scholar

 
LVL 1

Author Comment

by:itcaptain
ID: 39649190
cgaliher,  

Is the reason that I cannot demote/promote a domain controller due to the fact that AD and Exchange were installed on the same machine?

I have seen tutorials floating around where is was done when the AD and Exchange were on seperate machines.

Thanks
0
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 39649203
Yes, sorry if that was unclear. Demoting a DC that has exchange on it breaks exchange. But so does PROMOTING a machine to a DC if it has exchange. That is a per-machine limitation, not a per-network or per-organization.
0
 
LVL 6

Assisted Solution

by:smithandandersen
smithandandersen earned 250 total points
ID: 39649215
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question