Solved

Exchange 2010 and AD Issue

Posted on 2013-11-14
6
283 Views
Last Modified: 2013-11-14
Scenario

DC1 - Exchange 2010 /DNS/GC
DC2 - DNS/GC - PDC
DC3 - DNS/GC

I am currently working on demoting DC1 as a domain controller and leaving just for Exchange server.  As a first test I have stopped the ADDS service on DC1 and hoping the exchange to work using the other DCs.

Webmail worked fine but outlook got disconnected and kept on asking for credential. Also active sync stopped working on the mobile devices.

So far Exchange is not pointing to DC1.

Am I missing something here or need to look for more things before I do another test.
What are the other things I should consider.
0
Comment
Question by:itcaptain
  • 2
  • 2
  • 2
6 Comments
 
LVL 6

Expert Comment

by:smithandandersen
ID: 39648950
I would imagine all your FSMO roles are on 1st DC
Move to another DC then test
0
 
LVL 1

Author Comment

by:itcaptain
ID: 39648976
No FSMO roles are on DC2 and DC3
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39649143
You absolutely cannot promote or demote a domain controller after exchange has been installed. It does break and there is no way to restore the functionality.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 1

Author Comment

by:itcaptain
ID: 39649190
cgaliher,  

Is the reason that I cannot demote/promote a domain controller due to the fact that AD and Exchange were installed on the same machine?

I have seen tutorials floating around where is was done when the AD and Exchange were on seperate machines.

Thanks
0
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 39649203
Yes, sorry if that was unclear. Demoting a DC that has exchange on it breaks exchange. But so does PROMOTING a machine to a DC if it has exchange. That is a per-machine limitation, not a per-network or per-organization.
0
 
LVL 6

Assisted Solution

by:smithandandersen
smithandandersen earned 250 total points
ID: 39649215
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question