adminjam
asked on
DC/Exchange 2007 2103 error USN Roll Backup
I have a exchange 2007 sp1 server that is also a DC. I just started at this company and had to reboot the exchange server for patching and after the reboot the net logon service paused with an error 2103 in the DS event log.
I have read that is because of possible snapshot roll back on the server ( and yes it is a VM on VMware ) that has caused the USN values to get miss aligned and that I will have to force demote it from the domain to a member server.
Ok fair enough but what about exchange? Has anyone done this with out migrating exchange to an new server with any success?
I have read that is because of possible snapshot roll back on the server ( and yes it is a VM on VMware ) that has caused the USN values to get miss aligned and that I will have to force demote it from the domain to a member server.
Ok fair enough but what about exchange? Has anyone done this with out migrating exchange to an new server with any success?
If you don't have additional domain controller, I don't think demoting/promoting will work, demoting DC which is also exchange server is not supported but may work for you if you have additional healthy domain controller. Do you have most recent backup? try restoring active directory from backup.
http://technet.microsoft.com/en-us/library/bb727048.aspx
You mentioned snapshot roll back, check if you can revert back to most recent snapshot.
http://technet.microsoft.com/en-us/library/bb727048.aspx
You mentioned snapshot roll back, check if you can revert back to most recent snapshot.
ASKER
Yes I have 3 DC's. 2 other 2003R2 DC's and the one that I am having the problem with. Also the domain and forest level is at 2000 native. And the mail server is not an owner of any FSMO roles.
So it is that easy just turn off exchange and demote ( cleanup meta data ), promote and restart exchange?
Seems too easy....
So it is that easy just turn off exchange and demote ( cleanup meta data ), promote and restart exchange?
Seems too easy....
Since it is production, I wont recommend it without moving exchange to another server.
If you can't move to another server and can afford longer down time, how about this, perform full exchange backup, shutdown the server, remove domain controller by cleaning up meta data, reinstall OS on the server, and reinstall exchange with recoverserver switch and restore mailboxes.
http://msexchangeteam.in/metadata-cleanup-unsuccessful-demotion-of-domain-controller/
http://www.msexchange.org/articles-tutorials/exchange-server-2007/high-availability-recovery/Recovering-Exchange-2007-Server-RecoverServer-switch.html
http://technet.microsoft.com/en-us/library/bb123496(v=exchg.80).aspx
If you can't move to another server and can afford longer down time, how about this, perform full exchange backup, shutdown the server, remove domain controller by cleaning up meta data, reinstall OS on the server, and reinstall exchange with recoverserver switch and restore mailboxes.
http://msexchangeteam.in/metadata-cleanup-unsuccessful-demotion-of-domain-controller/
http://www.msexchange.org/articles-tutorials/exchange-server-2007/high-availability-recovery/Recovering-Exchange-2007-Server-RecoverServer-switch.html
http://technet.microsoft.com/en-us/library/bb123496(v=exchg.80).aspx
ASKER
I think the best option is to migrate to a new exchange server. I have to do a migration to either 2010 or 2013 exchange anyway so this is the perfect time to get that done.
Would you happen to have any links for the migration to a new exchange server?
Would you happen to have any links for the migration to a new exchange server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you are on Exchange 2007 SP1, then the first thing you will have to do is install Exchange 2007 SP3 plus the latest rollup. For speed it might be best to just install a new Exchange 2007 SP3 member server somewhere and move the users across. Exchange 2013 is quite different and its deployment shouldn't be rushed. Plus you must have all clients on Outlook 2007 and higher - if you have anything older then you cannot do the deployment.
Simon.
Simon.
ASKER
I am going to give Joel's solution a try in my lag to see what the results are. I will post my results.
Thanks Simon, moving to a new 2007 server is probably better than rushing the exchange upgrades.
Thanks Simon, moving to a new 2007 server is probably better than rushing the exchange upgrades.
ASKER
Well I have tested a few things:
1) forced removed the exchange server, did the metadata cleanup/dns clenaup and repromoted the server to a DC. It all worked fine except that there was some DC errors in the replication pointing to the old SPN of the exchange server before I readded it.
2) Force removed the server from the domain and just added it back as a member server to the domain and added the server account to the 'exchange servers' and 'exchange install domain servers ' groups. This worked with out a hitch and exchange came back on line with no errors.
So out of the 2 methods #2 is what I want as I do not need that server as a DC. So my question is? Is there anything that I am missing on method 2?
I have seen where people say there are bindings from exchange's perspective if it is installed on a DC but from my testing there seems to be no issues.
Comments?
Thanks,
Jerry
1) forced removed the exchange server, did the metadata cleanup/dns clenaup and repromoted the server to a DC. It all worked fine except that there was some DC errors in the replication pointing to the old SPN of the exchange server before I readded it.
2) Force removed the server from the domain and just added it back as a member server to the domain and added the server account to the 'exchange servers' and 'exchange install domain servers ' groups. This worked with out a hitch and exchange came back on line with no errors.
So out of the 2 methods #2 is what I want as I do not need that server as a DC. So my question is? Is there anything that I am missing on method 2?
I have seen where people say there are bindings from exchange's perspective if it is installed on a DC but from my testing there seems to be no issues.
Comments?
Thanks,
Jerry
If you have removed everything that is DC related then it should be fine. Although personally I don't like leaving repaired machines in production, so if it was my network I would build a replacement Exchange server (as a member server) and migrate all data across. That ensures the server is good and will not cause problems further on.
Simon.
Simon.
ASKER
Just FYI I have done this in production with no issues.
Joel's process worked like a charm.
Thanks for everyone's help!
Jerry
Joel's process worked like a charm.
Thanks for everyone's help!
Jerry
Once that is complete, then you'll re-enable all the services, restart the server as a DC with Exchange and you'll be good to go.