Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 337
  • Last Modified:

DC/Exchange 2007 2103 error USN Roll Backup

I have a exchange 2007 sp1 server that is also a DC.  I just started at this company and had to reboot the exchange server for patching and after the reboot the net logon service paused with an error 2103 in the DS event log.  

I have read that is because of possible snapshot roll back on the server ( and yes it is a VM on VMware ) that has caused the USN values to get miss aligned and that I will have to force demote it from the domain to a member server.  

Ok fair enough but what about exchange?  Has anyone done this with out migrating exchange to an new server with any success?
0
adminjam
Asked:
adminjam
  • 5
  • 3
  • 2
  • +1
1 Solution
 
jrhelgesonCommented:
Shut down and disable all exchange services, then do the demote/promote.
Once that is complete, then you'll re-enable all the services, restart the server as a DC with Exchange and you'll be good to go.
0
 
achaldaveCommented:
If you don't have additional domain controller, I don't think demoting/promoting will work, demoting DC which is also exchange server is not supported but may work for you if you have additional healthy domain controller. Do you have most recent backup? try restoring active directory from backup.

http://technet.microsoft.com/en-us/library/bb727048.aspx

You mentioned snapshot roll back, check if you can revert back to most recent snapshot.
0
 
adminjamAuthor Commented:
Yes I have 3 DC's.  2 other 2003R2 DC's  and the one that I am having the problem with.  Also the domain and forest level is at 2000 native.  And the mail server is not an owner of any FSMO roles.

So it is that easy just turn off exchange and demote ( cleanup meta data ), promote and restart exchange?

 Seems too easy....
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
achaldaveCommented:
Since it is production, I wont recommend it without moving exchange to another server.

If you can't move to another server and can afford longer down time, how about this, perform full exchange backup, shutdown the server, remove domain controller by cleaning up meta data, reinstall OS on the server, and reinstall exchange with recoverserver switch and restore mailboxes.

http://msexchangeteam.in/metadata-cleanup-unsuccessful-demotion-of-domain-controller/

http://www.msexchange.org/articles-tutorials/exchange-server-2007/high-availability-recovery/Recovering-Exchange-2007-Server-RecoverServer-switch.html

http://technet.microsoft.com/en-us/library/bb123496(v=exchg.80).aspx
0
 
adminjamAuthor Commented:
I think the best option is to migrate to a new exchange server.  I have to do a migration to either 2010 or 2013 exchange anyway so this is the perfect time to get that done.

Would you happen to have any links for the migration to a new exchange server?
0
 
jrhelgesonCommented:
So it is that easy just turn off exchange and demote ( cleanup meta data ), promote and restart exchange?

Yes, it is that easy. I've done it before.

Joel
0
 
Simon Butler (Sembee)ConsultantCommented:
If you are on Exchange 2007 SP1, then the first thing you will have to do is install Exchange 2007 SP3 plus the latest rollup. For speed it might be best to just install a new Exchange 2007 SP3 member server somewhere and move the users across. Exchange 2013 is quite different and its deployment shouldn't be rushed. Plus you must have all clients on Outlook 2007 and higher - if you have anything older then you cannot do the deployment.

Simon.
0
 
adminjamAuthor Commented:
I am going to give Joel's solution a try in my lag to see what the results are.  I will post my results.

Thanks Simon,  moving to a new 2007 server is probably better than rushing the exchange upgrades.
0
 
adminjamAuthor Commented:
Well I have tested a few things:

1) forced removed the exchange server, did the metadata cleanup/dns clenaup and repromoted the server to a DC.  It all worked fine except that there was some DC errors in the replication pointing to the old SPN of the exchange server before I readded it.  

2) Force removed the server from the domain and just added it back as a member server to the domain and added the server account to the 'exchange servers' and 'exchange install domain servers ' groups.  This worked with out a hitch and exchange came back on line with no errors.  

So out of the 2 methods #2 is what I want as I do not need that server as a DC.  So my question is?  Is there anything that I am missing on method 2?  

I have seen where people say there are bindings from exchange's perspective if it is installed on a DC but from my testing there seems to be no issues.  

Comments?

Thanks,
Jerry
0
 
Simon Butler (Sembee)ConsultantCommented:
If you have removed everything that is DC related then it should be fine. Although personally I don't like leaving repaired machines in production, so if it was my network I would build a replacement Exchange server (as a member server) and migrate all data across. That ensures the server is good and will not cause problems further on.

Simon.
0
 
adminjamAuthor Commented:
Just FYI I have done this in production with no issues.  

Joel's process worked like a charm.

Thanks for everyone's help!

Jerry
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now