Solved

Exchange 2013 Witness Server

Posted on 2014-02-27
11
605 Views
Last Modified: 2014-03-23
Hi Experts,

Can I use Server 2008 R2 as witness server of my Exchange 2013? BTW, my Exchange Servers are running on Server 2012 platform. When I try to setup the witness server to Server 2008 it always prompt this error. (see attached file)

exchange 2013 error on witness server
Thanks,
0
Comment
Question by:junyap
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39893820
Did you prestage the computer account ( CNO) first ?

steps here : http://technet.microsoft.com/en-us/library/dd351172(v=exchg.150).aspx

- after prestaging CNO object should be disabled ? is it disabled ?

- if yes, the first node adding to the DAG should have appropriate permissionso n CNO object,

  system account should have full permissionso on CNO object,

- paste the complete permissions of CNO object.


http://exchangeserverpro.com/installing-an-exchange-server-2013-database-availability-group/
0
 
LVL 5

Expert Comment

by:Arjun Vyavahare
ID: 39893856
What is version of domain controller ? Windows 2008 or Windows 2012?

If your domain controller is Windows 2008 then request you to refer below Technet article this will help you to resolve your issue:
http://social.technet.microsoft.com/Forums/exchange/en-US/f690af17-31f6-4abf-a6fa-d46fc655ad68/exchange-2013-dag-creation-issue?forum=exchangesvravailabilityandisasterrecovery

Regards,
Arjun
0
 
LVL 1

Author Comment

by:junyap
ID: 39893983
Hi Mojahid,

Yes, I already performed that. Actually I ave successfully configured my DAG but my witness server is Server 2012. I am trying to switch the witness server to my domain controller which is Server 2008 R2.

Thanks,
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 1

Author Comment

by:junyap
ID: 39893986
Hi Arjun,

My server is Windows Server 2008 R2.

Thanks,
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39893999
A witness server is a voter that is external to the DAG that participates in quorum by adding a tie-breaking voter to DAGs that have an even number of members.

You do not need a dedicated server for the FSWs(file share Witness) and typically it is recommended to use a hub transport server in the primary data center. This is usually a safe thing to do as the Exchange team also manages the hub transport servers and the Exchange Trusted Subsytem will already be a member of the local administrators group and have the necessary permissions to create the file share.


The requirements for the witness server are as follows:
The witness server can't be a member of the DAG.
The witness server must be in the same Active Directory forest as the DAG.
The witness server must be running Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003 R2, or Windows Server 2003.
A single server can serve as a witness for multiple DAGs. However, each DAG requires its own witness directory.
Please refer  below  for more details:

http://technet.microsoft.com/en-us/library/dd298065.aspx

http://social.technet.microsoft.com/Forums/exchange/en-US/521789ef-69cc-47a4-83d3-fb21331f4908/what-is-witness-server-used-for
0
 
LVL 1

Author Comment

by:junyap
ID: 39894012
Hi Mojahid,

I have only two Exchange Server on 2013 versions both contains mixed roles. My only problem is that I can used any Server 2012 servers as witness server but when I switch to Server 2008 R2 error occurred.

Thanks,
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 39894037
You have to create new DAG only.


Witness Server must have the Exchange Trusted Subsystem (ETS) group added to the local administrators group.  If this is a Domain Controller, it needs to be added to Domain\Administrators.  This is why you might want to not pick a domain controller.  This gives the ETS administrative rights to the entire domain, not just that server.  Granted ETS has crazy rights already, but putting the ETS in the Administrators group for the domain might make your security folks nervous.

Read this articles for more

http://jerridwills.com/2013/02/04/creating-a-two-node-exchange-2013-dag/
0
 
LVL 1

Author Comment

by:junyap
ID: 39894123
I already added the ETS on administrators, but still error occurred.

Thanks,
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39895662
"I am trying to switch the witness server to my domain controller which is Server 2008 R2."

That isn't a recommended configuration.
Do you not have a member server that you can use?

Simon.
0
 
LVL 1

Accepted Solution

by:
junyap earned 0 total points
ID: 39938921
As my solution, I created new Server with Server 2012 OS and promote it as my witness server.
0
 
LVL 1

Author Closing Comment

by:junyap
ID: 39948395
Resolve by my self
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question