Link to home
Create AccountLog in
Avatar of elsteef
elsteef

asked on

Point Exchange 2010 to a local Domain Controller

Hi All,
I recently moved several servers from our San Diego office to our Las Vegas office.
I left one domain controller and file server in San Diego.
I moved one domain controller and an Exchange 2010 server to Las Vegas.

The Exchange server seems to default to the Domain Controller in San Diego. This is only a problem if there is a hiccup in the VPN. If the Exchange server loses connection with the SD domain controller, even for a second, it takes down my email for about 30 minutes while it reconnects.
I'd like to give the local DC (LV) a higher weight so the Exchange will always try that server first and only switch to the remote (SD) server if it cannot connect.
Both DC's are also  Global Catalog servers.

I'd rather not statically set the GC server in Exchange as this breaks the redundancy of having two DC's.

Thanks,
Steve
ASKER CERTIFIED SOLUTION
Avatar of tigermatt
tigermatt
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Add second domain controller in LasVegas location just for failover and move the FSMO role from SD to DC in LasVegas and let other sites have additional DC with Global Catalog.

This article helps to understand and steps to move roles from another DC to primary DC. https://support.microsoft.com/en-us/kb/255504
I moved several Exchange server from one site to another site. In this case, you need to change Exchange server IP, Subnet mask and DNS. Subnet mask should be mapped to Las Vegas site. Once you change it on Exchange server, goto to cmd and run ipconfig /registerdns

Read this.

http://www.zerohoursleep.com/2010/01/5-things-to-consider-when-changing-the-ip-of-an-exchange-server/

I assume you also change IP address on your moved DC and you also moved that DC to new site. If not, goto sites and services and move the DC to LAS Vegas site.

Note: Sites and Service play important role.
As stated above this is a mis-configuration with Sites and Services in Active Directory. You need to have separate VLAN/Subnets for each Active Directory Site. You will then need to associate the IP scheme of the Las Vegas to the new Site in Active Directory. When you associate this site with a Domain Controller all computers in the same site will use that domain controller as its primary.

You will also need to make sure that DNS is configured properly on all clients in the Las Vegas site as well. Pointing to the DC in the Las Vegas site first then pointing to another DC in a different site (usually most geographically located) for latency purposes. You will also need to change the IP address of the Exchange server to match the IP address scheme that you have in the Las Vegas site, if you have not done so already.

Once you have this in place it will work correctly. It is always better to use n+1 for DC's in a site for redundancy. Exchange will not be able to communicate with other DC's from other sites because it Requires a DC/GC in each Active Directory site.

Will.
Avatar of elsteef
elsteef

ASKER

I awarded Matt the points since he answered first. Also because his answer completely fixed my problem.

I did have one additional problem when trying to move a DC to the new site. It said "access denied". I to uncheck the box to "protect object from accidental deletion". It moved no problem after that.

Thanks everyone that answered.

Steve
Steve,

Thanks - glad you got it sorted. I can endorse the comments regarding DNS which were made subsequently, but it sounds as if you already had DNS worked out.

Add second domain controller in LasVegas location just for failover and move the FSMO role from SD to DC in LasVegas and let other sites have additional DC with Global Catalog.
This claim to move the Operations roles (formerly "FSMO roles") is without premise, and it doesn't really matter where they are situated, as long as they are on some server someplace, you know where that machine is, and (as with all DCs) it is in a physically secure environment. There may be some benefit to having particular roles in one site versus the other, depending upon user loading, but to Exchange it will make no difference.
Avatar of elsteef

ASKER

Yes sir. Already had the DNS and VLAN sorted. I appreciate the feedback.

Steve