asked on
Point Exchange 2010 to a local Domain Controller
Hi All,
I recently moved several servers from our San Diego office to our Las Vegas office.
I left one domain controller and file server in San Diego.
I moved one domain controller and an Exchange 2010 server to Las Vegas.
The Exchange server seems to default to the Domain Controller in San Diego. This is only a problem if there is a hiccup in the VPN. If the Exchange server loses connection with the SD domain controller, even for a second, it takes down my email for about 30 minutes while it reconnects.
I'd like to give the local DC (LV) a higher weight so the Exchange will always try that server first and only switch to the remote (SD) server if it cannot connect.
Both DC's are also Global Catalog servers.
I'd rather not statically set the GC server in Exchange as this breaks the redundancy of having two DC's.
Thanks,
Steve
I recently moved several servers from our San Diego office to our Las Vegas office.
I left one domain controller and file server in San Diego.
I moved one domain controller and an Exchange 2010 server to Las Vegas.
The Exchange server seems to default to the Domain Controller in San Diego. This is only a problem if there is a hiccup in the VPN. If the Exchange server loses connection with the SD domain controller, even for a second, it takes down my email for about 30 minutes while it reconnects.
I'd like to give the local DC (LV) a higher weight so the Exchange will always try that server first and only switch to the remote (SD) server if it cannot connect.
Both DC's are also Global Catalog servers.
I'd rather not statically set the GC server in Exchange as this breaks the redundancy of having two DC's.
Thanks,
Steve
ExchangeActive Directory
Last Comment
elsteef
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I moved several Exchange server from one site to another site. In this case, you need to change Exchange server IP, Subnet mask and DNS. Subnet mask should be mapped to Las Vegas site. Once you change it on Exchange server, goto to cmd and run ipconfig /registerdns
Read this.
http://www.zerohoursleep.com/2010/01/5-things-to-consider-when-changing-the-ip-of-an-exchange-server/
I assume you also change IP address on your moved DC and you also moved that DC to new site. If not, goto sites and services and move the DC to LAS Vegas site.
Note: Sites and Service play important role.
Read this.
http://www.zerohoursleep.com/2010/01/5-things-to-consider-when-changing-the-ip-of-an-exchange-server/
I assume you also change IP address on your moved DC and you also moved that DC to new site. If not, goto sites and services and move the DC to LAS Vegas site.
Note: Sites and Service play important role.
As stated above this is a mis-configuration with Sites and Services in Active Directory. You need to have separate VLAN/Subnets for each Active Directory Site. You will then need to associate the IP scheme of the Las Vegas to the new Site in Active Directory. When you associate this site with a Domain Controller all computers in the same site will use that domain controller as its primary.
You will also need to make sure that DNS is configured properly on all clients in the Las Vegas site as well. Pointing to the DC in the Las Vegas site first then pointing to another DC in a different site (usually most geographically located) for latency purposes. You will also need to change the IP address of the Exchange server to match the IP address scheme that you have in the Las Vegas site, if you have not done so already.
Once you have this in place it will work correctly. It is always better to use n+1 for DC's in a site for redundancy. Exchange will not be able to communicate with other DC's from other sites because it Requires a DC/GC in each Active Directory site.
Will.
You will also need to make sure that DNS is configured properly on all clients in the Las Vegas site as well. Pointing to the DC in the Las Vegas site first then pointing to another DC in a different site (usually most geographically located) for latency purposes. You will also need to change the IP address of the Exchange server to match the IP address scheme that you have in the Las Vegas site, if you have not done so already.
Once you have this in place it will work correctly. It is always better to use n+1 for DC's in a site for redundancy. Exchange will not be able to communicate with other DC's from other sites because it Requires a DC/GC in each Active Directory site.
Will.
ASKER
I awarded Matt the points since he answered first. Also because his answer completely fixed my problem.
I did have one additional problem when trying to move a DC to the new site. It said "access denied". I to uncheck the box to "protect object from accidental deletion". It moved no problem after that.
Thanks everyone that answered.
Steve
I did have one additional problem when trying to move a DC to the new site. It said "access denied". I to uncheck the box to "protect object from accidental deletion". It moved no problem after that.
Thanks everyone that answered.
Steve
Steve,
Thanks - glad you got it sorted. I can endorse the comments regarding DNS which were made subsequently, but it sounds as if you already had DNS worked out.
Thanks - glad you got it sorted. I can endorse the comments regarding DNS which were made subsequently, but it sounds as if you already had DNS worked out.
Add second domain controller in LasVegas location just for failover and move the FSMO role from SD to DC in LasVegas and let other sites have additional DC with Global Catalog.This claim to move the Operations roles (formerly "FSMO roles") is without premise, and it doesn't really matter where they are situated, as long as they are on some server someplace, you know where that machine is, and (as with all DCs) it is in a physically secure environment. There may be some benefit to having particular roles in one site versus the other, depending upon user loading, but to Exchange it will make no difference.
ASKER
Yes sir. Already had the DNS and VLAN sorted. I appreciate the feedback.
Steve
Steve
This article helps to understand and steps to move roles from another DC to primary DC. https://support.microsoft.com/en-us/kb/255504