Exchange 2010 running on 2012 server does not see new PDC

I have a 2012 server (S1) running exchange 2010. I also had a 2008 PDC (S2) and  2012 DC (S3).  The 2008 PDC failed. I seized FSMO to the 2012 server (S3), but the exchange server (S1) does not see it. It pines for the dead 2008 server (S2).

Exchange server is not a DC. All servers are part of the same domain. The error I get on the exchange server is that an error occurred when trying to check the suitability of server 'S2'. Error 'Active directory response: The LDAP server is unavailable.

Help is needed.  Thanks.
LVL 2
hgj1357Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
Exchange does cache the last DC it connected to. So a few questions.

1) Have you cleaned out the old DC's DNS records?
2) Did you clean up the metadata?
3) Did you remove the failed DC's computer account from active directory (users and computers as well as sites and services?)

And did you flush the DNS cache on the exchange server and reboot it *after* doing all of the above?
hgj1357Author Commented:
I have the exchange server now seeing the DC.  I tried to delete this question, but you were too quick on the draw. (I used default DC and it then saw the old dead PDC and the new DC).

I don't know how to clean out the old DCs DNS records.
I don't know what metadata is
3)  This is important - I think. I have not done this, don't know if I should, and don't know the right steps to do so.
Cliff GaliherCommented:
1) You go through DNS and remove any records referencing the old server.  Active Directory has several DC related zones so this is important, but not complicated.

2) Active Directory stores various details about domain controllers to assist in replication. When a DC is gracefully demoted, it is removed. But when one fails, that metadata can linger. There is a TechNet article on how to remove metadata using ntdsutil.  It is only a few commands. Again, important, but not complicated.

3) Every computer in a domain has an account in ADUC.  Removing the account is as simple as finding it in ADUC and deleting it.  Similarly, sites and services holds information about some servers (including DCs.)  Simply expand the various nodes, find your servers and their references, and delete them.

Fairly standard practice for a failed DC and there are several tutorials on the web. I'd recommend sticking to TechNet if possible and if you have that level of skill though, as following bad advice can be worse than just leaving things alone.  Worst case, hire a consultant familiar with managing AD and have them assist.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
hgj1357Author Commented:
Always good to have solid advice when faced with a tricky situation

Thanks
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.