we're facing a few problems with our entire dag (3 servers + witness).
1. Server Issue
the most obvious issue is that one of the servers called e-serv1 does not let any users login. it's stuck at please wait for group policy client. remote registry is not started. and when looking at the services remotely it shows alot of services in the hung state of stopping. in safe mode this server does start up and let us login. even a local admin on the server cannot login normally.
2. Health Mailbox inbound proxy probe
the second issue (or symptom) is that our queue is full of inbound proxy probes. when i exported these is showed that the healthmailbox address was invalid. The domain name is valid in our domain and an accepted domain in exchange. i tried deleting the health mailboxes and letting the Health Service recreate them but the issue persists.
3. SMTP issues (Port 25)
The last issue we're having is with smtp port 25 inbound, occasionally we receive inbound mail, but currently all connections to smtp are timing out. when we tried telnetting to port 25 we get a blank page but no replies when entering EHLO or HELO, shortly after the telnet session times out.
4. Exchange Server components
Upon checking each server for inactive components all are set to active. (with the exception of e-serv1 which is inaccessible to remote powershell and most management utilities
there are two DC's setup in this site each is set as the dns for all our servers, ipv6 is NOT disabled. no other servers or clients have issues with group policy and dns.
any help is appreciated.