Soft Transfer of Exchange 2010 and AD 2008 to Cloud

Statistics :
AD 1, 2 in Primary Site
172.16.10.1,2
Exch MBX 172.16.10.3
Exch CAS 172.16.10.4 (Public IP Nat)

AD 3 in Cloud Site
AD3 with 10.16.12.5
Exch MBX 10.16.12.4
Exch MBX 10.16.12.2

Exchange 2010sp1 deployed in Both sites
All are Windows 2008r2

Steps to move to Cloud site

First DAG is created and used for replicating Database from primary to cloud site.
Moved all FSMO roles from Primary to Cloud site DC
All System Mailboxes are moved properly to DR site Exchange MBX
All OAB, PF, moved to Cloud Site
All Uninstalled CAS and MBX properly from Primary site in smooth way
Demoted DC's in Primary site in smooth way
All roles got transferred to Cloud site.

After moving we restarted all AD, Exchange MBX, Exchange CAS sequentially and i am getting owa error. But outlook anywhere is working fine except OWA.

 Outlook Web App didn't initialize. If the problem continues, please contact your helpdesk.
Active Directory server is not available. Error message: Active directory response: The LDAP server returned an unknown error.

Exception
Exception type: Microsoft.Exchange.Clients.Owa.Core.OwaInvalidConfigurationException
Exception message: Active Directory server is not available. Error message: Active directory response: The LDAP server returned an unknown error.

Call stack
Microsoft.Exchange.Clients.Owa.Core.OwaConfigurationManager.CreateAndLoadConfigurationManager() Microsoft.Exchange.Clients.Owa.Core.OwaSettingsLoader.Load() Microsoft.Exchange.Clients.Owa.Core.OwaApplicationBase.ExecuteApplicationStart(Object sender, EventArgs e)
Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADTransientException
Exception message: Active Directory server is not available. Error message: Active directory response: The LDAP server returned an unknown error.

Call stack
Microsoft.Exchange.Data.Directory.PooledLdapConnection.BindWithRetry(Int32 maxRetries) Microsoft.Exchange.Data.Directory.LdapConnectionPool.CreateOneTimeConnection(NetworkCredential networkCredential, ADServerInfo serverInfo) Microsoft.Exchange.Data.Directory.TopologyProvider.PopulateDomainNamingContexts() Microsoft.Exchange.Data.Directory.ADSession.GetRootDomainNamingContext() Microsoft.Exchange.Data.Directory.ADObject.ValidateSingleADObjectLinkValue(ADPropertyDefinition propertyDefinition, ADObjectId value, List`1 errors) Microsoft.Exchange.Data.Directory.ADObject.ValidateRead(List`1 errors) Microsoft.Exchange.Data.ConfigurableObject.ValidateRead() Microsoft.Exchange.Data.Directory.ADSession.ObjectsFromEntries(SearchResultEntryCollection entries, String originatingServerName, IEnumerable`1 properties, ADRawEntry dummyInstance, CreateObjectDelegate objectCtor, CreateObjectsDelegate arrayCtor) Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCreator, CreateObjectsDelegate arrayCreator, Boolean includeDeletedObjects) Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCtor, CreateObjectsDelegate arrayCtor) Microsoft.Exchange.Data.Directory.ADSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties) Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetRootOrgContainerId(String fqdn, NetworkCredential credential) Microsoft.Exchange.Clients.Owa.Core.Utilities.CreateADSystemConfigurationSessionScopedToFirstOrg(Boolean readOnly, ConsistencyMode consistencyMode) Microsoft.Exchange.Clients.Owa.Core.OwaConfigurationManager.InitializeConfigurationManager() Microsoft.Exchange.Clients.Owa.Core.OwaConfigurationManager.CreateAndLoadConfigurationManager()
Inner Exception
Exception type: System.DirectoryServices.Protocols.LdapException
Exception message: The LDAP server returned an unknown error.

Call stack
System.DirectoryServices.Protocols.LdapConnection.Connect() System.DirectoryServices.Protocols.LdapConnection.BindHelper(NetworkCredential newCredential, Boolean needSetCredential) Microsoft.Exchange.Data.Directory.PooledLdapConnection.BindWithRetry(Int32 maxRetries)
LVL 13
Ganesh Kumar ASr Infrastructure SpecialistAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Amit KumarCommented:
1. Check which DNS server is pointing to all CAS servers. It should Cloud site DC's dns ip.
2. See event viewer if there are error for AD topology and OWA service.
3. try restarting MSExchangeADtopology service and monitor event viewer.
AmitIT ArchitectCommented:
You are running SP1, which is no more support service pack for Exchange 2010. First, you need to upgrade to SP3 with latest RU. Steps are here:
http://www.experts-exchange.com/articles/10389/Steps-for-Upgrading-Exchange-2010-SP1-or-SP2-to-SP3-with-Latest-Rollup.html

Next what do you mean by cloud? Is this a Azure or any other private cloud?
Ganesh Kumar ASr Infrastructure SpecialistAuthor Commented:
Sorry for the delayed response, i solved it myself.

1) After transition the domain controller and servers were not talking each other as CA is not found. I installed CA and imported the Certificate for both CAS and MBX server.

2) Already all the event logs and errors were cleared. But still it was not accepting, but after an hour everything started working without any issues.

3) DNS is clean and it was pointed to the new CAS server properly. But for every restart the issue seems pop up but the item no. 1 solved all the issue.

4) There was NTP issue, which was also fixed and finally all works fine.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ganesh Kumar ASr Infrastructure SpecialistAuthor Commented:
The solution provided is overall and not specific.

There is no trust between domain and computers as CA was not there and after creating Root CA and configuring the client CA cert the issue solved.

NTP is fixed by myself.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.