All servers logging 2501, 2604 and 2601 errors: Process MSEXCHANGEADTOPOLOGY (PID=1532) does anyone know how to resolve this ?
-
Wednesday, April 07, 2010 6:53 AM
Hi, I am constantly getting these errors logged on all my exchange servers. (1x UM 1 x MBX and 1 x HUB/CAS) any ideas how to resolve ??
<event ID 2501>
Process MSEXCHANGEADTOPOLOGY (PID=1532). The site monitor API was unable to verify the site name for this Exchange computer - Call=DsctxGetContext Error code=8007077f. Make sure that Exchange server is correctly registered on the DNS server.
<event ID 2604>
Process MSEXCHANGEADTOPOLOGY (PID=1532). When updating security for a remote procedure call (RPC) access for the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the security descriptor for Exchange server object EXCMBX001 - Error code=8007077f.
The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.<event ID 2601>
Process MSEXCHANGEADTOPOLOGY (PID=1532). When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account <WKGUID=1A9E39D35ABE5747B979FFC0C6E5EA26,CN=Microsoft Exchange,CN=Services,CN=Configuration,...> - Error code=8007077f.
The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.
Answers
-
Wednesday, April 07, 2010 7:02 AM
Thank You for Your Post here
NOTE: DSAccess will perform a complete new topology redetection every 15 minutes. This ensures that Exchange always has a fresh list of AD server roles. DSAccess maintains a list of external site DCs and GCs. If all available DCs or GCs are down in the local site then DSAccess will resort to using the external servers.
Event ID 2501
Make sure that Exchange server is correctly registered on the DNS server. For more information about how to troubleshoot DNS issues, see DNS Troubleshooting.
If you have defined multiple sites, make sure that you have created an IP subnet for each site. To configure an IP subnet, do the following:
-
Start Active Directory® Sites and Services on a local domain controller.
-
In the left pane, right-click Subnets, and then click New Subnet.
-
Specify the appropriate configuration information for the new subnet. Make sure that you associate the new subnet with the appropriate site name.
For more information about how to configure Active Directory sites, see Creating an Active Directory Site for Exchange Server.
Event ID 2604
I suggest Running ExBPA
You can copy the results here or Email me at fazal2@hotmail.com With teh Subject of Email as
"All servers logging 2501, 2604 and 2601 errors: Process MSEXCHANGEADTOPOLOGY (PID=1532) does anyone know how to resolve this "
EventID 2601
Make sure that you can connect to an available domain controller from the Exchange server. For example, use the Ping or PathPing command-line tools to test basic connectivity. Use Ping to isolate network hardware problems and incompatible configurations. Use PathPing to detect packet loss over multiple-hop trips. For more information, see Microsoft Knowledge Base article 325487, How to troubleshoot network connectivity problems.
Make sure that the domain controller to which the Exchange server is connecting is registered correctly on the DNS server. For more information, see DNS Troubleshooting.
Use the Dcdiag command line tool to test domain controller health. To do this, run dcdiag /s:<Domain Controller Name> at a command prompt on the Exchange Server. Use the output of Dcdiag to discover the root cause of any failures or warnings that it reports. For more information, see Dcdiag Overview at the Microsoft Windows Server TechCenter.
Looking Forward to your Reply
Regards
Fazal M Khan
- Marked As Answer by Gregory Horn Thursday, April 08, 2010 10:29 AM
-
Thursday, April 08, 2010 10:02 AM Changing the DNS settings on each DNS server to have only their own IP Address resolved the issue.
- Marked As Answer by Gregory Horn Thursday, April 08, 2010 10:02 AM
All Replies
-
Wednesday, April 07, 2010 7:02 AM
Thank You for Your Post here
NOTE: DSAccess will perform a complete new topology redetection every 15 minutes. This ensures that Exchange always has a fresh list of AD server roles. DSAccess maintains a list of external site DCs and GCs. If all available DCs or GCs are down in the local site then DSAccess will resort to using the external servers.
Event ID 2501
Make sure that Exchange server is correctly registered on the DNS server. For more information about how to troubleshoot DNS issues, see DNS Troubleshooting.
If you have defined multiple sites, make sure that you have created an IP subnet for each site. To configure an IP subnet, do the following:
-
Start Active Directory® Sites and Services on a local domain controller.
-
In the left pane, right-click Subnets, and then click New Subnet.
-
Specify the appropriate configuration information for the new subnet. Make sure that you associate the new subnet with the appropriate site name.
For more information about how to configure Active Directory sites, see Creating an Active Directory Site for Exchange Server.
Event ID 2604
I suggest Running ExBPA
You can copy the results here or Email me at fazal2@hotmail.com With teh Subject of Email as
"All servers logging 2501, 2604 and 2601 errors: Process MSEXCHANGEADTOPOLOGY (PID=1532) does anyone know how to resolve this "
EventID 2601
Make sure that you can connect to an available domain controller from the Exchange server. For example, use the Ping or PathPing command-line tools to test basic connectivity. Use Ping to isolate network hardware problems and incompatible configurations. Use PathPing to detect packet loss over multiple-hop trips. For more information, see Microsoft Knowledge Base article 325487, How to troubleshoot network connectivity problems.
Make sure that the domain controller to which the Exchange server is connecting is registered correctly on the DNS server. For more information, see DNS Troubleshooting.
Use the Dcdiag command line tool to test domain controller health. To do this, run dcdiag /s:<Domain Controller Name> at a command prompt on the Exchange Server. Use the output of Dcdiag to discover the root cause of any failures or warnings that it reports. For more information, see Dcdiag Overview at the Microsoft Windows Server TechCenter.
Looking Forward to your Reply
Regards
Fazal M Khan
- Marked As Answer by Gregory Horn Thursday, April 08, 2010 10:29 AM
-
Wednesday, April 07, 2010 7:04 AM
I think There is a Problem with the thread
let me Copy My Reply Again
Thank You for Your Post here
NOTE: DSAccess will perform a complete new topology redetection every 15 minutes. This ensures that Exchange always has a fresh list of AD server roles. DSAccess maintains a list of external site DCs and GCs. If all available DCs or GCs are down in the local site then DSAccess will resort to using the external servers.
Event ID 2501
Make sure that Exchange server is correctly registered on the DNS server. For more information about how to troubleshoot DNS issues, see DNS Troubleshooting.
If you have defined multiple sites, make sure that you have created an IP subnet for each site. To configure an IP subnet, do the following:
-
Start Active Directory® Sites and Services on a local domain controller.
-
In the left pane, right-click Subnets, and then click New Subnet.
-
Specify the appropriate configuration information for the new subnet. Make sure that you associate the new subnet with the appropriate site name.
For more information about how to configure Active Directory sites, see Creating an Active Directory Site for Exchange Server.
Event ID 2604
I suggest Running ExBPA
You can copy the results here or Email me at fazal2@hotmail.com With teh Subject of Email as
"All servers logging 2501, 2604 and 2601 errors: Process MSEXCHANGEADTOPOLOGY (PID=1532) does anyone know how to resolve this "
EventID 2601
Make sure that you can connect to an available domain controller from the Exchange server. For example, use the Ping or PathPing command-line tools to test basic connectivity. Use Ping to isolate network hardware problems and incompatible configurations. Use PathPing to detect packet loss over multiple-hop trips. For more information, see Microsoft Knowledge Base article 325487, How to troubleshoot network connectivity problems.
Make sure that the domain controller to which the Exchange server is connecting is registered correctly on the DNS server. For more information, see DNS Troubleshooting.
Use the Dcdiag command line tool to test domain controller health. To do this, run dcdiag /s:<Domain Controller Name> at a command prompt on the Exchange Server. Use the output of Dcdiag to discover the root cause of any failures or warnings that it reports. For more information, see Dcdiag Overview at the Microsoft Windows Server TechCenter.
Looking Forward to your Reply
Regards
Fazal M Khan
-
Wednesday, April 07, 2010 7:52 AM
Thanks for you reply Fazal,
I have done all the DNS troubleshooting and i have no issues with DNS
I do not have multiple sites
ExBPA reports no problems.
DCdiag does however report some errors connecting to DC 1. See below
Doing primary tests
Testing server: Default-First-Site-Name\ADC001
Starting test: FrsEventThe event log File Replication Service on server
ADC001.MYAD.local could not be queried, error 0x6ba
"The RPC server is unavailable."
......................... ADC001 failed test FrsEvent
Starting test: KccEvent
The event log Directory Service on server ADC001.MYAD.local could
not be queried, error 0x6ba "The RPC server is unavailable."
......................... ADC001 failed test KccEvent
Starting test: SystemLogThe event log System on server ADC001.MYAD.local could not be
queried, error 0x6ba "The RPC server is unavailable."
......................... ADC001 failed test SystemLog
- Edited by Gregory Horn Wednesday, April 07, 2010 7:55 AM Too long
-
Wednesday, April 07, 2010 8:06 AMI have now resolved the DCdiag errors in the above post. Will monitor the logs and see if the issue is resolved.
-
Wednesday, April 07, 2010 8:09 AMI am still getting the errors :( any other suggestions ?
-
Wednesday, April 07, 2010 8:13 AM
Thank You for your Post
1)Please check if on each DC the sysvol and netlogon share exist and that you can access them, also post an unedited ipconfig /all from the DCs and make sure no firewall is blocking traffic between the DCs.
2)Please refer to the article below to check your Firewall settings.
Active Directory Replication over Firewalls
http://technet.microsoft.com/en-us/library/bb727063.aspxIf this DC in remote site please review your network settings and please verify if you’re using network teaming in any DC if you are using it please disable this.
Regards
Fazal M Khan
- Proposed As Answer by Fazal Muhammad Khan_ Wednesday, April 07, 2010 8:13 AM
- Unproposed As Answer by Gregory Horn Thursday, April 08, 2010 10:03 AM
-
Wednesday, April 07, 2010 8:27 AMThanks as i mentioned DCdiag is now clean, I have also since added all my local subnets to the default site and the errors are still happening.
-
Wednesday, April 07, 2010 9:09 AMOK further testing has revealed that i have an issue with DNS, wonder how i missed that before.
will work on it and let you know. -
Wednesday, April 07, 2010 9:18 AM
Thank You for your Feedback.
No worries. The good part is that you have found the Solution to the problem.
Waiting for your Feedback.
Regards
Fazal M Khan
-
Thursday, April 08, 2010 10:02 AM Changing the DNS settings on each DNS server to have only their own IP Address resolved the issue.
- Marked As Answer by Gregory Horn Thursday, April 08, 2010 10:02 AM
-
Thursday, April 08, 2010 10:18 AM
Glad to know that your Issue has been Resolved :)
Kindly mark the post as Answered and it was a Pleasure Assisting you on this thread.
Regards
Fazal M Khan
- Proposed As Answer by Fazal Muhammad Khan_ Thursday, April 08, 2010 10:18 AM
- Proposed As Answer by Fazal Muhammad Khan_ Thursday, April 08, 2010 10:18 AM
-
Friday, April 09, 2010 11:23 AMI'm having the same issue on my exchange servers. I've removed the secondary DNS on both of my DNS servers so each server has only their own IP as their DNS server. Did you have to restart Exchange for this to take effect or did it just stop giving you the errors?
-
Friday, April 09, 2010 11:36 AMYou need to restart the toplogy Service Ryan
Fazal Muhammad Khan | MCT, MCSE, MCSA, MCTS | Infrastructure Consultant, Technology Services | CDC Pakistan Ltd. | https://fazalmkhan.spaces.live.com | OFFICE: +92 21 111 111 500 Ext: 1402 | +5 GMT -
Friday, April 09, 2010 1:11 PMI restarted the problem exchange server node itself and still get the error every 15 minutes. The second node has never had this issue. It's so weird. Did you have to restart the DNS servers too?
-
Friday, April 09, 2010 1:31 PM
I found this article that tells how to make the AD topology service dependant on the netlogon service. Others have had the same issue and this seems to have helped them. I'm giving this a try.
http://support.microsoft.com/kb/940845/en-us#LetMeFixItMyselfAlways
-
Friday, April 09, 2010 3:44 PM
Do tell us the outcome so that it can help others too
Fazal Muhammad Khan | MCT, MCSE, MCSA, MCTS | Infrastructure Consultant, Technology Services | CDC Pakistan Ltd. | https://fazalmkhan.spaces.live.com | OFFICE: +92 21 111 111 500 Ext: 1402 | +5 GMT -
Friday, April 09, 2010 6:02 PM
That article did not fix the issue, nor did changing the DNS server information and restarting the Exchange server.
Any other ideas?
-
Friday, April 09, 2010 10:18 PMPlease run DCDIAG /s:yourdcnamehere /e /test:dns from your exchange server and post your results
-
Tuesday, April 13, 2010 4:22 PM
I am seeing errors, we have 10 DC's spread around the US. Currently 8 of them our outside our main building. The 8 all have these same errors. Do I need to add all these records manually?
Running enterprise tests on : DOMAIN.LOCAL
Starting test: DNS Test results for domain controllers: DC: FRE-DC.DOMAIN.LOCAL Domain: DOMAIN.LOCAL TEST: Records registration (RReg) Network Adapter [00000007] Broadcom NetXtreme Gigabit Ethernet: Warning: Missing CNAME record at DNS server 192.168.16.2: 677a0b57-0316-4ce6-beaa-5a99babc9ec2._msdcs.DOMAIN.LOCAL Warning: Missing A record at DNS server 192.168.16.2: FRE-DC.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _ldap._tcp.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _ldap._tcp.56f10bbc-394e-448b-aa64-eb3d372a46b9.domains._msdcs.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _kerberos._tcp.dc._msdcs.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _ldap._tcp.dc._msdcs.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _kerberos._tcp.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _kerberos._udp.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _kpasswd._tcp.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _ldap._tcp.CITY._sites.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _kerberos._tcp.CITY._sites.dc._msdcs.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _ldap._tcp.CITY._sites.dc._msdcs.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _kerberos._tcp.CITY._sites.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _ldap._tcp.gc._msdcs.DOMAIN.LOCAL Warning: Missing A record at DNS server 192.168.16.2: gc._msdcs.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _gc._tcp.CITY._sites.DOMAIN.LOCAL Error: Missing SRV record at DNS server 192.168.16.2: _ldap._tcp.CITY._sites.gc._msdcs.DOMAIN.LOCAL Error: Record registrations cannot be found for all the network adapters -
Tuesday, April 13, 2010 4:34 PMI went and checked out the majority of those records and they are in fact in all the DC's the way they should be. I don't understand why this would be reporting as an error on the dcdiag.
-
Tuesday, April 13, 2010 7:18 PM
Alright, i sorted out all the other issues above. All the other servers had themselves in their own DNS twice. Once as their IP and then as a 127.0.0.1. After removing the 127, the command yielded this last thing to be resolved:
Running enterprise tests on : DOMAIN.LOCAL
Starting test: DNS
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 198.32.64.12 (l.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12
DNS server: 2001:500:1::803f:235 (h.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:1::803f:235
DNS server: 2001:500:2f::f (f.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:2f::f
DNS server: 2001:500:3::42 (l.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:3::42
DNS server: 2001:503:ba3e::2:30 (a.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:503:ba3e::2:30
DNS server: 2001:503:c27::2:30 (j.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:503:c27::2:30
DNS server: 2001:7fd::1 (k.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:7fd::1
DNS server: 2001:dc3::35 (m.root-servers.net.)
1 test failure on this DNS server
PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:dc3::35
......................... DOMAIN.LOCAL passed test DNS -
Sunday, January 16, 2011 7:15 AM
Hi All,
We are also facing similar issue with our Exchange 2010 sp1 setup we tried all most all issues
1.Checked the DNS entry on AD
2.resrated the AD topology services
3.Delayed the start up of Exchange services..
The error starts to appear after we installed the First mail box role on the server
still we are struck with this issue...
Regards,
Ashok VS
-
Monday, January 24, 2011 9:05 AM
Same problem here on fresh installs, 2008 r2 sp1 and exchange 2010 sp1... just noticed the errors, found this discussion, and adding myself in. Beginning the diagnostic process, now.
Thanks.
-
Monday, January 24, 2011 9:13 AMWoah, feel like I may have wasted a reply or two here... problem resolved on my end, Windows Firewall was on. Adjusted to satisfaction. Thanks all! G'nite/day.
-
Thursday, January 12, 2012 3:53 PM
Okay, I am having same issue.
1) I see interesting notes above about "remove all dns server entries" from each DC, except the entry for "the DC itself."
I have to ask - WHEN did that become necessary and/or is that 'normal?' I have never know that to be an issue in the past.
Seems like you even could add 'different' DNS severs on the DC - i.e. my DC may be 192.168.1.3 (and it's also a DNS server), and 2 other DNS are 1.4 and 1.5.
So, prior to [whenever] - not sure - but at some prior point, we never had to list ONLY the "local DC itself as the only DNS server on DC's NIC."
Is this a best practice? I guess it does make sense, if you think, for example, "I am 192.168.1.3 - and I [AM] a DNS server" - then I should not need alternate/other DNS servers listed, right?
As always, thanks for any enlightenment.
tnjman
.png){kind=spacer}
