none
Exchange AD topology service cannot find DC's RRS feed

  • Question

  • We're running Exchange 2007 SP2. One of our alerts is saying that Exchmbx1.kam.com - "Exchange AD Topology service cannot find DC's". I believe this is the service that works with DSAccess to provide AD info that is crucial to Exchange?

    I'm not sure if this is a false alert or genuine! I've gone into Exchange Management Console > Exchmbx1 > Properties > System Settings

    I can see that there are a bunch of DC's listed in "Domain Controllers being used by Exchange" and also in "Global Catalog servers being used by Exchange".

    I had some questions on this I was hoping someone could help me out on

    1. Why are there two seperate boxes for DC's and GC's? I thought Exchange used GC's only?

    2. I thought Exchange DSAccess only used one GC at a time?

    3. Is there a Powershell command to find out which DC's/GC's Exchange is using?

    4. How can I find out if there really is an error with one of those DC's/ GC's? I can ping them fine, but what should I be looking out for in Exchange to find out if there is some problem with it's AD connectivity?

    Thursday, January 20, 2011 9:01 PM

Answers

  • On Thu, 20 Jan 2011 21:01:28 +0000, Sheen1990 wrote:
     
    >We're running Exchange 2007 SP2. One of our alerts is saying that Exchmbx1.kam.com - "Exchange AD Topology service cannot find DC's". I believe this is the service that works with DSAccess to provide AD info that is crucial to Exchange?
    >
    >I'm not sure if this is a false alert or genuine! I've gone into Exchange Management Console > Exchmbx1 > Properties > System Settings
     
    Alerts from where (or what)?
     
    >I can see that there are a bunch of DC's listed in "Domain Controllers being used by Exchange" and also in "Global Catalog servers being used by Exchange".
     
    Do you see event ids 2080 in your application log?
     
    Event Type: Information
    Event Source: MSExchange ADAccess
    Event Category: Topology
    Event ID: 2080
    Date: 1/20/2011
    Time: 8:18:33 PM
    User: N/A
    Computer: SRVR005
    Description:
    Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1340). Exchange Active
    Directory Provider has discovered the following servers with the
    following characteristics:
    (Server name | Roles | Enabled | Reachability | Synchronized | GC
    capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dc1.XXXX.com CDG 1 7 7 1 0 1 1 7 1
    DC2.XXXX.com CDG 1 7 7 1 0 1 1 7 1
    Out-of-site:
     
     
     
    If you don't see any, use set-eventlogginglevel to set the "MSExchange
    ADAccess\Topology" category to "Low".
     
     
    >I had some questions on this I was hoping someone could help me out on
    >
    >1. Why are there two seperate boxes for DC's and GC's? I thought Exchange used GC's only?
     
    A GC, unless it's in its own domain, only has a subset of properties
    to work with. Exchange needs a DC to get the others.
     
    >2. I thought Exchange DSAccess only used one GC at a time?
     
    You're looking at the set of GCs that Exchange has discovered and can
    use. Exchange uses 1 GC until the number of outstanding LDAP queries
    surpasses a threshold and then it starts using another GC.
     
    >3. Is there a Powershell command to find out which DC's/GC's Exchange is using?
     
    Any of them can be used. The only "one" that's used is the
    configuration DC.
     
    >4. How can I find out if there really is an error with one of those DC's/ GC's? I can ping them fine, but what should I be looking out for in Exchange to find out if there is some problem with it's AD connectivity?
     
    "Ping" isn't LDAP. Ping just tests connectivity. If, for example, the
    netlogon service is having a problem, ping will work just fine but no
    authentication would be performed.
     
    Use dcdiag and netdiag to see if there are problems with the DC. You
    can use LDP.exe to connect to the DC on port389 and the GC using 3268.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Marked as answer by Sheen1990 Friday, January 21, 2011 7:39 PM
    Friday, January 21, 2011 3:46 AM