locked
How to add additional domain controller in exchange 2007 RRS feed

  • Question

  • Hi,

    I have two AD servers running DC, DHCP & DNS (Win 2008). Every time server DC - 1 goes down, my exchange server which 2007 running in clustered mode is not able to process mail request (OWA, outlook etc...).

    I have checked both DC's with repadmin and both servers are properly replicating to each other.

    I do understand that I need to add one more entry in my exchange 2007 to add additional DC so that in case DC 1 goes down, DC 2 is able to support all the quires from users.

    I tried nslookup on my exchange and both the dc's are resolved properly.

    Can someone help me what to do and how to ensue that if DC 1 is down, DC 2 should process the requests for my exchange 2007

    Thanks and Regards,

    Apoorv Mehrotra

    Thursday, March 29, 2012 9:04 AM

Answers

  • Please post the latest 2080 events. That will be helpful to identify whether exchange is able to communicate with that domain controller.

    You can point exchange server to communicate only with two domain controllers however this is not recommended step.

     
    • Set-ExchangeServer -Identity mbx server name -StaticConfigDomainController dcname -StaticDomainControllers dcname -StaticGlobalCatalogs gcname

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Friday, March 30, 2012 1:02 PM
  • Hello Apoorv,

    Here is the problem, DC02 does not have the SACL Right

    ===================================

    EventID2080 looks like this when both dc01 & dc02 are running

    Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1492). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dC01.XXXX.XXX.XX    CDG 1 7 7 1 0 1 1 7 1
    dc02.XXXX.XXX.XX    CDG 1 7 7 1 0 0 1 7 1

    ===================================

    Lets open up the Default domain controller policy on server DC02 and navigate to Computer Configuration | Windows Settings | Security Settings | Local Policies | User Rights Assignment | Manage Auditing and Security Log privilege.

    Make sure Exchange Servers group is added here.

    You can also try to run the Setup.com /Preparedomain. It will add the Exchange servers group to Manage Auditing and Security log Privilege

    Run gpedit /force and then opne up RSOP.msc and navigate to same location and see if we have Exchange servers group added to Manage Auditing and Security log Privilege.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 11:20 AM
  • Nopes... RSOP is empty.. the checkbox is unchecked... and there are no entries...

    wait a minute i got this now:-

    Process MSEXCHANGEOWAAPPPOOL.CONFIG" -W "" -M 1 -AP "MSEXCHANGEOWAAPPPOOL (PID=3980). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dc01.xxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1
    dc02.xxxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1

    Will this set the things write if i take down my DC01 DC02 will be able to serve the OWA, mailbox, logon etc requests???


    Apoorv Mehrotra

    Sunday, April 1, 2012 12:07 PM
  • Hurrah....

    Yes now we can see DC02 also has SACL rights.

    Process MSEXCHANGEOWAAPPPOOL.CONFIG" -W "" -M 1 -AP "MSEXCHANGEOWAAPPPOOL (PID=3980). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dc01.xxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1
    dc02.xxxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1

    Yes you are correct. Also you should be able to see DC02 under EMC- Server configuration | Mailbox | Go to mailbox server property and then server settings tab.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 12:13 PM
  • Just run the below command in EMS.

    Set-ExchangeServer -identity servername -staticDomainControllers $NULL -staticGlobalCatalogs $NULL -staticConfigDomainController $NULL


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Monday, April 2, 2012 7:51 AM

All replies

  • Hi

    Are both domain controllers global catalogues? Could you post back with the details of event 2080 from your Exchange server?

    Thursday, March 29, 2012 10:14 AM
  • Hi Steve,

    Thanks for quick reply

    Yes both the DC are GC

    Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1492). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dc01.domain.ae    CDG 1 0 0 1 0 0 0 0 0
    dc02.domain.ae    CDG 1 7 7 1 0 0 1 7 1
     Out-of-site:
    a1.domain.ae    CDG 1 0 0 1 0 0 0 0 0
    A2.domain.ae    CDG 1 0 0 1 0 0 0 0 0

    Thanks and Regards,

    Apoorv Mehrotra


    Apoorv Mehrotra

    Thursday, March 29, 2012 10:27 AM
  • Hi Steve,

    A few more event:- Event ID - 1

    Unhandled Exception "Could not find any available Global Catalog in forest domain.ae."
    Stack Trace:    at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
       at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType)
       at Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String preferredServer, Boolean isWriteOperation, Boolean isNotifyOperation, ADObjectId& rootId)
       at Microsoft.Exchange.Data.Directory.ADSession.GetReadConnection(String preferredServer, ADObjectId& rootId)
       at Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCreator, CreateObjectsDelegate arrayCreator)
       at Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCtor, CreateObjectsDelegate arrayCtor)
       at Microsoft.Exchange.Data.Directory.ADSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties)
       at Microsoft.Exchange.Data.Directory.Recipient.ADRecipientSession.FindBySid(SecurityIdentifier sId)
       at Microsoft.Exchange.Autodiscover.Providers.Outlook.OutlookAutoDiscoverProvider..ctor(RequestData requestData)

    Event ID 2114

    Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1492). Topology discovery failed, error 0x80040a02 (DSC_E_NO_SUITABLE_CDC). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, "Microsoft LDAP Error Codes." Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers.

    These events were generated when i rebooted the DC01 and DC02 was up and running at that time.

    Please suggest me.

    Thanks and Regards,

    Apoorv Mehrotra



    Apoorv Mehrotra

    Thursday, March 29, 2012 10:32 AM
  • Hi Apoorv

    Are you sure you have these the DCs the right way round?  From the event 2080 you posted above Exchange cannot contact DC01 ... or it doesn't believe that DC01 is a GC.

    Steve

    Thursday, March 29, 2012 10:39 AM
  • Hi Steve,

    Well both the DC's are fine. Please do refer my second reply with further events, as these events i am forwarding you were at the time i took down DC 01 and DC02 was perfectly up and running

    Thanks,

    Apoorv


    Apoorv Mehrotra

    Thursday, March 29, 2012 10:43 AM
  • OK, what does event 2080 look like when DC01 is running then?

    Do you get any errors when you run a DC diag?

    Thursday, March 29, 2012 10:49 AM
  • hi,

    further to add to this when i run dcdiag on dc01 this is the errors i get:-

    Performing initial setup:
       Trying to find home server...
       Home Server = dc01
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: xxxxxxxxxxxxxxx\DC01
          Starting test: Connectivity
             ......................... DC01 passed test Connectivity

    Doing primary tests

       Testing server: xxxxxxxxxxxxxxxxx\DC01
          Starting test: Advertising
             ......................... DC01 passed test Advertising
          Starting test: FrsEvent
             There are warning or error events within the last 24 hours after the
             SYSVOL has been shared.  Failing SYSVOL replication problems may cause
             Group Policy problems.
             ......................... DC01 failed test FrsEvent
          Starting test: DFSREvent
             ......................... DC01 passed test DFSREvent
          Starting test: SysVolCheck
             ......................... DC01 passed test SysVolCheck
          Starting test: KccEvent
             An Warning Event occurred.  EventID: 0x80000785
                Time Generated: 03/29/2012   14:45:33
                Event String:
                The attempt to establish a replication link for the following writab
    le directory partition failed.
             An Warning Event occurred.  EventID: 0x80000785
                Time Generated: 03/29/2012   14:45:39
                Event String:
                The attempt to establish a replication link for the following writab
    le directory partition failed.
             ......................... DC01 passed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... DC01 passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... DC01 passed test MachineAccount
          Starting test: NCSecDesc


    Apoorv Mehrotra

    Thursday, March 29, 2012 11:07 AM
  • Hello Steve,

    any suggestions?

    Thanks...


    Apoorv Mehrotra

    Thursday, March 29, 2012 11:51 AM
  • Hi Apoorv

    Apologies for the late response, I am all over the place at the moment.

    Do you have any errors on the domain controllers like 1925: http://technet.microsoft.com/en-us/library/cc778061%28v=ws.10%29.aspx

    There are some troubleshooting steps here that might help you out: http://technet.microsoft.com/en-us/library/cc785014%28v=ws.10%29.aspx

    Also I think something went wrong with the post you sent yesterday as the event 2080 from when DC01 is running has disappeared.

    Cheers, Steve

    Friday, March 30, 2012 12:43 PM
  • Please post the latest 2080 events. That will be helpful to identify whether exchange is able to communicate with that domain controller.

    You can point exchange server to communicate only with two domain controllers however this is not recommended step.

     
    • Set-ExchangeServer -Identity mbx server name -StaticConfigDomainController dcname -StaticDomainControllers dcname -StaticGlobalCatalogs gcname

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Friday, March 30, 2012 1:02 PM
  • Hi Hasnain,

    I do not know where to start, yesterday night the DC01 went down again and my users were not able to check there emails.

    This could be a problem with DNS configuration or exchange configuration.

    Can you assist me, i tried a lot of help form google trying to troubleshoot DCDIAG errors but all in vain. I do not know where to start now.

    I checked in AD domain and trusts and tried to replicate the connections to each other, both of them successfully completed the operations.

    I still do not understand why then when DC01 goes down, DC02 is not able to take up the requests. Can you please tell me which specific event in DC02 you are looking for in case DC01 is down at that time

    Please assist me


    Apoorv Mehrotra

    Sunday, April 1, 2012 7:44 AM
  • Hi Hasnain/steve,

    I want the exchange to dynamically pick either of the domain controllers when one of them is down as you already advised. I checked through

    Get-ExchangeServer -status | fl *controller*,*global* and the result is

    [PS] C:\Windows\system32>Get-ExchangeServer -status |fl *controler*,*global*
    WARNING: An error occurred while accessing the registry of the specified
    server: "ext.xxxx.xxx.xx". The error message: "The network path was not
    found.
    ".
    StaticGlobalCatalogs  : {}
    CurrentGlobalCatalogs : {}

    StaticGlobalCatalogs  : {}
    CurrentGlobalCatalogs : {dc01.xxxx.xxx.xx}

    WARNING: An error occurred while accessing the registry of the specified
    server: "exhc02.xxxx.xxx.xx". The error message: "Requested registry access
    is not allowed.".
    WARNING: An error occurred while accessing the MSExchangeADTopology service on
    the specified server "exhc02.xxxx.xxx.xx". The error message: "Exchange
    Active Directory Topology Service on server exhc02.xxxx.xxx.xx cannot be
    contacted via RPC interface. Error 0x5.".
    StaticGlobalCatalogs  : {}
    CurrentGlobalCatalogs : {}

    StaticGlobalCatalogs  : {}
    CurrentGlobalCatalogs : {dc01.xxxx.xxx.xx}

    This is the output. What i want is when DC01 goes down, my dc02 automatically picks up the request for users. I have the exchange in clustered environment. HUB+CAS on cluster on 2 nodes and then Mailbox on another cluster with 2 nodes

    Can you please suggest how to get both of them in exchange? I do not want to statically to be defined, i want dynamically to be picked by DSaccess service if dc01 is out, dc02 is in and vice versa.

    EventID2080 looks like this when both dc01 & dc02 are running

    Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1492). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dC01.XXXX.XXX.XX    CDG 1 7 7 1 0 1 1 7 1
    dc02.XXXX.XXX.XX    CDG 1 7 7 1 0 0 1 7 1
     Out-of-site:
    a1.XXXX.XXX.XX    CDG 1 0 0 1 0 0 0 0 0
    A02.XXXX.XXX.XX    CDG 1 0 0 1 0 0 0 0 0
    *****************************************************************************************************

    and this is what EventID 2080 looks like while DC01 is down and DC02 is up

    Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1492). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dc01.xxxx.xxx.xx    CDG 1 0 0 1 0 0 0 0 0
    dc02.xxxx.xxx.xx    CDG 1 7 7 1 0 0 1 7 1
     Out-of-site:
    a1.xxxx.xxx.xx    CDG 1 0 0 1 0 0 0 0 0
    A02.xxxx.xxx.xx    CDG 1 0 0 1 0 0 0 0 0
     

    Please assist....

    Thanks again...


    Apoorv Mehrotra

    Sunday, April 1, 2012 10:01 AM
  • Hello Apoorv,

    Here is the problem, DC02 does not have the SACL Right

    ===================================

    EventID2080 looks like this when both dc01 & dc02 are running

    Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1492). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dC01.XXXX.XXX.XX    CDG 1 7 7 1 0 1 1 7 1
    dc02.XXXX.XXX.XX    CDG 1 7 7 1 0 0 1 7 1

    ===================================

    Lets open up the Default domain controller policy on server DC02 and navigate to Computer Configuration | Windows Settings | Security Settings | Local Policies | User Rights Assignment | Manage Auditing and Security Log privilege.

    Make sure Exchange Servers group is added here.

    You can also try to run the Setup.com /Preparedomain. It will add the Exchange servers group to Manage Auditing and Security log Privilege

    Run gpedit /force and then opne up RSOP.msc and navigate to same location and see if we have Exchange servers group added to Manage Auditing and Security log Privilege.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 11:20 AM
  • Hi Hasnai,

    Already modified the Auditing and Security log.

    I also added static entries in nodes (exchange 01&02) for DC & GC and then looked at the topology in eventlog...still the same...

     rsop.msc dosnet gives any output, i mean to say local group policy editor i added the exchange servers group using gpedit.msc, but rsop.msc has no entries applied anywhere as well i cannot add anything in there as it is disabled even though when i am a member of enterprise admins

    Through gpedit.msc

    Through rsop.smc. this is what i see...

    Please help, i think i am on the verge of getting this thing solved through your help...


    Apoorv Mehrotra

    Sunday, April 1, 2012 11:47 AM
  • Hi Hasnai,

    Already modified the Auditing and Security log.

    I also added static entries in nodes (exchange 01&02) for DC & GC and then looked at the topology in eventlog...still the same...

     rsop.msc dosnet gives any output, i mean to say local group policy editor i added the exchange servers group using gpedit.msc, but rsop.msc has no entries applied anywhere as well i cannot add anything in there as it is disabled even though when i am a member of enterprise admins

    Through gpedit.msc

    Through rsop.smc. this is what i see...

    Please help, i think i am on the verge of getting this thing solved through your help...


    Apoorv Mehrotra

    Sunday, April 1, 2012 11:48 AM
  • Hi Hasnai,

    Already modified the Auditing and Security log.

    I also added static entries in nodes (exchange 01&02) for DC & GC and then looked at the topology in eventlog...still the same...

     rsop.msc dosnet gives any output, i mean to say local group policy editor i added the exchange servers group using gpedit.msc, but rsop.msc has no entries applied anywhere as well i cannot add anything in there as it is disabled even though when i am a member of enterprise admins

    Please help, i think i am on the verge of getting this thing solved through your help...

    I tried to paste the screenshots but it is not allowing me...

    Thanks a ton again...


    Apoorv Mehrotra

    Sunday, April 1, 2012 11:48 AM
  • You cannot edit RSOP because its read only.

    You mean to say you don't see the Exchange servers group under Manage auditing and security log when you run RSOP.MSC. This is how it looks in my lab environment. A 2081 event in the Application event log is generated. DSAccess then polls the Active Directory every 15 minutes to identify changes to site structure, domain controller placement, or other structural changes to Active Directory. Make sure we check the event id 2080 after 15 minutes when we modify,


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 12:01 PM
  • Nopes... RSOP is empty.. the checkbox is unchecked... and there are no entries...

    wait a minute i got this now:-

    Process MSEXCHANGEOWAAPPPOOL.CONFIG" -W "" -M 1 -AP "MSEXCHANGEOWAAPPPOOL (PID=3980). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dc01.xxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1
    dc02.xxxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1

    Will this set the things write if i take down my DC01 DC02 will be able to serve the OWA, mailbox, logon etc requests???


    Apoorv Mehrotra

    Sunday, April 1, 2012 12:07 PM
  • Hurrah....

    Yes now we can see DC02 also has SACL rights.

    Process MSEXCHANGEOWAAPPPOOL.CONFIG" -W "" -M 1 -AP "MSEXCHANGEOWAAPPPOOL (PID=3980). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
     (Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
    In-site:
    dc01.xxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1
    dc02.xxxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1

    Yes you are correct. Also you should be able to see DC02 under EMC- Server configuration | Mailbox | Go to mailbox server property and then server settings tab.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 12:13 PM
  • I believe you should be able to see the same in the latest 2080 event id.

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 12:14 PM
  • Yep.. i can see the event in 2080...i will take down my DC in next 1/2 hour..let's see what surprises it has got for me now in the box...

    But thanks a ton for your help buddy!!!!!... i am behind this issue from past 2 weeks, it was just last week i registered with the support forum and i reached at solution now..

    Hopefully this should solve my problem for the time being for dc01 unavailability so that i can concentrate now on DC01 unavailability troubleshooting and let the mails..logons...etc flow right way....

    You the man!!!! thanks a ton once again...


    Apoorv Mehrotra

    Sunday, April 1, 2012 12:18 PM
  • Its my pleasure and you are always welcome. Just make sure when DC01 is down, Event id 2080 shows the same for DC02 as its doing now.

    dc02.xxxx.xxx.xx    CDG 1 7 7 1 0 1 1 7 1


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 12:21 PM
  • Just a qick one, when i take down dc01, how much time it will take dc02 to take over the request. DC01 is having all FSMO Roles. Do i need to manually transfer these roles to DC02 or what is the way out?

    Apoorv Mehrotra

    Sunday, April 1, 2012 12:33 PM
  • It will just take few seconds...There should not be any user impact.

    For how much time you are going to keep your DC01 down. If you think its going to take much time then move the FSMO roles to DC02.

    You can simply move Domain wide fsmo roles to DC02 and keep the forest wide fsmo roles on DC01. that should work for you.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Sunday, April 1, 2012 1:00 PM
  • Hi,

    the testing went successfully. I didn't had to transfer any roles as the testing was only that we reboot the DC01 three times and then stopped the NETLOGON service as well one by one and DC02 was able to support the requests. Thanks a ton man again!

    Just wanted to ask that i added the DC & GC manually in the exchange through the power shell.And i am aware if we add 3'rd DC in the environment, it wont show as we can only add 2 DC & GC (static) however it to be dynamic we have to keep the entry blank and let exchange topology service learn on its own whichever DC & GC is available no matter i have 3 or 30 (DC & GC)

    Can you assist me to how can we do that?

    Thanks again...


    Apoorv Mehrotra

    Monday, April 2, 2012 4:55 AM
  • Just run the below command in EMS.

    Set-ExchangeServer -identity servername -staticDomainControllers $NULL -staticGlobalCatalogs $NULL -staticConfigDomainController $NULL


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Hasnain Shaikh| My blogs: http://messagingserversupport.com

    Monday, April 2, 2012 7:51 AM
  • Hey Buddy,

    Great thanks for the help. Yes i will put execute this command once we decide to go for 3'rd or additional DC's.. But for the time being let it bounce in DC01 & DC02 only...

    Cheers :)

    Thanks again...


    Apoorv Mehrotra

    Tuesday, April 3, 2012 6:11 AM
  • Hi All,

    My current setup is:

    Exchange 2007 CCR (Shared Storage). Approx 2000 Mailbox and the DB size is 1.63 TB (SG - I) and 645 GB (SG - II)

    HUB + CAS -> (NLB x 2 Physical Servers) Clustered (1 Virtual Host) (Sun Blade x6250, 2* Intel x5270 dual core, 16 GB RAM, 300 GB HDD)

    Mailbox x2 physical servers -> Failover Cluster  (1 Virtual Host) using Sun shared storage (2* Six core AMD 8345, 16 GB RAM, 300 GB Internal HDD, mapped shared storage)

    We are planning to migrate to Exchange 2010 with complete new set of H/W & storage.

    I wanted to have suggestions of what design can we propose to client. The client needs high availability (most critical) in all the scenarios and is ready to buy 4 to 8 servers. (No DR Site requirement for now)

    Thanks in advance

    Apoorv Mehrotra

    Monday, June 4, 2012 9:00 AM