Re: Exchange install failed
- From: Tushar Shah <email.tushar@xxxxxxxxx>
- Date: Wed, 25 Jun 2008 07:22:40 -0700 (PDT)
On Jun 25, 2:04 am, Kurt <K...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I got everything out of the AD configuration with ADSI edit and the Exchange
tools, and finally got to a place where it would allow the installation to go
forward. But it errored out again in the CMS part, this time with:
Clustered Mailbox Server
Failed
Error:
Cluster Common Failure Exception: The group or resource is not in the
correct state to perform the requested operation. (Exception from HRESULT:
0x8007139F)
The group or resource is not in the correct state to perform the requested
operation. (Exception from HRESULT: 0x8007139F)
Any ideas?
Kurt
"Kurt" wrote:
I'm with you Scott. In our domain those permissions were taken out so only a
few have the ability to add machines to the domain. I thought the cluster
install would do it in the context of the privileged user I was logged in as,
but it does not. Anyway I have rebuilt the machine and cluster, and am
trying to install Exchange again.
The error I am now getting says the exchange server already exists in this
org. I had removed the computer account, but didn't realize it had gotten
into the org as the first install had failed. How do I remove it? Looks
like I need to do the databases (that also no longer exist), then the storage
groups, and then the server? I am trying things in the Exchange Management
Shell on the CAS but am not there yet. Any advice?
Thanks,
Kurt
"Scott Schnoll [MSFT]" wrote:
There is no requirement to pre-create the account. It is an option, but it
is not required. If you don't pre-create the account (we call this
"staging" BTW), then Setup will create the account for you. This is why the
proper permissions are needed.
The text below refers to both. You need the proper permissions for both
platforms. What we're saying here is that each OS uses a different security
context for the CSA, so keep that in mind when assigning permissions.
By default, each domain account (including computer accounts) has the
ability to create 10 accounts in the domain. It is only after these 10 have
been used that you would need to actually modify permissions.
Hope this helps.
--
Regards,
Scott Schnoll
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no
rights. Please do not send email directly to this alias. This alias is for
newsgroup purposes only.
"Kurt" <K...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:580E23F6-A046-4B31-BE62-38BD167DF928@xxxxxxxxxxxxxxxx
Hi Scott,
Exchange setup will not let me proceed if the account is pre-created in
the
domain anyway... So this is like a catch 22 - The install will not create
the CMS in the domain, and it won't let me pre-crete it either. W
What you posted below seems to pertain mostly to 2003, except the last
sentence at the bottom. Do the things in the 2003 paragraph also pertain
to
2008 clusters? In 2008, the cluster service account is the local system
account, and not a domain account. So do I have to make the local system
account account an admin on both nodes? Is that even possible? Or do I
need
to make the cluster machine account (the cluster name, which is
represented
as a computer account in AD) an admin on both cluster nodes? And how do I
give either of these accounts the ability to create machine accounts in
the
domain - you can't give that to computer objects or local system accounts
from the nodes in group policy. I could add the cluster name computer
account direct to the computers container and give it the rights to create
objects. Is that the way to go?
Thank you,
Kurt
"Scott Schnoll [MSFT]" wrote:
Hi Kurt,
Unless you are performing a delegated setup, you don't need to pre-create
a computer account. In other cases, we state the permissions that are
needed at
http://technet.microsoft.com/en-us/library/bb125149(EXCHG.80).aspx:
"If you are installing SCC on Windows Server 2003, you must use a domain
account for the Cluster service account. All nodes in the cluster must be
members of the same domain, and all nodes in the cluster must use the
same Cluster service account. The Cluster service account must also be a
member of the local administrators group on each node that is capable of
hosting a clustered mailbox server.
The Cluster service account is responsible for creating and maintaining
the computer account identified by and associated with the failover
cluster's Network Name resource when that resource is brought online. To
ensure that the Cluster service account has the appropriate permissions,
see Knowledge Base article 307532, How to troubleshoot the Cluster
service account when it modifies computer objects. Additional information
can be found in Knowledge Base article 251335, Domain Users Cannot Join
Workstation or Server to a Domain.
If you are installing SCC on Windows Server 2008, the Cluster service
will run under the LocalSystem (SYSTEM) account."
Hope this helps.
--
Regards,
Scott Schnoll
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no
rights. Please do not send email directly to this alias. This alias is
for
newsgroup purposes only.
"Kurt" <K...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4E6685B9-7CB3-4D3E-B03E-F9BC6E5B832C@xxxxxxxxxxxxxxxx
Thanks Scott,
Due to other errors I encountered trying an uninstall this morning
before I
got your message I am just going to rebuild, as I am not sure what else
is
wrong beind the scenes and want to make sure all is ok.
I would recommend that MS put into the cluster docs that one needs to
create
the CMS computer account in AD with the right permissions on it for the
cluster service computer account in 2008. This would stop people from
getting the PDC emulator problem in another site, and problems like
mine. It
may not be necessary in all cases, but if people just create it before
hand
it will stop these problems and people won't have to go looking for
technotes, etc.
Thanks,
Kurt- Hide quoted text -
- Show quoted text -
Do you have a DNS A record with the cluster name....if yes try
removnig it and install again, since Exchange tries to create its own
A record by itself.
.
- References:
- Re: Exchange install failed
- From: Scott Schnoll [MSFT]
- Re: Exchange install failed
- From: Kurt
- Re: Exchange install failed
- From: Scott Schnoll [MSFT]
- Re: Exchange install failed
- From: Kurt
- Re: Exchange install failed
- From: Scott Schnoll [MSFT]
- Re: Exchange install failed
- From: Kurt
- Re: Exchange install failed
- From: Scott Schnoll [MSFT]
- Re: Exchange install failed
- From: Kurt
- Re: Exchange install failed
- From: Scott Schnoll [MSFT]
- Re: Exchange install failed
- From: Kurt
- Re: Exchange install failed
- From: Kurt
- Re: Exchange install failed
- Prev by Date: Re: GAL display
- Next by Date: Re: Exchange Setup
- Previous by thread: Re: Exchange install failed
- Next by thread: Re: Distribution group
- Index(es):
Relevant Pages
|
