RE: Help Replication problem
From: Numpty (Numpty_at_discussions.microsoft.com)
Date: 01/21/05
- Next message: Numpty: "RE: AD and DNS issues?"
- Previous message: Numpty: "GPOs at Site level"
- In reply to: Nguyen: "Help Replication problem"
- Next in thread: Nguyen: "RE: Help Replication problem"
- Reply: Nguyen: "RE: Help Replication problem"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 20 Jan 2005 20:23:01 -0800
The Exchange server does not need to be a Domain Controller to function. It
does however need to be able to talk to a Global Catalog Server. Turn on the
Global catalog on the Primary Server (Hosts all FSMO roles) and demote the
exchange server with dcpromo.
The mailboxes will be linked to the Active Directory users as it writes
Attributes to the User object. The mailbox will remain active in the Exchange
Mailbox store.
If for any reason a mailbox was created and the association with the user
account has been lost because the change has not replicated, then you will
have to "Reconnect the mailbox." You can do this by right clicking on the
mailbox in Exchange System Manager. Go to google and type "Reconnect Exchange
Mailbox" to find kb articles on how to do this.
Below I have detailed some steps to diagnose the problems with your Active
Directory replication. I'd suggest strongly that you do this after business
hours and plan to work late. It might even pay to have someone else with you
to bounce ideas off and to doublecheck things.
To work out why you are having replication issues, prior to promoting the
Exchange server to a Domain controller again, test all of the following areas
(in this order) from your FSMO Master Domain Controller:
- IP Connectivity (can you ping the IP Address, not the server name)
- Routing (if you run Tracert %ExchangeServerName% what is between the DC
and the Exchange box, there may be a firewall or dodgy router that needs
fixing)
- Network Diagnostics (If you run Netdiag is everything flagging as OK?)
- Forward Name resolution (Run nslookup
%exchangeservername%.%domainname%.com and ensure the IP Address is the actual
IP Address of the exchange server)
- Reverse Lookup (Run nslookup %ExchangeServerIPAddress% and ensure the IP
Address resolves back to the exchange server name)
- Domain Controller DNS Records (Run the DNS/Nslookup tests listed above
with the domain controllers hostname in its place, the problem may not be the
DNS entry for your Exchange box, it may be the domain controllers entry)
- SRV Records (are all of the required DNS SRV records listed in active
directory, if not, ask why, it may be that the Active Directory records in
DNS were never created correctly)
- Domain Controller Diagnostics (Run dcdiag.exe on the Domain Controller,
there may be some problem with active directory or the Domain Controller may
have issues)
- Bring up a completely different machine (MAKE SURE THIS "SERVER" is stable
and can handle the job for a day or so) as a server and promote it to a DC.
Ensure everything on this DC is working fine by running DCDIAG and creating a
user called "TEST123" on the original DC and ensuring that the user is then
replicated to the temporary Domain Controller
- If this works OK then transfer all the FSMO roles (one by one) to the
temporary domain controller (and make it a Global Catalog server), ensure all
works correctly, demote the original DC, reboot and check it is ok, then run
DCPROMO again and make it a DC...leave it for a while and make sure it is
stable then move all the FSMO roles back to it and demote the temporary
server.
- If all of the above is successful, then you can start thinking about
adding the DC role to your Exchange server again.
Ask yourself if you need two domain controllers, is it to load balance your
logins or is it for redundancy? If it is redundancy, get a reliable desktop
and a UPS, put it in another physical part of the building or even a remote
site if you want to. This wouldn't be a bad idea (even if you do need 2
domain controllers) simply for very fast recovery in the event of a failure /
catastrophe. In Active Directory Sites and Services, create a new site and
assign a different subnet to the site that will be used for redundancy...
ie. If your Network ID is 192.168.1.0 then you want to set up your "Remote
Site" as 192.168.100.0 (to allow for growth in your network)
Add a secondary network card to your FSMO Master Domain Controller and
assign it an IP Address in the 192.168.100.0 range so it has a foot in both
camps.
This will give you a domain controller that will receive all replicated
items, additions and deletions, but it will not take any logons so the
machine will just tick over.
Hope this helps,
Numpty
MCP - XP, 2000 Pro, 2000 Server, Active Directory
- Next message: Numpty: "RE: AD and DNS issues?"
- Previous message: Numpty: "GPOs at Site level"
- In reply to: Nguyen: "Help Replication problem"
- Next in thread: Nguyen: "RE: Help Replication problem"
- Reply: Nguyen: "RE: Help Replication problem"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
