Exchange Server

Scott McDonald · Guest

We have 2 domain controllers and one of them went down this weekend (hardware problem) and our exchange server followed it a few hours later. My understanding is this is the exact reason why you'd want 2 domain controllers, so exchange (and others) wouldn't freak out when one domain controller goes down for whatever reason. Why would this happen? How could I prevent this in the future? By the way, the 2nd domain controller was found to be on a bad APC/UPS a few months ago and as a result was shutting off frequently, exchange never had a problem with that one going down (it's the secondary though, no master roles but does have a copy of GC, the one from this weekend had all master roles and both do DNS).

Any info on this would be appreciated. Thanks

--
Scott

ptwilliams · Guest

The roles don't really have much bearing on this (the PDCe does for legacy clients, but I'll not go into that). The important thing to understand here is that there are two critical aspects: DNS and Global Catalog. The latter is pointless without the former being available to locate it.

All of your DNS clients should point to at least two (internal, authorative) DNS servers. You should also have a minimum of two GCs (and at least one per site). In a single domain environment, or small forest, it is a good idea to have all DCs as GCs.

I'm no exchange expert by any means, so I'll leave the exchange side of this to the exchange guru's. I'll just say this: Exchange relies on the GCs. There's a Directory Service tab in the properties that shows which GCs it knows of and will use.

Does your Exchange box point to two DNS servers, and is it listing more than on GC in the directory services tab?

Are the DNS servers both up-to-date with the applicable SRV records?

--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

"Scott McDonald" <Sdgmcdon@yahoo.com> wrote in message news:uD%23HqijAFHA.4044@TK2MSFTNGP10.phx.gbl...
We have 2 domain controllers and one of them went down this weekend (hardware problem) and our exchange server followed it a few hours later. My understanding is this is the exact reason why you'd want 2 domain controllers, so exchange (and others) wouldn't freak out when one domain controller goes down for whatever reason. Why would this happen? How could I prevent this in the future? By the way, the 2nd domain controller was found to be on a bad APC/UPS a few months ago and as a result was shutting off frequently, exchange never had a problem with that one going down (it's the secondary though, no master roles but does have a copy of GC, the one from this weekend had all master roles and both do DNS).

Any info on this would be appreciated. Thanks

--
Scott

Allen Firouz · Guest

Hi Scott:

Withuot having more information, the first cause that pops into my head is
that there may have been replication issues between the two DC's. As I have
mentioned many times, the hardest thing for Admins to do is to know when
replication is broken. It requires stated vigilence and monitoring
(REPADMIN, NETDIAG and DCDIAG if you have no 3rd party software or MOM
monitoring AD). As a rule, if replication is occuring between DC's and there
is a GC available, Exchange will function until the down DC is brought back
online. Parse through your logs and see if there are any replication issues
and run netdiag (netdiag.exe /tests:replications) or REPADMIN (REPADMIN.exe
/replsummery) and look for failed replications. If these are correct, then
repost and let's take it from there.

-Allen Firouz

"Scott McDonald" wrote:

Scott McDonald · Guest

I found the exchange server itself was using DNS from the DC that went down and a linux DNS server...I think this is why it happened, I updated that to also point to the other DC for DNS as well and the linux DNS as a 3rd DNS server.

In the directory access tab (you said services, but I think it's access in 2003?), it shows both DC's for domain controllers and global catalogs, and one DC as a configuration DC, so I think it's okay there.

Thanks!

--
Scott
"ptwilliams" <ptw2001@hotmail.com> wrote in message news:uvVcsGkAFHA.936@TK2MSFTNGP12.phx.gbl...
The roles don't really have much bearing on this (the PDCe does for legacy clients, but I'll not go into that). The important thing to understand here is that there are two critical aspects: DNS and Global Catalog. The latter is pointless without the former being available to locate it.

All of your DNS clients should point to at least two (internal, authorative) DNS servers. You should also have a minimum of two GCs (and at least one per site). In a single domain environment, or small forest, it is a good idea to have all DCs as GCs.

I'm no exchange expert by any means, so I'll leave the exchange side of this to the exchange guru's. I'll just say this: Exchange relies on the GCs. There's a Directory Service tab in the properties that shows which GCs it knows of and will use.

Does your Exchange box point to two DNS servers, and is it listing more than on GC in the directory services tab?

Are the DNS servers both up-to-date with the applicable SRV records?

--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

"Scott McDonald" <Sdgmcdon@yahoo.com> wrote in message news:uD%23HqijAFHA.4044@TK2MSFTNGP10.phx.gbl...
We have 2 domain controllers and one of them went down this weekend (hardware problem) and our exchange server followed it a few hours later. My understanding is this is the exact reason why you'd want 2 domain controllers, so exchange (and others) wouldn't freak out when one domain controller goes down for whatever reason. Why would this happen? How could I prevent this in the future? By the way, the 2nd domain controller was found to be on a bad APC/UPS a few months ago and as a result was shutting off frequently, exchange never had a problem with that one going down (it's the secondary though, no master roles but does have a copy of GC, the one from this weekend had all master roles and both do DNS).

Any info on this would be appreciated. Thanks

--
Scott

Scott McDonald · Guest

replication doesn't seem to be an issue, but I will be sure to run the usual
tools to verify this. Thanks

--
Scott
"Allen Firouz" <AllenFirouz@discussions.microsoft.com> wrote in message
news:69E27961-D503-49CB-B4CD-8568C46004E3@microsoft.com...

ptwilliams · Guest

Glad to have helped!!!

However...

If the Linux box isn't authorative for the namespace that maps to the domain-name then you shouldn't be pointing to it at all. What is it's purpose? If it's used for external name resolution, you should consider using forwarders and/ or a proxy server.

--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

"Scott McDonald" <Sdgmcdon@yahoo.com> wrote in message news:eeImrckAFHA.3820@TK2MSFTNGP11.phx.gbl...
I found the exchange server itself was using DNS from the DC that went down and a linux DNS server...I think this is why it happened, I updated that to also point to the other DC for DNS as well and the linux DNS as a 3rd DNS server.

In the directory access tab (you said services, but I think it's access in 2003?), it shows both DC's for domain controllers and global catalogs, and one DC as a configuration DC, so I think it's okay there.

Thanks!

--
Scott
"ptwilliams" <ptw2001@hotmail.com> wrote in message news:uvVcsGkAFHA.936@TK2MSFTNGP12.phx.gbl...
The roles don't really have much bearing on this (the PDCe does for legacy clients, but I'll not go into that). The important thing to understand here is that there are two critical aspects: DNS and Global Catalog. The latter is pointless without the former being available to locate it.

All of your DNS clients should point to at least two (internal, authorative) DNS servers. You should also have a minimum of two GCs (and at least one per site). In a single domain environment, or small forest, it is a good idea to have all DCs as GCs.

I'm no exchange expert by any means, so I'll leave the exchange side of this to the exchange guru's. I'll just say this: Exchange relies on the GCs. There's a Directory Service tab in the properties that shows which GCs it knows of and will use.

Does your Exchange box point to two DNS servers, and is it listing more than on GC in the directory services tab?

Are the DNS servers both up-to-date with the applicable SRV records?

--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

"Scott McDonald" <Sdgmcdon@yahoo.com> wrote in message news:uD%23HqijAFHA.4044@TK2MSFTNGP10.phx.gbl...
We have 2 domain controllers and one of them went down this weekend (hardware problem) and our exchange server followed it a few hours later. My understanding is this is the exact reason why you'd want 2 domain controllers, so exchange (and others) wouldn't freak out when one domain controller goes down for whatever reason. Why would this happen? How could I prevent this in the future? By the way, the 2nd domain controller was found to be on a bad APC/UPS a few months ago and as a result was shutting off frequently, exchange never had a problem with that one going down (it's the secondary though, no master roles but does have a copy of GC, the one from this weekend had all master roles and both do DNS).

Any info on this would be appreciated. Thanks

--
Scott

Scott McDonald · Guest

we have all linux apache web servers at our co-location, this DNS box provides non-dynamic DNS for those servers (as well as a secondary linux DNS box actually at the co-lo). Our internal Windows DNS servers do not know about those sites without that DNS and they do forward to it, but it doesn't like to send updates back, hence we use it as DNS as well to hit those sites. Our DNS servers have zones for those web domains as a few are company domains that utilize domain names like exchange.company.com or vpn.company.com externally/internally that the linux DNS server also do not know about...

Essentially getting the Windows and Linux folks to stay in tune with each other around here is next to impossible, so we improvise...

--
Scott
"ptwilliams" <ptw2001@hotmail.com> wrote in message news:uprn6qkAFHA.3592@TK2MSFTNGP11.phx.gbl...
Glad to have helped!!!

However...

If the Linux box isn't authorative for the namespace that maps to the domain-name then you shouldn't be pointing to it at all. What is it's purpose? If it's used for external name resolution, you should consider using forwarders and/ or a proxy server.

--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

"Scott McDonald" <Sdgmcdon@yahoo.com> wrote in message news:eeImrckAFHA.3820@TK2MSFTNGP11.phx.gbl...
I found the exchange server itself was using DNS from the DC that went down and a linux DNS server...I think this is why it happened, I updated that to also point to the other DC for DNS as well and the linux DNS as a 3rd DNS server.

In the directory access tab (you said services, but I think it's access in 2003?), it shows both DC's for domain controllers and global catalogs, and one DC as a configuration DC, so I think it's okay there.

Thanks!

--
Scott
"ptwilliams" <ptw2001@hotmail.com> wrote in message news:uvVcsGkAFHA.936@TK2MSFTNGP12.phx.gbl...
The roles don't really have much bearing on this (the PDCe does for legacy clients, but I'll not go into that). The important thing to understand here is that there are two critical aspects: DNS and Global Catalog. The latter is pointless without the former being available to locate it.

All of your DNS clients should point to at least two (internal, authorative) DNS servers. You should also have a minimum of two GCs (and at least one per site). In a single domain environment, or small forest, it is a good idea to have all DCs as GCs.

I'm no exchange expert by any means, so I'll leave the exchange side of this to the exchange guru's. I'll just say this: Exchange relies on the GCs. There's a Directory Service tab in the properties that shows which GCs it knows of and will use.

Does your Exchange box point to two DNS servers, and is it listing more than on GC in the directory services tab?

Are the DNS servers both up-to-date with the applicable SRV records?

--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

"Scott McDonald" <Sdgmcdon@yahoo.com> wrote in message news:uD%23HqijAFHA.4044@TK2MSFTNGP10.phx.gbl...
We have 2 domain controllers and one of them went down this weekend (hardware problem) and our exchange server followed it a few hours later. My understanding is this is the exact reason why you'd want 2 domain controllers, so exchange (and others) wouldn't freak out when one domain controller goes down for whatever reason. Why would this happen? How could I prevent this in the future? By the way, the 2nd domain controller was found to be on a bad APC/UPS a few months ago and as a result was shutting off frequently, exchange never had a problem with that one going down (it's the secondary though, no master roles but does have a copy of GC, the one from this weekend had all master roles and both do DNS).

Any info on this would be appreciated. Thanks

--
Scott

	Exchange Server Forum Index -> Exchange General	All times are GMT
Page 1 of 1