Announcement

Collapse
No announcement yet.

Exchange Servers connecting to DC's in another child domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange Servers connecting to DC's in another child domain

    Hey guy's

    Another pretty major problem for me.

    Setup as follows

    Setup as a child domain, 1 (us) of 2 (other), with the root domain having no exchange servers.

    Child domain 2 was the original start of the exchange installation.

    Server 2003 SP2 with Critical Updates installed.
    Exchange 2003 SP2 with Critical Updates installed.

    We currently have 8 sites setup as its own admin group, and connection to the net.

    The problem is that i updated a server from the other domian yesterday (is on our site but their domain) to Server 2003 R2 and when the server went down our exchange servers stopped working. The server is a GC.

    Now each site has its own DC and GC and our PDC Emulator for our domain is in our main office site.

    I've ran both netdiag and dcdiag and get no errors on any dc.

    DNS is working as expected and is returning the correct ip's and the correct DNS name when queried.

    Why is exchange looking to DC's in the other site without using its local ones first???

  • #2
    Re: Exchange Servers connecting to DC's in another child domain

    Hi mate,


    According to this, this is normal given the algorith used by the DSProxy service to prioritise a GC in SP2.

    http://msexchangeteam.com/archive/20...04/413669.aspx
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Exchange Servers connecting to DC's in another child domain

      Cheers bud.

      I'll have a lookt tomorrow as my brain is pretty frazzled at the moment.

      Comment


      • #4
        Re: Exchange Servers connecting to DC's in another child domain

        Whoops i forgot to update this.

        Right managed to get the problem fixed at 1:30am, boy was i knacked that day lol.

        So i ended up turning off the DC that all our exchange server were looking at for DS Access and waited a while to see if any errors popped up in the event logs. Low and behold i started to see MSExchangeSA RFR events, 9074 and some 2114.

        A quick trip to http://www.eventid.net/display.asp?e...Access&phase=1 and i followed this

        Check that the "Exchange servers" group has the rights to "manage audit and security logs". On a working DC, go to Start -> Programs -> Admin tools -> Domain controller security -> Local settings -> User Rights and find the manage audit and security logs option. Add the group if necessary.
        Once i added the group back into the user assignment my servers started collecting local DC's for DS Access.

        Looks like a new change control policy is going to be implemented.

        Comment

        Working...
        X