Announcement

Collapse
No announcement yet.

Global Catalogue Issues

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Global Catalogue Issues

    Hi,

    We have a network running two DCs.

    One is Server 2012, the other is SBS 2011. Each is set up in its own site and there is a VPN link between the two

    It was migrated from a single DC SBS 2003 network and the migration went through fine. After the migration there was an accidental deletion of all the user accounts on the SBS 2011 server. This was caught quickly and the 2012 server was used to restore the accounts.

    We get Event ID 2085/2084 "No Domain Controller server is up in the local site" and "No Global Catalog server is up in the local site" all the time on the SBS box.

    Event ID 2080 gives me:

    In-site:
    SBS.domain.local CDG 1 0 0 1 0 0 0 0 0
    Out-of-site:
    2012.domain.local CDG 1 7 7 1 0 1 1 7 1
    When the VPN is down, all local and Internet resources work - it is just Exchange that cries like a baby.

    dcdiag doesn't give any errors so I need to figure out if this is a problem caused by the AD restore or if it is something within Exchange that is acting up.

    Any suggestions?
    Last edited by beddo; 2nd August 2013, 15:32.

  • #2
    Re: Global Catalogue Issues

    On each of the dcs run:

    repadmin /options

    What does it say?
    Rules of life:
    1. Never do anything that requires thinking after 2:30 PM
    2. Simplicity is godliness
    3. Scale with extreme prejudice


    I occasionally post using a savantphone, so please don't laugh too hard at the typos...

    Comment


    • #3
      Re: Global Catalogue Issues

      AD looks OK. Either it isn't talking to Exchange or Exchange has the issues.

      C:\>nltest /dsgetdc: /site:sitea
      DC: \\SBS.domain.local
      Address: \\192.168.20.20
      Dom Guid: e94851c5-236b-4672-ab0f-0ec537178d20
      Dom Name: domain.local
      Forest Name: domain.local
      Dc Site Name: SITEA
      Our Site Name: SITEA
      Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
      DNS_FOREST CLOSE_SITE FULL_SECRET WS
      The command completed successfully

      C:\>repadmin /options

      Repadmin: running command /options against full DC localhost
      Current DSA Options: IS_GC


      C:\>nltest /dsgetdc: /site:siteb
      DC: \\2012.domain.local
      Address: \\192.168.1.20
      Dom Guid: e94851c5-236b-4672-ab0f-0ec537178d20
      Dom Name: domain.local
      Forest Name: domain.local
      Dc Site Name: SITEB
      Our Site Name: SITEB
      Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLO
      SE_SITE FULL_SECRET WS DS_8
      The command completed successfully

      C:\>repadmin /options

      Repadmin: running command /options against full DC localhost
      Current DSA Options: IS_GC

      Comment


      • #4
        Re: Global Catalogue Issues

        On each dc, run:

        Code:
        nltest /dsregdns

        This will regoster essential dns records, including your _gc.* SRV records.
        Rules of life:
        1. Never do anything that requires thinking after 2:30 PM
        2. Simplicity is godliness
        3. Scale with extreme prejudice


        I occasionally post using a savantphone, so please don't laugh too hard at the typos...

        Comment


        • #5
          Re: Global Catalogue Issues

          Both done and reported success - I have a recollection of doing that before but can't remember whether it was this network or another. Either way the SBS server is still logging eventID 2080

          I am also considering that this may be an IPV6 issue. The SBS server was experiencing lockups related to IPV6 and IPV6 was disabled (following a proper guide, not just unbinding it from the adapter). Looking into it again there is a possibility that one step was missed so I have gone through the whole procedure again.

          My thinking is that if Exchange is using IPV6 to connect to the DC/GC it is not going to work but only a reboot will identify whether that is the case now.

          If I'm along the right lines then this thread probably belongs in the Exchange forum rather than AD. We will schedule a reboot tonight.

          Comment


          • #6
            Re: Global Catalogue Issues

            OK, so it sounds like the GC is fine. Start looking at the exchange server for problems...

            On the exchange server having issues, open ADUC and:
            1. In the console tree, right-click Active Directory Users and Computers
            2. Click Change Domain Controller.
            3. In Change to, select This Domain Controller or AD LDS instance
            4. Click the line "Type a Directory Server name"
            5. Enter the FQDN of the dc with the port "3268". ( i.e. dc-01.mydomain.com:3268 ). Click "Connect"
            6. Watch the status. If it's successful, iut will read "online". If not, Unavailable.




            If you can't connect, look at the network...
            Last edited by userPrincipalName; 2nd August 2013, 15:24.
            Rules of life:
            1. Never do anything that requires thinking after 2:30 PM
            2. Simplicity is godliness
            3. Scale with extreme prejudice


            I occasionally post using a savantphone, so please don't laugh too hard at the typos...

            Comment


            • #7
              Re: Global Catalogue Issues

              This is interesting.

              Typing in the server name with the port works fine however in before clicking the OK button the Status says Unavailable.

              Similarly the entry that is there for the DC also says unavailable but connects fine.

              Something thinks that it is unavailable when it isn't..

              Comment


              • #8
                Re: Global Catalogue Issues

                I wouldnt read too much into that. I'm not certain being "Unavailable" prior to actually initiating a connection is anything other than just poor design on the part of the software developers.

                If you can connect to the DC on the global catalog port (3268 ) you have verified the GC is available...

                I'd start looking at the exchange servers next. I'm no help there, so maybe someone else can assist...
                Rules of life:
                1. Never do anything that requires thinking after 2:30 PM
                2. Simplicity is godliness
                3. Scale with extreme prejudice


                I occasionally post using a savantphone, so please don't laugh too hard at the typos...

                Comment


                • #9
                  Re: Global Catalogue Issues

                  It's also worth running some Best Practices Analyser tools; one is available within the Toolbox node of EMC and there are some that are downloadable. It may give you an idea of the issue or report on something that leads you to the root cause.

                  Comment


                  • #10
                    Re: Global Catalogue Issues

                    Thanks Virtual,

                    The BPA doesn't show up anything but it does complain about there only being one GC in the DSAccess topology.

                    Can mod move this over to the Exchange forum?

                    Comment


                    • #11
                      Re: Global Catalogue Issues

                      Moved at OPs request
                      Tom Jones
                      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                      PhD, MSc, FIAP, MIITT
                      IT Trainer / Consultant
                      Ossian Ltd
                      Scotland

                      ** Remember to give credit where credit is due and leave reputation points where appropriate **

                      Comment


                      • #12
                        Re: Global Catalogue Issues

                        When Exchange is installed on a domain controller it will only talk to that domain controller, no others. If you put an Exchange server in to another site, that server will still only talk to the domain controller with Exchange on it.

                        The only way to stop it is to move Exchange off the domain controller on to a member server and remove it from the original server.

                        Having an SBS server in a multi site platform could be argued as a poor choice.

                        Simon.
                        --
                        Simon Butler
                        Exchange MVP

                        Blog: http://blog.sembee.co.uk/
                        More Exchange Content: http://exchange.sembee.info/
                        Exchange Resources List: http://exbpa.com/
                        In the UK? Hire me: http://www.sembee.co.uk/

                        Sembee is a registered trademark, used here with permission.

                        Comment


                        • #13
                          Re: Global Catalogue Issues

                          Hi Sembee,

                          Thanks for the info - what we were seeing was the exact opposite of what you describe. Exchange would only talk to the DC that was out of the site and would not talk to the DC on the server it was installed on!

                          We have finally managed a reboot and the problem has gone away so it is confirmed as a problem with IPV6 being improperly disabled.

                          All the best,
                          Colin Waring,

                          Comment

                          Working...
                          X