RE: Disaster Recovery Exchange 2K with Win2K A D
- From: Calderón Vilches Luis Daniel <Daniel@xxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Fri, 13 Feb 2004 09:06:39 -0500
Thanks Zoran,
I already checked a few things and I think is a PDC Emulator role problem.
I wasn't added any new hardware to the server.
There is not problems with disks.
Since this is the only server in the organization I don't have replication
issues.
I checked the role owners with ntdsutil and the server owns all of them.
Even I seize the PDC Emulator role to the same server and it succeded but the
problem is stil present.
When I tried to add a new DC, before run dcpromo.exe I had to add the computer
to the domain and received a message stating that no DC of my domain could be
connected.
I run dcdiag.exe on the server and it fails the Fsmocheck. The rest was Ok.
This is the message:
Starting test: FsmoCheck
GC Name: \\server.domain.com
Locator Flags: 0xe00001fd
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Time Server Name: \\server.domain.com
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\server.domain.com
Locator Flags: 0xe00001fd
KDC Name: \\server.domain.com
Locator Flags: 0xe00001fd
......................... domain.com failed test FsmoCheck
> -----Original Message-----
> From: Zoran [mailto:zmarjanovic@xxxxxxxx]
> Sent: Friday, February 13, 2004 02:59
> To: [ExchangeList]
> Subject: [exchangelist] RE: Disaster Recovery Exchange 2K
> with Win2K A D
>
>
> http://www.MSExchange.org/
>
> Hi Daniel,
>
> you should check services on DC, try to remember any changes
> you made in
> the last few weeks (new hardware-there could be problems if
> you added new
> NIC on DC, hot fix, SP, third party software, AV software
> upgrade...), run
> AV and antitrojan scan on DC and all clients, run chkdsk and
> sfc /scannow
> on DC, use Active Directory Replication Monitor (support
> tools)to check
> status of FSMO roles. What do you mean with 'I cann't add
> second DC. What
> happened when you tried it? Did you get any message, error or
> warning in
> your app/system logs?
>
> Zoran
>
> > Definitevely it's not a GPO. I've already checked that.
> > The problem it's the same in any machine.
> > I have other symptoms like this: A user newly created user account =
> > can=B4t logon on any machine of the domain except for the domain =
> > controller (previously changing the user rights assignment).
> > I've also discarded name resolution problem.
> > As I mention, I run dcdiag.exe and it fails on the Fsmocheck part.
> >
> > Anyway, I didn=B4t know about associating accounts.
> > I am reading a paper about that right now.
> >
> > Thank you very much for the info!
> >
> > Daniel.
> >
> > > -----Original Message-----
> > > From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]=20
> > > Sent: Thursday, February 12, 2004 17:50
> > > To: [ExchangeList]
> > > Subject: [exchangelist] RE: Disaster Recovery Exchange 2K=20
> > > with Win2K A D
> > >=20
> > >=20
> > > http://www.MSExchange.org/
> > >=20
> > > Are you sure it's not maybe a GPO or something wrong with the=20
> > > particular
> > > client? =20
> > >=20
> > > Your other question asks if you can associate the account
> with the new
> > > accounts even though the sID is different (after a rebuild). =20
> > > The sID has
> > > nothing to do with it. You can associate a mail store with=20
> > > just about any
> > > user object with few exceptions. It might be a pain if you=20
> > > have more than
> > > 50 to do this with, but you can do it. You'll want to have a=20
> > > list of these
> > > prior to getting rid of the old ones (LDIFDE or VBS are good=20
> > > tools for this)
> > > so you can match it later.
> > >=20
> > > I just can't help but think that you have something wrong=20
> > > that may not be
> > > fixed by re-building. It may not require that.
> > >=20
> > > Al
> > >=20
> > >=20
> > >=20
> > > -----Original Message-----
> > > From: Calder=F3n Vilches Luis Daniel
> [mailto:Daniel@xxxxxxxxxxxx]=20
> > > Sent: Thursday, February 12, 2004 4:12 PM
> > > To: [ExchangeList]
> > > Subject: [exchangelist] RE: Disaster Recovery Exchange 2K=20
> > > with Win2K AD
> > >=20
> > >=20
> > > http://www.MSExchange.org/
> > >=20
> > > Thanks Al!!
> > >=20
> > > I will answer with an example of my problem:
> > > If I run the AD tools locally on the server, I can add users,=20
> > > groups and
> > > computers. But when I tried to access these objects from
> a client, by
> > > example set NTFS permissions on a share, I can=B4t get the=20
> > > users list from the
> > > domain controller.
> > >=20
> > > I'm afraid that is something wrong with the PDC emulator=20
> > > role. So, I can=B4t
> > > add domain controllers.
> > >=20
> > > Daniel
> > >=20
> > > > -----Original Message-----
> > > > From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
> > > > Sent: Thursday, February 12, 2004 15:23
> > > > To: [ExchangeList]
> > > > Subject: [exchangelist] RE: Disaster Recovery Exchange 2K=20
> > > > with Win2K AD
> > > >=20
> > > >=20
> > > > http://www.MSExchange.org/
> > > >=20
> > > > If you think the problem is just the machine locally, try
> > > > installing a new
> > > > DC into the mix and transferring the roles to it once stable.=20
> > > > If you still
> > > > have the problem, then keeping the Active Directory as is may=20
> > > > not be an
> > > > option for you or you may have other issues that would show=20
> > > > up in the event
> > > > log.=20
> > > >=20
> > > > If you are unable to install additional computer objects,
> > > > then you likely
> > > > can't add user objects either. Is that right? If so, it's=20
> > > > likely a role
> > > > master issue that you're having. Restoring system state and=20
> > > > databases etc
> > > > will restore the Active Directory exactly like it is for that=20
> > > > point in time.
> > > > That might not be a good idea given what you described. =20
> > > >=20
> > > >=20
> > > >=20
> > > >=20
> > > > Al
> > > >=20
> > > > -----Original Message-----
> > > > From: Calder=F3n Vilches Luis Daniel
> [mailto:Daniel@xxxxxxxxxxxx]
> > > > Sent: Thursday, February 12, 2004 10:31 AM
> > > > To: [ExchangeList]
> > > > Subject: [exchangelist] Disaster Recovery Exchange 2K
> with Win2K AD
> > > >=20
> > > >=20
> > > > http://www.MSExchange.org/
> > > >=20
> > > > Hi everybody,
> > > >=20
> > > > This is my first time in the list, so I hope you could give
> > > > me more ideas.
> > > >=20
> > > > Have the following environment:
> > > >=20
> > > > A Win2k DC which also is Exchange2K server, this is the
> > > > lonely server in the
> > > > organization, I call it THE server.
> > > >=20
> > > > This DC has problems with some FSMO roles with impact on the
> > > > end users:
> > > > things like we can not add more machines to the domain.=20
> > > > However, the AD
> > > > tools run ok, even I can add users or groups to the domain,=20
> > > > only if I run it
> > > > locally on the server, of course. I have received the=20
> > > server with this
> > > > problems from a previous administration.
> > > >=20
> > > > The thing is: I want to reinstall the server.
> > > > BUT I have this problems:
> > > > - I need to preserve the AD accounts in order to associate
> > > > them with their
> > > > mailboxes once I have restored the exchange services.
> > > > - I think that a System State backup of the server will
> preserve the
> > > > accounts, BUT maybe also preserve the misconfigurations
> I described.
> > > >=20
> > > > Has anybody experienced with a similar situation??
> > > > Any suggestions will be well received.
> > > > 10xs!!!
> > > >=20
> > > > Daniel
> > > >=20
> > > > ------------------------------------------------------
> > > > List Archives:
> > > > http://www.webelists.com/cgi/lyris.pl?> enter=3Dexchangelist
> > > >=20
> > > > Exchange Newsletters:
> > > > http://www.msexchange.org/pages/newsletter.asp
> > > > Exchange FAQ: =
> > http://www.msexchange.org/pages/larticle.asp?type=3DFAQ
> > > > ------------------------------------------------------
> > > > Other Internet Software Marketing Sites:
> > > > Leading Network Software Directory:=20
> > > > http://www.serverfiles.com No.1 ISA
> > > > Server Resource Site:=20
> > > > http://www.isaserver.org Windows Security Resource
> > > > Site: http://www.windowsecurity.com/ Network Security Library:
> > > > http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > > > http://www.ntfaxfaq.com
> > > > ------------------------------------------------------
> > > >=20
> > > > ------------------------------------------------------
> > > > List Archives:
> > > > http://www.webelists.com/cgi/lyris.pl?> enter=3Dexchangelist
> > > >=20
> > > > Exchange Newsletters:
> > > > http://www.msexchange.org/pages/newsletter.asp
> > > > Exchange FAQ: =
> > http://www.msexchange.org/pages/larticle.asp?type=3DFAQ
> > > > ------------------------------------------------------
> > > > Other Internet Software Marketing Sites:
> > > > Leading Network Software Directory: http://www.serverfiles.com
> > > > No.1 ISA Server Resource Site: http://www.isaserver.org
> > > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > > Network Security Library: http://www.secinf.net/
> > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > > ------------------------------------------------------
> > > >=20
> > > >=20
> > >=20
> > > ------------------------------------------------------
> > > List Archives:=20
> > > http://www.webelists.com/cgi/lyris.pl?> enter=3Dexchangelist
> > >=20
> > > Exchange Newsletters:=20
> > > http://www.msexchange.org/pages/newsletter.asp
> > > Exchange FAQ:
> http://www.msexchange.org/pages/larticle.asp?type=3DFAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory:=20
> > > http://www.serverfiles.com No.1 ISA
> > > Server Resource Site:=20
> > > http://www.isaserver.org Windows Security Resource
> > > Site: http://www.windowsecurity.com/ Network Security Library:
> > > http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > > http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > >=20
> > > ------------------------------------------------------
> > > List Archives:=20
> > > http://www.webelists.com/cgi/lyris.pl?> enter=3Dexchangelist
> > >=20
> > > Exchange Newsletters:=20
> > > http://www.msexchange.org/pages/newsletter.asp
> > > Exchange FAQ:
> http://www.msexchange.org/pages/larticle.asp?> type=3DFAQ
> > >
> ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 ISA Server Resource Site: http://www.isaserver.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > >=20
> > >=20
>
> ------------------------------------------------------
> List Archives:
> http://www.webelists.com/cgi/lyris.pl?> enter=exchangelist
>
> Exchange Newsletters:
> http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
>
>
Other related posts:
