Install Nightmares (Full Version)

All Forums >> [Microsoft Exchange 2007] >> Installation



Message


t0ta11ed -> Install Nightmares (2.Feb.2007 1:35:10 PM)

    Greetings,

I'm attempting to install Exchange 2k7 into a new domain using a new domain controller. The install goes ok. However, after some basic configuration of Exchange several strange errors happen:

1. Certain services such as the information store will not start at boot.
2. The system begins to hang at 'Applying computer settings' at boot.

Event Logs show errors relating to the following:

MAD.EXE reports topology discovery has failed, although the error is not in the list of LDAP errors in KB article 218185 that it references.
MAD.EXE reports all domain controllers in use are not responding.
System Attendant tasks are blocked (obviously  because it depends on the topology service)
Config fails to load due to exception caused by inability to read config from AD.

The only thing I did on the AD side after installation is move the Exchange server object from the Computers folder to an OU and applied a blank GPO to it so that the Domain GPO does not apply to the machine. Could moving the server object actually have caused all of these problems? This is my guess.

ANY light anyone can shed on this will be highly appreciated as I've been struggling with getting everything up and running because of these issues.




t0ta11ed -> RE: Install Nightmares (2.Feb.2007 6:25:34 PM)

Update:

After some experimentation and reinstallation (And working late on a Friday), I do believe that Exchange totally tanks if you move the server object in AD out of the default 'Computers' folder. Exchange will not find the DC.

I discovered this after doing a fresh install of AD and rolling back the mail server to a pre-Exchange state from a backup. I then joined the Exchange box to the domain and moved it to an OU prior to running the Exchange install. The install insisted it couldn't find a DC in the domain. Once I removed the mail server from the domain, deleted the object in AD, and re-joined the domain, the install was happy as long as the server object wasn't moved.

This is retarded IMO since you can't create an OU in a folder. 




t0ta11ed -> RE: Install Nightmares (5.Feb.2007 4:52:26 PM)

Ok, this is totally driving me nuts. Exchange seemed to be working happily after a few config changes to both AD and Exchange itself and a few reboots went along smoothly. However, after the last reboot of the Exchange system, it hangs again at "Applying computer settings". For some reason after a while it refuses to find the domain controller. I am at my wits end trying to find the cause. If anyone has any ideas or can point me in the right direction please post as I can't figure out what is going wrong. I haven't made any changes to DNS or AD that would affect this. I can't find the error code listed under Event 2114 in the Knowledge Base article it references. Anyone? Bueller? Bueller?

The following errors are written to the event log:

Event Type:    Warning
Event Source:    MSExchange ADAccess
Event Category:    General
Event ID:    2601
Date:        2/5/2007
Time:        4:30:17 PM
User:        N/A
Computer:    MX1
Description:
Process MSEXCHANGEADTOPOLOGY (PID=1396). When initializing a remote procedure call (RPC) to the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the SID for account <WKGUID=DC1301662F547445B9C490A52961F8FC,CN=Microsoft Exchange,CN=Services,CN=Configuration,...> - Error code=80040a01.
The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:    Error
Event Source:    MSExchange ADAccess
Event Category:    General
Event ID:    2501
Date:        2/5/2007
Time:        4:30:17 PM
User:        N/A
Computer:    MX1
Description:
Process MSEXCHANGEADTOPOLOGY (PID=1396). The site monitor API was unable to verify the site name for this Exchange computer - Call=HrSearch Error code=80040a01. Make sure that Exchange server is correctly registered on the DNS server.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:    Information
Event Source:    MSExchange ADAccess
Event Category:    Topology
Event ID:    2080
Date:        2/5/2007
Time:        4:30:17 PM
User:        N/A
Computer:    MX1
Description:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1396). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
dc1.domain.changed.on.purpose.here    CDG 1 7 7 1 0 0 1 7 1
Out-of-site:


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:    Error
Event Source:    MSExchange ADAccess
Event Category:    Topology
Event ID:    2114
Date:        2/5/2007
Time:        4:30:17 PM
User:        N/A
Computer:    MX1
Description:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1396). Topology discovery failed, error 0x80040a02 (DSC_E_NO_SUITABLE_CDC). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, "Microsoft LDAP Error Codes." Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:    Error
Event Source:    MSExchangeIS
Event Category:    General
Event ID:    1121
Date:        2/5/2007
Time:        4:30:21 PM
User:        N/A
Computer:    MX1
Description:
Error 0x96f connecting to the Microsoft Active Directory.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:    Error
Event Source:    MSExchange ADAccess
Event Category:    General
Event ID:    2604
Date:        2/5/2007
Time:        4:31:18 PM
User:        N/A
Computer:    MX1
Description:
Process MSEXCHANGEADTOPOLOGY (PID=1396). When updating security for a remote procedure call (RPC) access for the Microsoft Exchange Active Directory Topology service, Exchange could not retrieve the security descriptor for Exchange server object MX1 - Error code=80040a01.
The Microsoft Exchange Active Directory Topology service will continue starting with limited permissions.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:    Warning
Event Source:    MSExchange EdgeSync
Event Category:    Initialization
Event ID:    1043
Date:        2/5/2007
Time:        4:32:20 PM
User:        N/A
Computer:    MX1
Description:
Initialization failed with transient exception: Microsoft.Exchange.Data.Directory.NoSuitableServerFoundException: The Exchange Topology service did not return a suitable Domain Controller.
at Microsoft.Exchange.Data.Directory.DSAccessTopologyProvider.GetConfigDCInfo(Boolean throwOnFailure)
at Microsoft.Exchange.Data.Directory.TopologyProvider.PopulateConfigNamingContexts()
at Microsoft.Exchange.Data.Directory.TopologyProvider.GetConfigurationNamingContext()
at Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String preferredServer, Boolean isWriteOperation, Boolean isNotifyOperation, ADObjectId& rootId, Int32& maxRetries)
at Microsoft.Exchange.Data.Directory.ADSession.GetReadConnection(String preferredServer, ADObjectId& rootId, Int32& maxRetries)
at Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCreator, CreateObjectsDelegate arrayCreator)
at Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCtor, CreateObjectsDelegate arrayCtor)
at Microsoft.Exchange.Data.Directory.ADSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties)
at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults)
at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetOrgContainer()
at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetOrgContainerId()
at Microsoft.Exchange.MessageSecurity.DirectTrust.RegisterDirectTrustMonitoring()
at Microsoft.Exchange.MessageSecurity.DirectTrust.Load()
at Microsoft.Exchange.EdgeSync.EdgeSyncSvc.OnStartInternal(String[] args). No user action is required. If this event is logged frequently, restart the Microsoft Exchange EdgeSync service or restart the Hub Transport server. 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.




t0ta11ed -> RE: Install Nightmares (9.Feb.2007 9:07:27 PM)

This turned out to be a Group Policy issue. Thanks for all the helpful posts lol




kkrus -> RE: Install Nightmares (20.Mar.2007 12:14:09 PM)

Having the same issue. What was your resolution?




t0ta11ed -> RE: Install Nightmares (20.Mar.2007 1:02:54 PM)

quote:

ORIGINAL: kkrus

Having the same issue. What was your resolution?


I had the "Manage Security and Auditing Log" assigned to a specific group.




tfrancois -> RE: Install Nightmares (21.Mar.2007 8:11:32 AM)

Can you please be more a little more descriptive as to how you resolved this problem.  I am also having the EXACT same issue and I am about to lose it!




t0ta11ed -> RE: Install Nightmares (21.Mar.2007 9:54:18 AM)

quote:

ORIGINAL: tfrancois

Can you please be more a little more descriptive as to how you resolved this problem.  I am also having the EXACT same issue and I am about to lose it!


One of the Exchange services requires the right to manage the security and audit log, obstensibly to be able to write to it. If you have the following group policy setting using a specific user/group it fails;

Computer Configuration>Windows Settings>Security Settings>Local Policy>User Rights Assignment>Manage auditing and security log.

I just simply removed the Group I originally had and left it as Not Defined, and bam Exchange was happy again and booted as I slapped myself in the forehead.




Page: [1]