Exchange Server 2013 with Active Directory Relationship – Troubleshooting Step by Step
- Verify the Exchange Server can connect to the Active Directory
C:\Admin >NLTEST /DSGETDC:ad.com
Dom Guid: c6cc3ad6-5049-4250-a8bc-a0836712a03d
Dom Name: AD.COM
Forest Name: AD.COM
Dc Site Name: Asia
Our Site Name: Asia
Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST CLOSE_SITE FULL_SECRET WS
The command completed successfully
- Verify the Windows TCP Stack is configured properly
C:\Admin>netsh int tcp show global
Querying active state…
TCP Global Parameters
Receive-Side Scaling State: disabled
Chimney Offload State: disabled
NetDMA State : disabled
Direct Cache Acess (DCA) : disabled
Receive Window Auto-Tuning Level : disabled
Add-On Congestion Control Provider : ctcp
ECN Capability : disabled
RFC 1323 Timestamps : disabled
- Verify the event id 2080 in the application logs which should get triggered every 15 minutes
Process STORE.EXE (PID=19276). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
DC01.asia.com CDG 1 7 7 1 0 1 1 7 1
DC02.asia.com CDG 1 7 7 1 0 1 1 7 1
Detail about the above value
•Server name: Indicates the name of the domain controller
•Roles: C = Configuration domain controller. D = domain controller G= Global catalog server
0x1 – reachable as a global catalog server
0x2 – reachable as a domain controller
0x3 – reachable as a global catalog server and domain controller but not configuration domain controller,
0x4 – reachable as a configuration domain controller
0x7 – reachable as a global catalog server, as a domain controller, and as a configuration domain controller (0x1 | 0x2 | 0x4 )
•Synchronized: Whether the “isSynchronized” flag on the rootDSE of the domain controller is set to TRUE.
•GC capable: Whether the domain controller is a global catalog server.
•PDC: Whether the domain controller is a primary domain controller for its domain.
•SACL right: Whether DSAccess has the correct permissions to read the SACL (part of nTSecurityDescriptor) against that directory service.
•Critical Data: 7 means that the Net Logon service check was successful for each role (domain controller, configuration domain controller, and global catalog).
•OS Version: 1 means the domain controller satisfied the operating system requirements of Exchange for use by DSAccess.
Refer the article for more detail explanation: http://support.microsoft.com/kb/316300
- Check out if IPV6 is disabled
In the details pane, click New, and then click DWORD (32-bit) Value.
Type DisabledComponents, and then press ENTER.
Double-click DisabledComponents, and then type 0xffffffff in Hexadecimal or 4294967295 in Decimal.
Note The 0xffffffff value or the 4294967295 value disables all IPv6 components except for the IPv6 loopback interface
- Run the Best Practice analyzer and DNS configuration