Exchange Server 2013 with Active Directory Relationship – Troubleshooting Step by Step


Exchange Server 2013 with Active Directory Relationship – Troubleshooting Step by Step

  1. Verify the Exchange Server can connect to the Active Directory

NLTEST /DSGETDC:domain.local

C:\Admin >NLTEST /DSGETDC:ad.com

DC: \\DC01.AD.COM

Address: \\20.103.191.56

Dom Guid: c6cc3ad6-5049-4250-a8bc-a0836712a03d

Dom Name: AD.COM

Forest Name: AD.COM

Dc Site Name: Asia

Our Site Name: Asia

Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN

DNS_FOREST CLOSE_SITE FULL_SECRET WS

The command completed successfully

  1. Verify the Windows TCP Stack is configured properly

C:\Admin>netsh int tcp show global

Querying active state…

TCP Global Parameters

———————————————-

Receive-Side Scaling State: disabled

Chimney Offload State: disabled

NetDMA State            : disabled

Direct Cache Acess (DCA) : disabled

Receive Window Auto-Tuning Level   : disabled

Add-On Congestion Control Provider : ctcp

ECN Capability                    : disabled

RFC 1323 Timestamps        : disabled

 

  1. Verify the event id 2080 in the application logs which should get triggered every 15 minutes

Process STORE.EXE (PID=19276). Exchange Active Directory Provider has discovered the following servers with the following characteristics:

(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)

In-site:

DC01.asia.com   CDG 1 7 7 1 0 1 1 7 1

Out-of-site:

DC02.asia.com   CDG 1 7 7 1 0 1 1 7 1

 

Detail about the above value

•Server name: Indicates the name of the domain controller

•Roles: C = Configuration domain controller. D = domain controller G= Global catalog server

•Reachability:

0x1 – reachable as a global catalog server

0x2 – reachable as a domain controller

0x3 – reachable as a global catalog server and domain controller but not configuration domain controller,

0x4 – reachable as a configuration domain controller

0x7 – reachable as a global catalog server, as a domain controller, and as a configuration domain controller (0x1 | 0x2 | 0x4 )

•Synchronized: Whether the “isSynchronized” flag on the rootDSE of the domain controller is set to TRUE.

•GC capable: Whether the domain controller is a global catalog server.

•PDC: Whether the domain controller is a primary domain controller for its domain.

•SACL right: Whether DSAccess has the correct permissions to read the SACL (part of nTSecurityDescriptor) against that directory service.

•Critical Data: 7 means that the Net Logon service check was successful for each role (domain controller, configuration domain controller, and global catalog).

•OS Version: 1 means the domain controller satisfied the operating system requirements of Exchange for use by DSAccess.

Refer the article for more detail explanation: http://support.microsoft.com/kb/316300

  1. Check out if IPV6 is disabled

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters

In the details pane, click New, and then click DWORD (32-bit) Value.

Type DisabledComponents, and then press ENTER.

Double-click DisabledComponents, and then type 0xffffffff in Hexadecimal or 4294967295 in Decimal.

Note The 0xffffffff value or the 4294967295 value disables all IPv6 components except for the IPv6 loopback interface

  1. Run the Best Practice analyzer and DNS configuration
Advertisements

About Raji Subramanian

Nothing great to say about me...Just want to share my knowledge for others that will be useful at any moment of time when they stuck in critical issue....
This entry was posted in Exchange 2013 SP1, Exchange Server and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s