J
JDTHREE [MVP]
I have just migrated my Windows 2000 / Exchange 5.5 corporate network
to Windows 2003 / Exchange 2003.
The exchange 2003 went without a hitch, all worked great, moved
mailboxes, removed old server, all profiles switched just fine, and
everything is fully functional and working as expected.
I followed the KB articles (325379 mainly) then to move myself to 2003
DC's. I had my exchange 2003 server running on a windows 2003 domain
member, that one is not a domain controller. I had a new server, dual
xeon, that I brought in to replace my old exchange server, that *was*
a domain controller when it was running exchange 5.5. The new domain
controller when I started was running Windows 2003 standard server,
but was still in workgroup mode, not a domain member, not a DC, since
I planned on changing it's computer name when I removed my old DC from
the network.
I ran the forestprep and domainprep, and everything went through fine,
replication went fine, etc... All tests for dcdiags, netdiag, etc,
came up without errors. Changes on one DC were replicated fine to the
other.
Now, since the old DC was my exchange 5.5 server, and was getting
replaced, I ran dcpromo on it to remove it from the DC list. Then I
removed it from the domain, since it's being decomissioned on my site
and is going to someone else's for a new role.
A few hours later I renamed my new 2003 soon-to-be DC to the same name
as the old DC, since I've seen issues in the past with clients who
just never would authenticate against another DC when the one they
were used to going against wasn't available. So I changed the
computer name, rebooted, joined the domain, rebooted, and everything
looked good. I then ran DCPROMO on it, to make it a DC in my domain.
I figured last night I would get the 2003 AD server running, and
tonight I would get the 2000 server upgraded to 2003.
DCPROMO ran fine, no errors, since the preparation had been done to
the schema. Computers anywhere could log in, authenticate, etc, mail
was working just fine. So I left it at that last night, prepped to
upgrade my other DC to 2003 when I came in tonight.
Came in tonight, checked the logs, no errors, replication working
fine, etc. Diagnostics ran from the support tools, no errors.
So I upgraded my 2000 DC to 2003. This is where I get confused.
While the original DC was down, exchange, on my non-DC 2003 member
server, didn't work. I couldn't access it via outlook on the internal
network, couldn't access it via OWA, couldn't even bring up OWA on the
exchange box itself. meanwhile the second DC was up and running just
fine. No errors, other than when it tried to replicate and timed out
because the first DC was in the install phase of 2003 so wasn't
available.
After the 2003 upgrade, exchange worked fine again once the original
DC came up. But when I did my security updates to it to make it
current, and rebooted, again exchange failed. Before doing the
security updates I ran all the dcdiags and such again, and everything
still runs without any errors. All tests pass.
The original machine, the one that when rebooted makes exchange fail,
is currently holding all 5 master roles. I planned on splitting the
roles up, since the new server is far more powerful than the first
one, but I wanted to see if the fact that the master role holder was
down is enough to really keep exchange 2003 from being able to let
users in? I had thought that having the second domain controller was
supposed to be enough to let authentication happen? If it *is* a
matter of the roles, if a server crashes, will nothing operate
properly until someone manually forces the roles to active on the
remaining DC?
Thanks for any info.
john
to Windows 2003 / Exchange 2003.
The exchange 2003 went without a hitch, all worked great, moved
mailboxes, removed old server, all profiles switched just fine, and
everything is fully functional and working as expected.
I followed the KB articles (325379 mainly) then to move myself to 2003
DC's. I had my exchange 2003 server running on a windows 2003 domain
member, that one is not a domain controller. I had a new server, dual
xeon, that I brought in to replace my old exchange server, that *was*
a domain controller when it was running exchange 5.5. The new domain
controller when I started was running Windows 2003 standard server,
but was still in workgroup mode, not a domain member, not a DC, since
I planned on changing it's computer name when I removed my old DC from
the network.
I ran the forestprep and domainprep, and everything went through fine,
replication went fine, etc... All tests for dcdiags, netdiag, etc,
came up without errors. Changes on one DC were replicated fine to the
other.
Now, since the old DC was my exchange 5.5 server, and was getting
replaced, I ran dcpromo on it to remove it from the DC list. Then I
removed it from the domain, since it's being decomissioned on my site
and is going to someone else's for a new role.
A few hours later I renamed my new 2003 soon-to-be DC to the same name
as the old DC, since I've seen issues in the past with clients who
just never would authenticate against another DC when the one they
were used to going against wasn't available. So I changed the
computer name, rebooted, joined the domain, rebooted, and everything
looked good. I then ran DCPROMO on it, to make it a DC in my domain.
I figured last night I would get the 2003 AD server running, and
tonight I would get the 2000 server upgraded to 2003.
DCPROMO ran fine, no errors, since the preparation had been done to
the schema. Computers anywhere could log in, authenticate, etc, mail
was working just fine. So I left it at that last night, prepped to
upgrade my other DC to 2003 when I came in tonight.
Came in tonight, checked the logs, no errors, replication working
fine, etc. Diagnostics ran from the support tools, no errors.
So I upgraded my 2000 DC to 2003. This is where I get confused.
While the original DC was down, exchange, on my non-DC 2003 member
server, didn't work. I couldn't access it via outlook on the internal
network, couldn't access it via OWA, couldn't even bring up OWA on the
exchange box itself. meanwhile the second DC was up and running just
fine. No errors, other than when it tried to replicate and timed out
because the first DC was in the install phase of 2003 so wasn't
available.
After the 2003 upgrade, exchange worked fine again once the original
DC came up. But when I did my security updates to it to make it
current, and rebooted, again exchange failed. Before doing the
security updates I ran all the dcdiags and such again, and everything
still runs without any errors. All tests pass.
The original machine, the one that when rebooted makes exchange fail,
is currently holding all 5 master roles. I planned on splitting the
roles up, since the new server is far more powerful than the first
one, but I wanted to see if the fact that the master role holder was
down is enough to really keep exchange 2003 from being able to let
users in? I had thought that having the second domain controller was
supposed to be enough to let authentication happen? If it *is* a
matter of the roles, if a server crashes, will nothing operate
properly until someone manually forces the roles to active on the
remaining DC?
Thanks for any info.
john
