HI
YOu need to think of ISP failover in your case if one line goes down second will kick in.
Or you might need to think of Adding an additional public IP address to the External DNS and pointing it to a cas server but still the load will be distributed equally to 2 ip's
You can try to accomplish this with TMG
Similar thread for your reference
https://social.technet.microsoft.com/Forums/en-US/b0133ede-b198-4736-9edb-b7b9f82db5e2/how-to-publish-owa-anywhere-active-sync-in-case-of-dr
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
(MVP)

Similar Messages

Quick Exchange 2010 Perfmon Counter question

So in the following article:
http://technet.microsoft.com/en-us/library/ee832791.aspx
Under the section where it speaks about calculating your IOPS per Mailbox Server is says to track the Perfmon Counter "MSExchange Database ==>
Instances ->Database Maintenance IO Reads/sec" to use in your calculations.
My issue is that I don't see that counter at all when pulling counters from my Exchange 2010 mailbox servers. I have "Database Maintenance
Duration" and "Database Maintenance Pages Bad Checksums" but no "Database Maintenance IO Reads/sec" under "MSExchange
Database ==> Instances"
Am I looking in the wrong spot?
Exchange 2010 SP2

Hi
Sorry, this link was kept in my Favorite years ago, I did not notice it had be removed.
After researching, I found
"It is no longer necessary to pick the correct counters for the Exchange Server Roles that are installed as this script will automatically detect the roles installed and will add the appropriate counters for each role detected."
http://archive.msdn.microsoft.com/ExPerfwiz
So on that link, you can ExPerfWiz, it is a powershell based script to help automate the collection of performance data on Exchange 2007 and Exchange 2010 servers, you can download from here
http://archive.msdn.microsoft.com/ExPerfwiz/Release/ProjectReleases.aspx?ReleaseId=5859
Hope that could help
Cheers
Zi Feng
TechNet Community Support

Can't move Exchange 2003 mailbox to Exchange 2010 Resource forest (Linked Mailbox)

Problem Description:
Can’t move Exchange 2003 mailbox to Exchange 2010 resource forest
Error message:
Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials.
Source Environment Configuration:
Active Directory
FQDN: umfolozi.local
Domain name (pre-Windows 2000): UMFOLOZI
Domain Function Level: Windows Server 2003
Domain Controllers:
Hostname
OS
Operation Master
SRVUMVMDC01.umfolozi.local
Windows Server 2008 R2 Standard SP1
Schema Master, Domain Naming, RID, PDC
SRVUMVMDC01.umfolozi.local
Windows Server 2008 R2 Standard SP1
Infrastructure
Exchange
Version: Microsoft Exchange 2003 Standard SP2 Build 7638.2
Server Information:
Hostname
OS
TUSKUMFMAIL.umfolozi.local
Windows Server 2003 R2 SP2
DNS Zones
Zone Name
Zone Type
Domain Controllers
umfolozi.local
Active Directory-Integrated (Primary)
SRVUMVMDC01.umfolozi.local
SRVUMVMDC01.umfolozi.local
peermont.com
Secondary
SRVPGVMDC01.peermont.com
SRVPGVMDC02.peermont.com
Trusts
Domain Name
Trust Type
Transitive
Validated
peermont.com
Forest
Yes
Yes
Target Environment Configuration:
Active Directory
FQDN: peermont.com
Domain name (pre-Windows 2000): PG
Domain Functional Level: Windows Server 2008 R2
Domain Controllers:
Hostname
OS
Operation Master
SRVPGVMDC01.peermont.com
Windows Server 2008 R2 Std SP1
SRVPGVMDC02.peermont.com
Windows Server 2008 R2 Std SP1
Domain naming, RID, PDC, Infrastructure, Schema Master
Exchange
Resource Exchange Forest
Server Information:
Hostname
OS
Role
Version
Client Access Array
SRVPGVMEXCH01.peermont.com
Windows Server 2012 Std
HUB, CAS
Version 14.3 (Build 123.4)
exchange.peermont.com
SRVPGVMEXCH02.peermont.com
Windows Server 2012 Std
HUB, CAS
Version 14.3 (Build 123.4)
exchange.peermont.com
Hostname
OS
Role
Version
Database Availibility Group
SRVPGVMEXCH03.peermont.com
Windows Server 2012 Std
MBX
Version 14.3 (Build 123.4)
PeermontDAG
SRVPGVMEXCH04.peermont.com
Windows Server 2012 Std
MBX
Version 14.3 (Build 123.4)
PeermontDAG
DNS Zones
Zone Name
Zone Type
Domain Controllers
peermont.com
Active Directory-Integrated (Primary)
SRVPGVMDC01.peermont.com
SRVPGVMDC02.peermont.com
umfolozi.local
Secondary
SRVUMVMDC01.umfolozi.local
SRVUMVMDC01.umfolozi.local
Trusts
Domain Name
Trust Type
Transitive
Validated
umfolozi.local
Forest
Yes
Yes
Migration Process
Task
Description
Successful/Error
1
SYNC AD Domain account from source forest (umfolozi.local) to target forest (peermont.com) using BinaryTree SMART Directory Sync (ADMT can be used as alternative)
Successful
2
Create mailed enabled user
Successful
3
Run Prepare-MoveRepuest with –OverWriteLocalObject
Command Example:
.\Prepare-MoveRequest.ps1 -Identity [email protected] -RemoteForestDomainController SRVUMVMDC01.umfolozi.local
-RemoteForestCredential $RemoteCredentials -UseLocalObject -LocalForestDomainController SRVPGVMDC01.peermont.com -LocalForestCredential $LocalCredentials -OverWriteLocalObject
Successful
4
Submit mailbox request
Command Example:
New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeliveryDomain
"internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Credential "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True
Error
All the standard migration task works as expected until the mailbox migration move request is submitted. See move request verbose detail below:
[PS] C:\Windows\system32>New-MoveRequest -Identity "0fa7d17e-3637-4708-a51b-f14eaae17968" -BadItemLimit "50" -TargetDeli
veryDomain "internal.peermont.com" -TargetDatabase "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" -RemoteCredential (Get-Crede
ntial "umfolozi\svcmigration") -RemoteGlobalCatalog "SRVUMVMDC02.umfolozi.local" -RemoteLegacy:$True -Verbose
VERBOSE: [11:34:27.346 GMT] New-MoveRequest : Active Directory session settings for 'New-MoveRequest' are: View Entire
Forest: 'False', Default Scope: 'peermont.com', Configuration Domain Controller: 'SRVPGVMDC02.peermont.com', Preferred
Global Catalog: 'SRVPGVMDC02.peermont.com', Preferred Domain Controllers: '{ SRVPGVMDC02.peermont.com }'
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Runspace context: Executing user: peermont.com/Admin/Users/Admin
Accounts/Information Technology/SoarSoft/Johann Van Schalkwyk, Executing user organization: , Current organization: ,
RBAC-enabled: Enabled.
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Beginning processing &
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Instantiating handler with index 0 for cmdlet extension agent "Admin
Audit Log Agent".
WARNING: When an item can't be read from the source database or it can't be written to the destination database, it
will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting that Exchange not copy such
items to the destination mailbox. At move completion, these corrupted items won't be available in the destination
mailbox.
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Searching objects "{c5d6ea95-07b3-4a52-9868-e41e808a76fe}" of type
"MailboxDatabase" under the root "$null".
VERBOSE: [11:34:27.362 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient Write
Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclusive Recipient Scope(s):
{}, Exclusive Configuration Scope(s): {} }
VERBOSE: [11:34:27.393 GMT] New-MoveRequest : Searching objects "0fa7d17e-3637-4708-a51b-f14eaae17968" of type "ADUser"
under the root "$null".
VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Previous operation run on domain controller 'SRVPGVMDC02.peermont.com'.
VERBOSE: [11:34:27.471 GMT] New-MoveRequest : Processing object "$null".
VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] No RequestJob messages found.
VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MDB c5d6ea95-07b3-4a52-9868-e41e808a76fe found to belong to Site:
peermont.com/Configuration/Sites/Peermont
VERBOSE: [11:34:27.487 GMT] New-MoveRequest : [DEBUG] MRSClient: attempting to connect to 'SRVPGVMEXCH02.peermont.com'
VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] MRSClient: connected to 'SRVPGVMEXCH02.peermont.com', version
14.3.178.0 caps:07
VERBOSE: [11:34:27.627 GMT] New-MoveRequest : [DEBUG] Loading source mailbox info
VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Failed to reconnect to Active Directory server
SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that you have used the correct credentials. --> A
local error occurred.
VERBOSE: [11:34:28.844 GMT] New-MoveRequest : Admin Audit Log: Entered Handler:OnComplete.
Failed to reconnect to Active Directory server SRVUMVMDC02.umfolozi.local. Make sure the server is available, and that
you have used the correct credentials.
+ CategoryInfo : NotSpecified: (0:Int32) [New-MoveRequest], RemoteTransientException
+ FullyQualifiedErrorId : F48FD74B,Microsoft.Exchange.Management.RecipientTasks.NewMoveRequest
+ PSComputerName : srvpgvmexch02.peermont.com
VERBOSE: [11:34:28.859 GMT] New-MoveRequest : Ending processing &
Troubleshooting Performed
1. When submitting mailbox move request tried the following credential inputs:
1.1. DOMAIN\Username
1.2. FQDN\Username
1.3. userPrincipalName
2. Confirmed domain trust between source and target domain is in place and validated.
3. Confirmed name resolution in source and target domain is functioning as expected.
4. Confirmed network connectivity between source and target domain controllers as well as source and target exchange servers.
5. Tried to create new Linked Mailbox to account in source forest, can’t select Global Catologue via the wizard;
Tried to specify the credentials for the account forest and got the following error when tried to select Global Catalog from wizard:

The error talk about the credential. Did you check the credential
Did you tried this command?
New-MoveRequest -Identity "Distinguished name of User in Target Forest" -RemoteLegacy -TargetDatabase "E2K10 Mailbox Database Name" -RemoteGlobalCatalog "FQDN of Source DC" -RemoteCredential $Remote -TargetDeliveryDomain "Target
domain name"
http://blogs.technet.com/b/exchange/archive/2010/08/10/3410619.aspx
Cheers,
Gulab Prasad
Technology Consultant
Blog:
http://www.exchangeranger.com    Twitter:
  LinkedIn:
   Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Beware of Linked Mailbox status - Moving Unity_server mailboxes to Exchange 2010

Hi all -
Here is a problem I encountered that I want to pass along to you:
When partnering Unity to Exchange 2010, the Unity_servername, USBMS_servername, EAdmin, and unitymsgstoresvc inboxes are moved from the old Exchange to the new 2010 server. Using the Exchange Management Console, the users should show up as User Mailboxes, not Linked Mailbox. A Linked mailbox in Exchange 2010 is an external account, i.e. an account in another forest. If this occurs for the Unity_servername mailbox, external caller voice messages remain in UMR (UnityMTA) and you will see many application event log errors. In EMC you will observe the account mailboxes show in Disconnected status.
If this happens to you, here is the fix:
Disable the Account from EMC in Exchange 2010. Note you will get a prompt that the Exchange properties are being removed but the email inbox is NOT deleted.
Re-enable the account from ADUC.
In EMC, go to Disconnected Mailboxes, select the Unity mailbox and select Connect. In the Connect wizard, re-associate with the existing account. Re-enter the user alias and complete the wizard.
Restart AvUMRSynchSvr service on Unity.
Hope this helps someone in the future!
Sincerely, Ginger

Thanks Brad :-) I forgot to mention I discovered a number of Internet hits that say this can happen with Move Mailbox. Here's the link I used to begin researching the problem (hint: go all the way to the bottom of the web page - http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26308671.html). Got to give kudo's to this most excellent Exchange resource - has helped me a bunch over the years!

Exchange 2010 offline FSW failover occurs ?

Hello
We have two Exchange 2010 servers in DAG.
FSW is located on separate first DC and alternative FSW in located on second DC.
I know that Alternative FSW is not providing redundancy,...
We had a situation, that DC1 is been offline for few minutes because of windows updates
and when he was offline failover occurs from one Exchange node1 to node2 !
So my question is why failover occurs if the FWS is not online for some minutes and exchange 2 nodes are normaly online and working ?
Can we use Round Robin dns for FSW and create CNAME for fsw and add 2 hosts in it ? :)
Thanks for help,
BR
Marjan R.

Hello,
Sorry for delayed response.
You're right. The Alternate Witness Server itself does not provide any redundancy for the Witness Server, and DAGs do not dynamically switch witness servers, nor do they automatically start using the Alternate Witness Server in the event of a problem with
the Witness Server.
You can try to use Round Robin dns for FSW.
Cara Chen
TechNet Community Support

Exchange 2010 DAG Failover does not works

Hi Experts,
I have a Exchange 2010 setup in a DAG environment. We have 2 MBX servers in the main site and 1 MBX server in the DR site , all part of one DAG. We have 2 HUB/CAS servers in the main site and 1 HUB/CAS server in the DR site.
Recently we had to do our BCP test for audit purpose. We had issues in doing failover to the DR site and below is the error faced.
Please advise urgently on the possible causes and resolution steps for it as we need to do this test again on the coming weekend.
"EvictDagClusterNode got exception Microsoft.Exchange.Cluster.Replay.AmClusterEvictWithoutCleanupException: An Active Manager operation failed. Error An error
occurred while attempting a cluster operation. Error: Evict node 'sme-ho-mbx01' returned without the node being fully cleaned up. Please run cluster.exe node <NodeName> /forcecleanup to complete clean up for this node.. ---> System.ComponentModel.Win32Exception:
The wait operation timed out"
So, basically one of the MBX server was not evicting from the Cluster due to which failover did not work.
Would appreciate some urgent thoughts for the possible resolution.
regards
abubakar
Md.Abubakar Noorani IT Systems Engineer Serco Ltd.

Hi,
Yes, you can run the Stop-DatabaseAvailabilityGroup without shutting down the Mailbox server. During the process of DAG failover to DR site, the Stop-DatabaseAvailabilityGroup cmdlet should be run against all servers in the primary datacenter. If the Mailbox
server is unavailable but Active Directory is operating in the primary datacenter, the Stop-DatabaseAvailabilityGroup command with the ConfigurationOnly parameter must be run against all servers in this state in the primary datacenter.
And please note that the Stop-DatabaseAvailabilityGroup cmdlet can be run against a DAG only when the DAG is configured with a DatacenterActivationMode value of DagOnly.
Based on the error message, it seems that you should run the cluster node nodename /forcecleanup cmdlet against the specified node in the main site. Have you tried this to check the result?
Best regards,
Belinda
Belinda Ma
TechNet Community Support

Exchange 2010 SP3 outlook prompot password for linked mailbox

Hi All,
I have forest A and forest B, there is an Exchange 2010 SP3 server in forest A, linked mailboxes are created for user inside forest B. Trust relationship can be verified , in place and active. Suddenly , some linked mailbox user got outlook password prompt
repeatedly but OWA and Active Sync is still working fine.
I have reset Exchange Web Services Virtual Directory. but the issue still persists. Please advise
Regards,
Zaw
ZAW

Step 1: Close Outlook program and create backup of PST file
Step 2: Now run SCANPST.EXE on copy of your PST and repair
SCANPST.EXE is found in these locations according to different Outlook versions:
In MS Outlook 2002/XP: C:\Program Files\Common Files\System\MAPI\ \scanpst.exe
In MS Outlook 2000:C:\Program Files\Common Files\System\MAPI\ \NT\scanpst.exe
In MS Outlook 97/98:C:\Program Files\Common Files\Windows Messaging\scanpst.exe
Note: Do not use backup option in SCANPST.EXE as you working with a duplicate copy of PST
file.
Step 3: Then open the command prompt by clicking Start >> Run
Step 4: Paste or type the file path to PST19UP and your PST name: PSTUPG19.EXE-filename.pst
and press Enter.
Step 5: The command line will resemble: “C:\My Documents\pst19upg.exe”- Outlook.pst.
Step 6: A new copy of the PST file will be created, which is called “filename.psx”.
Step 7: Once you have completed, rename the original PST file.
Step 8: Now at the Command Prompt, type “pst19upg.exe- filename.psx” and press Enter
Step 9: A new password-free PST file will be created from PSX file.
Step 10: Now open your MS Outlook program and open the PST file.

Exchange 2010 CAS proxy to Exchange 2013 CAS: Use the following link to open this mailbox with the best performance:

Hello,
I've installed Exchange 2013 into Exchange 2010 infrastructure
[ single Exchange 2010 server; single AD site; AD = 2003 ],
and moved one mailbox [ Test user ] to Exchange 2013.
When I login internally through 2013 OWA to access mailboxes on 2010, then proxy works fine.
When I login internally through 2010 OWA to access mailboxes on 2013, then a message appears:
    Use the following link to open this mailbox with the best performance: with link to 2013 OWA...
What is wrong ?
I've checked and changed settings by:
Get-OwaVirtualDirectory, Set-OwaVirtualDirectory
[PS] C:\work>Get-OwaVirtualDirectory -Identity 'ex10\owa (Default Web Site)' | fl server,name, *auth*,*redir*,*url*
Server                        : EX10
Name                          : owa (Default Web Site)
ClientAuthCleanupLevel        : High
InternalAuthenticationMethods : {Basic, Fba, Ntlm, WindowsIntegrated}
BasicAuthentication           : True
WindowsAuthentication         : True
DigestAuthentication          : False
FormsAuthentication           : True
LiveIdAuthentication          : False
AdfsAuthentication            : False
OAuthAuthentication           : False
ExternalAuthenticationMethods : {Fba}
RedirectToOptimalOWAServer    : True
LegacyRedirectType            : Silent
Url                           : {}
SetPhotoURL                   :
Exchange2003Url               :
FailbackUrl                   :
InternalUrl                   : https://ex10.contoso.com/owa
ExternalUrl                   : https://ex10.contoso.com/owa
[PS] C:\work>Get-OwaVirtualDirectory -Identity 'ex13\owa (Default Web Site)' | fl server,name, *auth*,*redir*,*url*
Server                        : EX13
Name                          : owa (Default Web Site)
ClientAuthCleanupLevel        : High
InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
BasicAuthentication           : True
WindowsAuthentication         : True
DigestAuthentication          : False
FormsAuthentication           : False
LiveIdAuthentication          : False
AdfsAuthentication            : False
OAuthAuthentication           : False
ExternalAuthenticationMethods : {Fba}
RedirectToOptimalOWAServer    : True
LegacyRedirectType            : Silent
Url                           : {}
SetPhotoURL                   :
Exchange2003Url               :
FailbackUrl                   :
InternalUrl                   : https://ex13.contoso.com/owa
ExternalUrl                   :
best regards Janusz Such

Hi Janusz Such,
Based on my knowledge, CAS proxy can only from later version to previous version.
Some like CAS2013 to CAS2010/2007, CAS2013 to CAS2013.
Thanks
If you have feedback for TechNet Subscriber Support, contact
[email protected]
Mavis Huang
TechNet Community Support

Outlook 2010 - "Reply To" linking to wrong Exchange 2010 Internal Email Address

Hi,
One of my internal email users (Exchange 2010 Enterprise) compiled an email from within Outlook 2010 and sent it to a specific internal colleague with a CC to two other internal colleagues plus two external contacts.
They all recieve the email successfully but if any of them (internal & external contacts) try to "Reply" or "Reply All" the "To" for the new email is automatically populated with a completely different and unrelated
internal email account instead of that of the original sender? This occurs when attempted from either thier Outlook or OWA environments.
This appears to be a one off issue, as the original recipient of the problem email has recieved other emails from the same sender both just before and soon after which all behave correctly.
I have looked at the View Source information for the recieved and confused email from Outlooks perspective and there is no reference within the source to the wrong account that get consistantly used for the
purposes of a Reply.
I have never experienced this sort of problem before since administering Exhange etc and would like to understand how it can randonly occur.
Any help would be most welcome.
Regards,
Mark

Hi,
Does this issue happen to other emails or just the certain one?
On the sender side, please go to Send Items folder, find and open the problematic message. Click on File > Properties and check if the user set “Have replies sent to” in the Delivery options section:
If the original email was set with this option, when we click Reply, it will send email to the people typed in the box.
We can also check the message properties on the recipient side.
Please let me know the result.
Regards,
Steve Fan
TechNet Community Support

DAG Kerberos Authentication Issue Exchange 2010 on 2008R2 Servers

I have 2 Exchange 2010 servers in a DAG. The witness server is in site A along with one the Exchange servers. The second Exchange server is in a DR site. The DAG has been functioning fine for 1.5 yrs. Last weekend after a scheduled reboot of all 3 servers
involved (2 e-mail servers and the witness server), the e-mail server in the DR site cannot gain access to the witness share directory per the failover cluster manager. It says to check to see if the witness directory is on-line, etc... Using pings and
explorer, there is no problem for the DR site e-mail server to contact the witness server and directory. Even restablished the Quorem to the same directory, no issues. Upon doing a network trace though, I am receiving KERBEROS pre-authentication errors when
you start the Cluster service on the DR site e-mail server when it tries to contact the witness server:
(1.4 is the Witness server; 6.5 is the e-mail server in the DR site)
Source Destination
192.168.1.4","192.168.6.5","KRB5","319","KRB Error: KRB5KDC_ERR_PREAUTH_REQUIRED"
192.168.6.5","192.168.1.4","TCP","54","26049 > kerberos [FIN, ACK] Seq=235 Ack=266 Win=65792 Len=0"
192.168.6.5","192.168.1.4","TCP","66","26050 > kerberos [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26049 [ACK] Seq=266 Ack=236 Win=66048 Len=0"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26049 [RST, ACK] Seq=266 Ack=236 Win=0 Len=0"
192.168.1.4","192.168.6.5","TCP","66","kerberos > 26050 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1406 WS=256 SACK_PERM=1"
192.168.6.5","192.168.1.4","TCP","54","26050 > kerberos [ACK] Seq=1 Ack=1 Win=66048 Len=0"
192.168.6.5","192.168.1.4","KRB5","368","AS-REQ"
192.168.1.4","192.168.6.5","KRB5","282","KRB Error: KRB5KDC_ERR_PREAUTH_FAILED"
192.168.6.5","192.168.1.4","TCP","54","26050 > kerberos [FIN, ACK] Seq=315 Ack=229 Win=65792 Len=0"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26050 [ACK] Seq=229 Ack=316 Win=66048 Len=0"
192.168.1.4","192.168.6.5","TCP","60","kerberos > 26050 [RST, ACK] Seq=229 Ack=316 Win=0 Len=0"
Thoughts anyone?

Hi,
Unfortunately, the available information is not enough to have a clear view of the occurred behavior, it is not an efficient way to work in this community since we may need more resources, for example exchange log, detail cluster log (an application)
dump or ETL trace, which is not appropriate to handle in the community. I‘d like to suggest that you submit a service request to MS Professional tech support service so that a dedicated Support Professional can further assist with this request.
Please visit the below link to see the various paid support options that are available to better meet your needs.
http://support.microsoft.com/default.aspx?id=fh;en-us;offerprophone
Best regards,
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Exchange 2010 SP3 DAG Witness/Quorom Server Placement with 3 Datacenters

Hi we have 2 Exchange 2010 SP3 Server in the same Organization in a DAG
First one in Datacenter 1 in Germany
Second one in Datacenter 2 in Austria
There is a Third Datacenter available in Switzerland
Where should we place the Witness Server?
Our major concern is not a WAN Link will go down, most time a Datacenter will loose Power for some hours due
maintenance work or other things.
Is it a good idea to place the Witness Server in the third Datacenter!?
We found a Document which some missconception which talks about placing the witness always in
the primary Datacenter. But the Datacenter Switchover Document for Exchange 2013 says use a third Datacenter.
Is that also okay for Exchange 2010 or are they totally different?
Thank you in advance
Troga

Hi,
It is a new configuration option in Exchange 2013 that we use a third location for hosting the witness server.
Placing FSW in the third location will privide the ability automatically failover databases to the other datacenter in response to a datacenter-level failure event.
For more details, you can look at the "Witness server placement considerations" section in the following article.
http://technet.microsoft.com/en-us/library/dd298065(v=exchg.150).aspx
Best regards,
Belinda Ma
TechNet Community Support

Exchange 2010 SP3 upgrade

Dear Exchange admin,
We tried to upgrade Exchange 2010 SP1 to Exchange 2010 SP3 .In HQ site all preparation finished smoothly.
But in DR we are unable to do even preparation.We are getting the following error.
Please advice me how can proceed.
Summary: 4 item(s). 2 succeeded, 2 failed.
Elapsed time: 00:00:37
Configuring Prerequisites
Completed
Elapsed Time: 00:00:00
Organization Prerequisites
Failed
Error:
Setup needs to contact the Active Directory schema master but this computer is not in the same Active Directory site as the schema master (Default-First-Site-Name).
Click here for help... http://go.microsoft.com/fwlink/?linkid=30939&l=en&v=ExBPA.14&id=2376fec1-b9ce-44db-beb6-cb9ac4788988
Error:
Setup encountered a problem while validating the state of Active Directory: Exchange organization-level objects have not been created, and setup cannot create them because the local computer is not in the same domain and site as the schema master. Run
setup with the /prepareAD parameter on a computer in the domain kfupm and site Default-First-Site-Name, and wait for replication to complete.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
Elapsed Time: 00:00:14
Languages Prerequisites
Completed
Elapsed Time: 00:00:04
Mailbox Role Prerequisites
Failed
Error:
Setup encountered a problem while validating the state of Active Directory: Exchange organization-level objects have not been created, and setup cannot create them because the local computer is not in the same domain and site as the schema master. Run
setup with the /prepareAD parameter on a computer in the domain kfupm and site Default-First-Site-Name, and wait for replication to complete.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
Error:
Setup cannot continue with the upgrade because the 'mmc' () process (ID: 4508) has open files. Close the process and restart Setup.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
Error:
Setup cannot continue with the upgrade because the 'powershell' () process (ID: 3808) has open files. Close the process and restart Setup.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
Error:
Setup cannot continue with the upgrade because the 'mmc' (4508) process (ID: ) has 'Microsoft.Exchange.Management.SnapIn.Esm.dll' loaded. Close the process and restart setup.
Click here for help... http://go.microsoft.com/fwlink/?linkid=30939&l=en&v=ExBPA.14&id=f0d3f291-5a52-43ea-9121-24aa7cd0c30e
Warning:
Install hotfix Microsoft Knowledge Base article 2550886 from http://support.microsoft.com/kb/2550886 to improve Windows Failover Cluster transient communication instability when deploying stretched Database Availability Groups across datacenters.
Elapsed Time: 00:00:18
Ashraf

Hi Ashraf
Thank you for your question.
Exchange update cannot continue because the computer that is running update is not in the same Active Directory site or domain as the server that is assigned the domain schema master role, also known as flexible single master operations or FSMO.
You can refer to the following link to change exchange site schema:
http://technet.microsoft.com/en-US/us-cn/zh-hans-cn/library/2376fec1-b9ce-44db-beb6-cb9ac4788988.aspx
You also notice the order for updated:
1.Client Access servers (beginning with the internet-facing site)
2.Hub Transport and Edge Transport servers
3.Mailbox servers
4.Unified Messaging servers
You can refer to the following link to update:
http://exchangeserverpro.com/installing-exchange-server-2010-service-pack-3/
If there are any questions, please let me know.
Best Regard,
Jim

After server move Exchange 2010 not sending emails

We moved the servers to a different building and after getting everything set back up we're unable to send emails. The only thing that really should have changed would have been our external IP address. We've updated all of our DNS records to point to our new IP.When I go to "Microsoft Exchange with Database Availability Group Events" event log I see the error:The Microsoft Exchange Mail Submission service is currently unable to contact any Hub Transport servers in the local Active Directory site. The servers may be too busy to accept new connections at this time."When I go to Queue Viewer the "Last Error" listed is:451 4.4.0 Primary target IP address responded with "421 4.4.2 Connection dropped due to SocketError." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed...
This topic first appeared in the Spiceworks Community

Hi,
Based on the description, SharePoint users can send internal emails to each other, however, they couldn't send external emails to Internet.
Make sure the Authentication is set to TLS and Externally Secured, and the Permission Groups to Anonymous users and Exchange servers. Here is a related article for your reference.
Configuring outgoing email in SharePoint 2010 with Exchange 2010 – Step by Step Guide
http://sharepointgeorge.com/2010/configuring-outgoing-email-sharepoint-2010/
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
sure that you completely understand the risk before retrieving any suggestions from the above link.
If the issue persists, I recommend you check Queue Viewer to see if these messages are stuck in queue. Besides, please enable message tracking and check message tracking log to narrow down the issue. About message tracking, please refer to
Understanding Message Tracking.
Best regards,
Belinda
Belinda Ma
TechNet Community Support

Exchange 2010/2013 coexistance mailflow issues: 421 4.4.2 socket error.

So I am in Exchange 2010 SP3 / Exchange 2013 SP1 co-existence.
I can send from a test 2013 user to external and 2010 users internally on the domain. But I cannot send to the 2013 test user. I get:
451 4.4.0 Primary target IP address responded with: "421 4.4.2 Connection dropped due to SocketError." Attempted to failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate
hosts.
I've been looking at this for example:
http://support.microsoft.com/kb/979175
But no matter where on the 2013 receive connectors I add Exchange Server Authentication, it still doesnt work.
Theres so much stuff on this error message, but everyhing I find seems to be 2003 / 2010 or other coexistance which is different to my environment.

Hi guys, thanks for the responses, please keep in mind I am not a specialist Exchange Admin, I'm a IT jack of all trades.
We do not use Windows firewalls on the domain network. Both my 2010 and 2013 setups are in DAGs. Telnet client is not installed on the Exchange 2013 servers, only on the 2010 servers.
How do I "drop an email...through Telnet"?
Telnet from SiteA Exc2010 to SiteA Exc2013:
220 Exc2013.MyDomain.local Microsoft ESMTP MAIL Service ready at Wed, 4 Jun 201
4 09:42:39 +1000
451 4.7.0 Timeout waiting for client input
Connection to host lost.
Telnet from SiteA Exc2010 to SiteB Exc2013:
Blank window, nothing comes up, no response at all. Doesnt seem to time out either.
Telnet from SiteC Exc2010 to SiteA and SiteB Exchange 2013:
Exactly the same as from SiteA Exc2010.
IPConfig:
Windows IP Configuration
Host Name . . . . . . . . . . . . : Exc2010
Primary Dns Suffix . . . . . . . : MyDomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : MyDomain.local
Ethernet adapter Exchange MAPI Network:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : BASP Virtual Adapter
Physical Address. . . . . . . . . : 00-26-B9-5E-E7-47
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 172.16.2.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : 172.16.2.31(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.2.2
DNS Servers . . . . . . . . . . . : 172.16.2.12
172.16.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Exchange Receive:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
VBD Client) #50
Physical Address. . . . . . . . . : 00-10-18-FC-16-76
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 172.16.2.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.2.2
DNS Servers . . . . . . . . . . . : 172.16.2.12
172.16.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection* 9:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Failover Cluster Virtual Adapte
r
Physical Address. . . . . . . . . : 02-26-B9-5E-E7-46
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3c54:d53e:e2ea:8d9f%19(Preferred)
IPv4 Address. . . . . . . . . . . : 169.254.1.173(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 604120761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-4C-3C-35-00-10-18-6B-C0-36
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Exchange DAG Replication:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
VBD Client) #49
Physical Address. . . . . . . . . : 00-10-18-FC-16-74
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.10.2.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Backup Network:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
VBD Client) #5
Physical Address. . . . . . . . . : 00-10-18-6B-C0-36
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.2.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{7282FD1F-E6A4-4BD2-8D40-B2586BF4130D}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{C38886F3-875D-4403-A95B-C1BF2243D6BE}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{46074087-7F11-4414-8B45-8EE71DA621D4}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{73064E78-05CB-4279-8EA8-3E5094067025}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{4F2BDC5B-35FF-49D7-9431-67FA2EB1D327}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Reusable ISATAP Interface {C3216126-6DDC-4523-958A-5907C784EC1F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Exchange 2010 /2013 DAG Design

Hi All,
I Have Gone through some Articles and Blogs where i read about the DAG Design and Member server placement in Site Resiliency Scenarios..
I just want to know what and how many DAG Designs we can propose to Customers.
As per my knowledge and study i came across -
(A) Active/Passive Model with Shared Namespace (Single DAG)
(B) Active/Passive model with different namespaces (Single DAG)
(C) Active/Active Model with Different Namespaces (2 DAGs).
I am Just Curious to know is there any other model DAG that can be proposed apart from above mentioned Designs in terms of both Namespace and Database Active copy Location.
Also can you also put some light and clarify whether we can have
Active/Active Model with Shared Namespace (Single DAG). I have read it is supported in exchange 2013, if so can we do the same in Exchange 2010 as well. If not what makes this design different in exchange 2010 v/s exchange 2013. How can we
achieve this design in exchange 2013?
I got a good article on above scenarios
here but I have some terms or paragraphs bit
confusing. Please help me to understand the bold lines in below paragraph.
Since we typically only have active users connecting to the primary datacenter (at least the majority of the users connect to this datacenter unless a site failover occurs),
the autodiscover record (autodiscover.exchangelabs.dk) in external DNS points to the load balancer in the primary datacenter. The internal “AutoDiscoverServiceInternalUri” on the CAS servers in the primary datacenter has been configured with a value of https://mail.exchangelabs.dk/autodiscover/autodiscover.xml,
and the same goes for the CAS servers in the failover datacenter. Now you could choose to point the AutoDiscoverInternalUri on CAS servers in the failover datacenter at “https://failover.exchangelabs.dk/autodiscover/autodiscover.xml” but
you can easily up on in a situation where SCP’s aren’t reachable during a site failover. Also, cross-site traffic caused by Autodiscover have a minor impact on the WAN link since autodiscover requests consists of small XML based text files.
Also in
Active/Passive model with different namespaces (Single DAG) or Active/Active Model with Different Namespaces (2 DAGs) model do we still repoint EWS,OA,EAS
etc. web service records in public DNS. If yes what should be their value (please refer
Complete Site failover Segment in Above URL)
it would be very helpful if you could provide any detailed Design diagram as mentioned in URL to understand the things better. or any Technet Articled with well
description
Thanks in advance
Regards
Aanand Singh
Regards, Aanand Singh

Hello,
The sentence " you
can easily up on in a situation where SCP’s aren’t reachable during a site failover. Also, cross-site traffic caused by Autodiscover have a minor impact on the WAN link since autodiscover requests consists of small XML based text files." I
understand that if site failover occurs,as long as the CAS servers are available in the primary datacenter, clients will continue to connect to the CAS servers in this datacenter. The CAS servers will not be used in the failover datacenter.
Consider WAN outage, we recommend you deploy Active/Active Model with Different Namespaces (2 DAGs).
Besides, I recommend you configure DNS to round-robin between the VIPs of the load balancers in each datacenter to realize single namespace.
Here are some articles for your reference.
http://technet.microsoft.com/en-us/library/dd979781(v=exchg.141).aspx
http://blogs.technet.com/b/scottschnoll/archive/2012/11/01/storage-high-availability-and-site-resilience-in-exchange-server-2013-part-3.aspx
http://blogs.technet.com/b/exchange/archive/2013/01/25/exchange-2013-client-access-server-role.aspx
Cara Chen
TechNet Community Support

Exchange 2010 failover of 2 Links

Similar Messages

Maybe you are looking for