Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Removing a Domain Controller 1

Status
Not open for further replies.
zephyran

zephyran

Technical User
Nov 30, 2001
311
US
We've finished a migration from Exchange 5.5 to 2003 on a Windows 2000 AD domain. During the move, I had installed temporary domain controller servers in each of our 2 sites, with plans to promote the old 5.5 servers to domain controllers after removing Exchange 5.5 from them.

The old 5.5 servers are now DCs, with all FSMO roles transferred to them. I've demoted the temporary DC in one of the sites, and now the Exchange server in that site gives the following error from the "MSExchangeAL" source:

"LDAP Bind was unsuccessful on directory tempdc.domain.org for distinguished name ''. Directory returned error:[0x51] Server Down."

This error pops up roughly every six hours, and the following Windows error appears about every 2 hours (from the source "Lsasrv"):

"The Security System could not establish a secured connection with the server cifs/tempdc.domain.org. No authentication protocol was available."

Do I somehow need to force the server to start looking directly at the permanent DC in that site?
 
Sort by date Sort by votes
After rebooting that server (we don't boot our Exchange servers unless absolutely necessary), the LSASRV messages stopped appearing.

However, we still get the warning message from "MSExchangeAL". Also, we have seen the occasional problem where the DHCP service (also located on that server) fails to see a domain controller for authentication and (at least once) stops servicing clients. A reboot has fixed the DHCP issue when it occurs, but the "MSExchangeAL" issue is always there. Any ideas?
 
Upvote 0 Downvote
You probably need to update your Recipient Update Services. Verify that you've redirected your RUS's to connect to an existing DC.

PSC

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --Mr. The Plague, from the movie "Hackers
 
Upvote 0 Downvote
I checked RUS, and the instance for that server was still pointing to the old GC. I re-pointed it to the new one at that site, and am rebuilding it now.

I'll let you know if the error comes back. Otherwise, thanks for your help!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
953
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
Issue removing large deleted items folder's contents
Replies
1
Views
1K
DrB0b
DrB0b
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher
microsGuy16
  • Locked
  • Question
Global Address List Names not showing in Outlook OWA 365
Replies
0
Views
1K
microsGuy16
microsGuy16
Trevor Gryffyn
  • Locked
  • Question
Removed Accepted Domain, now can't email that (now external) domain
Replies
2
Views
158
AdrianGates
AdrianGates

Part and Inventory Search

Sponsor

Back
Top