Error: Failed to reconnect to Active Directory server when exporting to exch2007
Hi I am doing galsync between multiple sites. There are all kinds of exchange environments including 2003,2007 and 2010. One of the sites has Exchange 2007. when I run the agent and try to do export; I get an error message in event log stating that Failed to reconnect to Active Directory server dc.domain.local. Make sure the server is available, and that you have used the correct credentials. I checked the forums and also did some googling. The name of their domain is site3.local. I tried all the following to no avail :-9 1. Tried the credential as galsync@site3.local 2. Tried the credential by filling out all the boxes (including domain name & forest name) 3. Changed the provisioning from Exchange 2007 to none 4. Checked DNS (I have a stub zone). I get SRV records returned when I do nslookup 5. I can ping the DCs and access them on ports 389 and 135 6. I double and triple checked with site admin. He swears that domain and forest names are correct. Any help is appreciated. Thank you
May 13th, 2011 11:31am

Have you tried configuring a preffered domain controller on your ADMA yet? Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation
Free Windows Admin Tool Kit Click here and download it now
May 13th, 2011 12:16pm

I tried the preferred domain controller too. First by IP and then by FQDN. Neither one works. :-(
May 13th, 2011 12:44pm

Have you looked at this yet? Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation
Free Windows Admin Tool Kit Click here and download it now
May 13th, 2011 1:31pm

Hi Actually I was there before I posted this question. I went through all the steps and still nothing (ones listed on my main question) Should I post nslookup results?
May 13th, 2011 1:53pm

I doubt that your issue is related to name resolution. Unless, there is something funky going on, this type of error is usually related to a service issue. I suspect something on the firewall level - that would be at least my first guess. Have you find anything that could be related in the event log? A NetMon trace might help to shed more light on this... Cheers, MarkusMarkus Vilcinskas, Knowledge Engineer, Microsoft Corporation
Free Windows Admin Tool Kit Click here and download it now
May 13th, 2011 2:18pm

On Windows 2008 R2 network tracing got so much eassier. You can simply collect a trace on your server, and afterwards analyze it using network monitor. No need to install anything on your servers: http://setspn.blogspot.com/2011/01/network-tracing-awesomeness.htmlhttp://setspn.blogspot.com
May 13th, 2011 4:05pm

Did it work before or it hasn't worked at all for this specific exchange environment?Need realtime FIM synchronization? check out the new http://www.traxionsolutions.com/imsequencer that supports FIM 2010 and Omada Identity Manager real time synchronization!
Free Windows Admin Tool Kit Click here and download it now
May 16th, 2011 8:06am

Hi Not it didn't work before. I keep getting this message about "failed to reconnect to active directory server when exporting to exch2007. Here is what I have tried so far 1. Tried the credential as galsync@site3.local 2. Tried the credential by filling out all the boxes (including domain name & forest name) 3. Changed the provisioning from Exchange 2007 to none 4. Checked DNS (I have a stub zone). I get SRV records returned when I do nslookup 5. I can ping the DCs and access them on ports 389 and 135 6. I double and triple checked with site admin. He swears that domain and forest names are correct. 7. Used preferred domain controller under properties.
May 16th, 2011 9:58am

Are there any additional messages within the eventlog. Is there a firewall in between? Do you have kerberos errors? (you can enable kerberos logging through the registry) Did you tried full dns names and netbios names in the domain and forests boxes?Need realtime FIM synchronization? check out the new http://www.traxionsolutions.com/imsequencer that supports FIM 2010 and Omada Identity Manager real time synchronization!
Free Windows Admin Tool Kit Click here and download it now
May 16th, 2011 10:20am

1. I tried full dns names for forest and domain but not netbios name. Does netbios names for forest and Domain work? Afterall these are remote forests/domains and I am using DNS to resolve them 2. Unfortunately there is a firewall in between (grrrrrrrrrr). They are west coast and this site is in east coast. Here are the ports open in between. Am I missing something? Not even sure if 3rd one is even necessary to be honest. Connectivity between local DNS server and remote DNS servers (Port 53) Connectivity between local FIM server and remote DC servers (Port 389 and Port 135) Connectivity between local FIM server and remote exchange servers (Port 135)
May 16th, 2011 10:41am

I see the following message in network monitor when doing the export in FIM. I am able to reach their DCs on port 389 Time & date: 12:38:37 PM 5/16/2011 Source: Site2.domainname.local Destination: GAL SrcPort=LDAP(389), DstPort=64746, PayloadLen=113,
Free Windows Admin Tool Kit Click here and download it now
May 16th, 2011 12:45pm

Is it possible to narrow down which connections to which ip numbers & ports are tried when running the export, to see if there are still ports being blocked somehow.Need realtime FIM synchronization and advanced reporting? check out the new http://www.imsequencer.com that supports FIM 2010, Omada Identity Manager, SQL, File, AD or Powershell real time synchronization!
June 1st, 2012 2:40am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics