Hi

We have 4 Exchange servers 2013: 2 CAS and 2 HT&Mailboxes, also we have 2 domain controllers, 1 in the same site as the Exchange servers and 1 in the corporate, the replication beetwen the DCs were modified because bandwith limitations, so the replication occur every 30 minutes.

The problem arise when I create a mailbox user, after create the mailbox in the ECP, I try to Access by owa the mailbox, it shows that the mailbox is unavailable, but if I manually replicate both domain controllers, I can Access to the mailbox of the recently created user...

I know that Exchange must use the DC and GC in the same site for all those kind of matters, but I don't know why happen this behavior.

If I try to add statically the DC and GC and configurationDC I found that is not recomended.

Any idea where to investigate this problem? need help!!!

The AD personnel says that the domain and dcs are without any

Hi

But what is the reason for the Exchange servers select the DC in other site than the DC in the same site?

Is a misconfiguration?, or what can be? they have CU6.

Because fixing a static DC in the Exchange servers I think too is not recomendable.

Hi DocMX,

Thank you for your question.

I agree with Niths advice.

In addition, we could check the DNS configuration of network adapter on Exchange server to make sure:

Preferred DNS server           point to DNS on itself site

Alternate DNS server            point to DNS on another site

If there are any questions regarding this issue, please be free to let me know. 

Best Regard,

Jim

Hi ,

Thanks a lot for adding an valuable point jim and i forget to include it on my previous post.

Question : 

But what is the reason for the Exchange servers select the DC in other site than the DC in the same site?

Is a misconfiguration?, or what can be? they have CU6.

Suggestion's : 

1.Please have the sites and services configured properly for the exchange server subnet's.Then use the below mentioned command to find out the exchange server is authenticating on the same site where the domain controller resides.

nltest /dsgetsite

2.Then leave the exchange servers to choose the domain controllers dynamically.

3.Make sure both the domain controllers are acting as global catlog.

4. Monitor the events id's 2080 on the domain controllers which would give you the in-site and out-of-site domain controllers list.

Note : By default domain controllers available on the same site will be preferred and used by the exchange servers.

5.Then finally restart the active topology service and then create the mailbox using EAC and check the results.

Note : Restart the active directory topology service after the production hours.

Reference Links:

http://howdouc.blogspot.in/2011/01/exchange-active-directory-topology.html

http://support.microsoft.com/kb/316300

Hi

Both domain controllers are GC, the exchange servers are in the same site like the DC,  the 2080 event is describing the dcs in the local site and out-of site, and this Exchange servers were recently restarted...

IN SITE:

dc001.domain.local  CDG      1 7 7 1 0 1 1 7 1

OUT OF SITE:

dc002.domain.local  CDG  1 7 7 1 0 1 1 7 1

the DNS primary: DC in the same site

DNS Secondary: the other site

Any other idea why is not using the same site DC?

or I have to define the DC statically? or I can check something else?

Hi ,

Sorry for delay.

Restart the domain controllers and check the same issue is persisting or not .In case if the same issue persists please do the following for a checking purpose.

1.Does the domain controller on the site where the exchange server resides is an PDC? If not just for a testing purpose make that DC as the PDC and check the results ?

2.Does both the domain controllers are acting as the bridge head servers , If not make both the DC's as bridge head servers ?

3.On the exchange server just look for the error and critical events which is related to msexchange ADaccess .

Hi Nit

1.- Yes also it includes all the roles for the forest and it's a GC

2.- I'm not sure how to ckeck that

3.- In 3 servers the 2080 info refers the 1 dc in site and the other outside, but in the last mailboxserver (it's the stand-by server) I don't see any 2080 info... is this normal?

Hi to all

The problem persist... and a friend told me that in a call to Microsoft recommended to apply this commands to the server (but this were made for Windows 2008, in this scenario is for Windows 2012):

>> Ran the commands in the command prompt,
netsh int tcp set global chimney=disabled
netsh int tcp set global RSS=disabled
netsh interface tcp set global autotuninglevel=disabled

>> Also ,
In the Properties of the NIC Card made the following change
- Click on Configure
- Click on the Advanced Tab
- Choose the Property TCP/UDP Checksum Offload (IPV4)
- Set the Value to DISABLE

I would apply this to the 4 Exchange servers, two questions:
-Do you think this would correct the problem?
-If I apply both, can raise any kind of problem?

Hope to know news, thanks in advance

Hi Nith

We made some test and the only way to workaround this is settingin every Exchange server a static domain controller, but this is not advisable so:

-In the case of failure of the only DC configured, is there a way to put the other DC in every Exchange server? I think must be a registry key to configure this in every Exchange server, and/or maybe by ADSIEdit this can be achieve, is this possible?

Thanks in advance