Originally this exchange server existed in a smaller environment. Over time more DC’s have been added to the environment but I suspect something about the exchange installation is not recognizing this fact. There is another DC in this same site and 6 more DC’s in other AD Sites. When I reboot a specific DC, I get errors in the exchange server application and system logs as follows: System log: Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 5783 Date: 11/21/2011 Time: 10:08:17 AM User: N/A Computer: EXCHANGE Description: The session setup to the Windows NT or Windows 2000 Domain Controller \\DC1.MyDomain.local for the domain MYDOMAIN is not responsive. The current RPC call from Netlogon on \\EXCHANGE to \\DC1.MyDomain.local has been cancelled. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Application Log: Event Type: Error Event Source: MSExchangeAL Event Category: Service Control Event ID: 8365 Date: 11/21/2011 Time: 10:11:28 AM User: N/A Computer: EXCHANGE Description: Could not read the Security Descriptor from the Exchange Server object with guid=C1480C845E983C49A392553A0BA0529B. As a result the Proxy Address Calculation RPC interface will not be available on the local Exchange Server. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error Event Source: MSExchangeSA Event Category: General Event ID: 9385 Date: 11/21/2011 Time: 10:11:30 AM User: N/A Computer: EXCHANGE Description: Microsoft Exchange System Attendant failed to read the membership of the universal security group '/dc=local/dc=MYDOMAIN/ou=Microsoft Exchange Security Groups/cn=Exchange Servers'; the error code was '8007203a'. The problem might be that the Microsoft Exchange System Attendant does not have permission to read the membership of the group. If this computer is not a member of the group '/dc=local/dc=MYDOMAIN/ou=Microsoft Exchange Security Groups/cn=Exchange Servers', you should manually stop all Microsoft Exchange services, run the task 'add-ExchangeServerGroupMember,' and then restart all Microsoft Exchange services. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. As soon as the DC comes back up the Exchange server is happy again but I would like it to simply look elsewhere when that DC is rebooting. Where can I inform the Exchange server to look for a different DC when that one is rebooting? The DC in question is the domain naming master and schema master but does not hold any of the other three master roles. Exchange 2007 SP 2 Rollup 5 running on Server 2003 R2

Hi there, May us know where is your Global Catalog resides in that site, because exchange will only contact the DC which has the GC. If GC is resides on your first DC(rebooting one) try to move it to other one and see how it goes. Thanks & Regards, Kottees R

All DC's are GC's.

Hello, please check your DNS settings on the Exchange server. Please also check if the replication between your DCs is working correctly. Greetings, Toni

Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS VBD Client) Physical Address. . . . . . . . . : 00-21-5E-DB-91-18 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.2.19 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.1 DNS Servers . . . . . . . . . . . : 192.168.2.5 <--This is DC1, the one that causes errors when I reboot it 192.168.2.6 <--This is DC2, the other one in the same site 192.168.1.10 <--This is DC5, located at another site C:\Documents and Settings\Administrator.MYDOMAIN>nslookup mydomain.local dc2 Server: dc2.mydomain.local Address: 192.168.2.6 Name: mydomain.local Addresses: 192.168.2.6, 192.168.2.5, 192.168.112.11, 192.168.7.5 <-- These are all of the various DCs 192.168.7.6, 192.168.1.9, 192.168.1.10, 192.168.112.10 C:\Documents and Settings\Administrator.MYDOMAIN>nslookup mydomain.local dc1 Server: dc1.mydomain.local Address: 192.168.2.5 Name: mydomain.local Addresses: 192.168.2.6, 192.168.2.5, 192.168.7.6, 192.168.112.10 192.168.7.5, 192.168.112.11, 192.168.1.9, 192.168.1.10 I can't see anything wrong with this part. When I ping mydomain.local it resolves to the DC1 IP address but since that is also the primary DNS server for the Exchange server that doesn't seem amiss. No replication problems. All DCs are DNS servers and DNS is AD integrated.

Hi there, Based on my research, the network connection between Exchange server and the three DC/GC is unstable and this cause Exchange server have difficulty to access DC/GC. We recommend to update all the physical network cards’ drivers to the latest version on your Exchange server, GC/GC and then reboot servers. Only when there is not any network connection problem between the Exchange server and DC/GC, the event 8365 could disappear. Regarding error ID 9385, please verify the group “Exchange Servers” in “Exchange servers security group”, make sure your Exchange server is one of the members. Additionally, restart Microsoft Exchange System Attendant service if the issue error ID reoccurs when you reboot the GC server. Best Regards Fiona Liao E: v-fiolia@microsoft.com

Any update?Best Regards Fiona Liao E: v-fiolia@microsoft.com

Hi there, Based on my research, the network connection between Exchange server and the three DC/GC is unstable and this cause Exchange server have difficulty to access DC/GC. We recommend to update all the physical network cards’ drivers to the latest version on your Exchange server, GC/GC and then reboot servers. Only when there is not any network connection problem between the Exchange server and DC/GC, the event 8365 could disappear. Regarding error ID 9385, please verify the group “Exchange Servers” in “Exchange servers security group”, make sure your Exchange server is one of the members. Additionally, restart Microsoft Exchange System Attendant service if the issue error ID reoccurs when you reboot the GC server. Best Regards Fiona Liao E: v-fiolia@microsoft.com As far as updating the NIC drivers, broadcom says this: "Due to the advanced software architecture of the NetXtreme II 1 Gigabit adapter, the installation/uninstallation of drivers is only supported through a driver installer. Manually installing/uninstalling the drivers through the Device Manager is not recommended. To ensure a more seamless upgrade, please attempt to update the drivers for the NetXtreme II 1 Gigabit adapter through the drivers provided by the manufacturer of the system containing this device." Doing this is going to require a server reboot which means I have to come in after hours to do so. I am skeptical this will fix this issue but I will try it. As for the NIC's on the DC's they are all Hyper-V VM's so I would assume any better driver packages would have shown up in microsoft update for either the guest or the host and all updates are current on both. The exchange server is a member of the Exchange Servers group in AD.