Hello, and thank you for taking the time to read and hopefully respond to my issue.
I am having trouble with my Exchange 2010 server. It will randomly reject outgoing emails claiming a "cannot realy" type error. Minutes later the exact same email will go out just fine. This will happen to random emails from random people at random times. I have found no pattern with it yet, luckily it has not happened to the same person twice, so I am still under the radar of management on this issue.
I decided to run the best practices analyzer to see if that could lead me to the issue. I was recently handed this department and have had almost nothing to do with any of the setup and deployment decisions before now, so I have little idea how things are actually configured. And thusly i cannot answer many questions about the setup without some guidance on how to find the answers you seek. The analyzer came back with 5 errors, it was pretty easy to guess what they were.
Cannot contact the server acting as the Domain Naming Master on port 389. Check that Active Directory server 'dc1.DOMAIN.com' is functioning correctly. Error code: 389 Not Available.Cannot contact the server acting as the Schema Master on port 389. Check that Active Directory server 'dc1.DOMAIN.com' is functioning correctly. Error code: 389 Not Available.
Cannot contact the server acting as the Infrastructure Master for domain 'DOMAIN' on port 389. Check that Active Directory server 'DC2.DOMAIN.com' is functioning correctly. Error code: 389 Not Available.
Cannot contact the server acting as the PDC Emulator for domain 'DOMAIN' on port 389. Check that Active Directory server 'DC2.DOMAIN.com' is functioning correctly. Error code: 389 Not Available.
Cannot contact the server acting as the RID Master for domain 'DOMAIN' on port 389. Check that Active Directory server 'DC2.DOMAIN.com' is functioning correctly. Error code: 389 Not Available.
The issue is that the Exchange server clearly has connection to the server on port 389 as Netstat shows them open on the domain controllers. Netstat on the Exchange server also shows them as open. So I uninstalled Kaspersky (various versions on the servers), restarted all machines and I am left with the exact same errors after another best practices scan.
Before you jump to conclusions (don't forget your mat)...
This technet article:
http://technet.microsoft.com/en-us/library/aa995877%28v=exchg.80%29.aspx
Does not help me. All of the schema owners and masters are up and running, and the previous domain controller and owner was stripped of the master and owner schema/roles before it was demoted. It does not provide a real solution to this issue. especially since I can see the open ports in netstat.
System and domain information:
Domain Controllers and Exchange server are all running on Server 2008r2 boxes.
2 current domain controllers (both up to date)
Domain functional level: Server 2008 (NOT r2)
We have 5 RODCs at remote locations, 4 are 2008r2, 1 is 2008 (NOT r2)
DC1 and dc2 are primary DNS for entire domain
Outlook from anywhere is enabled but non-functional (yet)
Entire network is VPN together from multiple sites, all sites have unique /24 DHCP address lot assigned by the primary DC or RODC on site.
Domain control was recently ran 100% by a 2003 server, transferred roles, demoted server and upped functional level.
"Public" servers actually have a private IP and are NAT'ed to a public IP (ISP config, not ours). So Exchange webmail is available from anywhere, but Outlook anywhere is not.
The server seems fully functional, but these errors and the recent problems trouble me (and might put my management ability in question)
if there is any other information that you need, please let me know and I will be happy to provide it. i am just trying to get a grasp on all this.
Thank you,
-Max
Rule your day, you never know when it might be your last.