How to Install Exchange Server 2013 – Active Directory Design

In this blog post we will be exploring some best practices on how to design Active Directory for introducing Exchange Server 2013. Ever since Exchange 2000 was introduced I have seen in my past experience many people design active directory by placing all Domain Controllers in Default-First-Site-Name. This in turn causes many outages due to improper placement of Active Directory Domain Controller placement.

Concept

When we place all DC’s in the same site then Active Directory assumes that all are from same site and it will keep on replicating information. Which will cause DC’s to go too busy. When Exchange Server is running in such scenario then it will also assume that all DC’s are in local site. Exchange randomly selects best DC for Configuration information, Domain Controller and Global Catalogue. When any one DC is busy or not responding then Exchange Server Services wont start. You can look for Event ID 2080 for more information. Now changing such environment or re-designing it requires core understanding of how AD replication works.

Permission Requisites

The account must be member of Enterprise Admins Group, Domain Admins Group.

Scenario

Three domain controllers in same site – Default-First-Site-Name

DC1

Subnet : 10.10.0.0/16

DC2

Subnet : 10.20.0.0/16

DC3

Subnet : 10.30.0.0/16

Physical Location for each DC is Default-First-Site-Name, US and UK.

Domain Name : MSEXCHANGETEAM.IN

No exchange server has been introduced so far. We will first correct Active Directory Issues and then we will start installing Exchange Server 2013.

Note : It is highly recommended to have Two DC’s in each site. Since this is a testing environment I have created one DC in each site.

===========================================

image

Figure 1.1 : NLTEST

In figure 1.1 what we see is our member server is able to locate the site name.

image

Figure 1.2 : Logon server

In figure 1.2 when you look it says DC2, however it should be looking at DC1 as per the IP Address and Subnet. Poor network.

image

Figure 1.3 : NSLOOKUP

In figure 1.3 Name Server is also showing as Unknown.

Lets correct them one by one.

NOTE : If you already have such scenario then ensure you have planned outage. Downtime is required.

===========================================

Lets fix DNS name server issue.

To fix that we have used any one AD integrated DNS server and create Reverse Zone and Pointer Record for all Name Serves.

image

Figure 1.4 : Reverse Lookup

In figure 1.4 we have created reverse lookup zones and also pointers for each DC’s.

Now lets run NSLOOKUP.

image

Figure 1.5 : NSLOOKUP

In figure 1.5 NSLOOKUP is now showing clean.

Now we will begin creating Site Name and Subnet for each site. So that they are located in their physical sites.

To do that open Active Directory Sites and Services and do the following.

image

Figure 1.6 : Sites and Services.

In figure 1.6 what we see is all DC’s in same site. We will now create two new sites and subnets for each site.

image

Figure 1.7 : New Site

I have created two sites as US and UK.

image

Figure 1.8 : New Subnet

image

Figure 1.9 ; Subnet Option

In figure 1.9 create subnets based on the network and “Select Site Object to associate with that Subnet”

image

Figure 1.10 : Subnets Created and Linked with sites as per their physical location

Now we will move the DC’s to their sites to which they belong.

image

Figure 1.11 : Move option

image

Figure 1.12 : Move Server option

We will select appropriate site name for DC’s and will move them. Do not modify or delete connection objects.

image

Figure 1.13 : DC’s Moved

Connection objects are created automatically. Reboot is required for all DC’s, Since the changes are made across all Domain Controllers and Sites.

===========================================

Now that we have corrected Active Directory Issue. Lets login to the member server and check from which DC it is getting authenticated.

image

Figure 1.14 : Logon server has changed.

In figure 1.14 now the logon server has changed to DC1. It looks good and now its time to move ahead with installing exchange.

===========================================

In the next blog we will be installing Exchange Server 2013 in Default-First-Site-Name.

Note : In the above scenario we are having only one DC’s in each site, however in real time scenario a minimum of two DC’s and GC’s are required for best performance.

If you wish to read the second part of this blog post then please click below.

How to Install Exchange Server 2013 – Active Directory Design Continued …..

Happy Learning

Sunder

MSEXCHANGETEAM | Ideas That Clicks

Tagged , . Bookmark the permalink.

One Response to How to Install Exchange Server 2013 – Active Directory Design

  1. Sathesh says:

    Good basic stuffs !!

    Keep going !