In this blog post we will be exploring some best practices on how to design Active Directory for introducing Exchange Server 2013. Ever since Exchange 2000 was introduced I have seen in my past experience many people design active directory by placing all Domain Controllers in Default-First-Site-Name. This in turn causes many outages due to improper placement of Active Directory Domain Controller placement.
When we place all DC’s in the same site then Active Directory assumes that all are from same site and it will keep on replicating information. Which will cause DC’s to go too busy. When Exchange Server is running in such scenario then it will also assume that all DC’s are in local site. Exchange randomly selects best DC for Configuration information, Domain Controller and Global Catalogue. When any one DC is busy or not responding then Exchange Server Services wont start. You can look for Event ID 2080 for more information. Now changing such environment or re-designing it requires core understanding of how AD replication works.
The account must be member of Enterprise Admins Group, Domain Admins Group.
Three domain controllers in same site – Default-First-Site-Name
Subnet : 10.10.0.0/16
Subnet : 10.20.0.0/16
Subnet : 10.30.0.0/16
Physical Location for each DC is Default-First-Site-Name, US and UK.
Domain Name : MSEXCHANGETEAM.IN
No exchange server has been introduced so far. We will first correct Active Directory Issues and then we will start installing Exchange Server 2013.
Note : It is highly recommended to have Two DC’s in each site. Since this is a testing environment I have created one DC in each site.
Figure 1.1 : NLTEST
In figure 1.1 what we see is our member server is able to locate the site name.
Figure 1.2 : Logon server
In figure 1.2 when you look it says DC2, however it should be looking at DC1 as per the IP Address and Subnet. Poor network.
Figure 1.3 : NSLOOKUP
In figure 1.3 Name Server is also showing as Unknown.
Lets correct them one by one.
NOTE : If you already have such scenario then ensure you have planned outage. Downtime is required.
Lets fix DNS name server issue.
To fix that we have used any one AD integrated DNS server and create Reverse Zone and Pointer Record for all Name Serves.
Figure 1.4 : Reverse Lookup
In figure 1.4 we have created reverse lookup zones and also pointers for each DC’s.
Now lets run NSLOOKUP.
Figure 1.5 : NSLOOKUP
In figure 1.5 NSLOOKUP is now showing clean.
Now we will begin creating Site Name and Subnet for each site. So that they are located in their physical sites.
To do that open Active Directory Sites and Services and do the following.
Figure 1.6 : Sites and Services.
In figure 1.6 what we see is all DC’s in same site. We will now create two new sites and subnets for each site.
Figure 1.7 : New Site
I have created two sites as US and UK.
Figure 1.8 : New Subnet
Figure 1.9 ; Subnet Option
In figure 1.9 create subnets based on the network and “Select Site Object to associate with that Subnet”
Figure 1.10 : Subnets Created and Linked with sites as per their physical location
Now we will move the DC’s to their sites to which they belong.
Figure 1.11 : Move option
Figure 1.12 : Move Server option
We will select appropriate site name for DC’s and will move them. Do not modify or delete connection objects.
Figure 1.13 : DC’s Moved
Connection objects are created automatically. Reboot is required for all DC’s, Since the changes are made across all Domain Controllers and Sites.
Now that we have corrected Active Directory Issue. Lets login to the member server and check from which DC it is getting authenticated.
Figure 1.14 : Logon server has changed.
In figure 1.14 now the logon server has changed to DC1. It looks good and now its time to move ahead with installing exchange.
In the next blog we will be installing Exchange Server 2013 in Default-First-Site-Name.
Note : In the above scenario we are having only one DC’s in each site, however in real time scenario a minimum of two DC’s and GC’s are required for best performance.
If you wish to read the second part of this blog post then please click below.
MSEXCHANGETEAM | Ideas That Clicks