To totally unlock this section you need to Log-in
Login
There are two possible scenarios in which we have to specify (hardcoding) a specific domain controller, and global catalog, on an Exchange Server 2010/2013: the first is that you might have two Active Directory sites and one Domain Controller/Global Catalog in each site. In one of the sites, you might have Exchange 2010. In the event log for Exchange 2010/2013, event ID 2080 might say:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1296). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
DC-01.dc.local CDG 1 7 7 1 0 1 1 7 1
Out-of-site:
DC-02.dc.local CDG 1 7 7 1 0 1 1 7 1
The second scenario is that you have multiple domain controllers (for backup reasons) on one single Active Directory site and only an Exchange Server 2010/2013....and you have to migrate on Office 365 Exchange Online infrastructure all your users mailboxes (using for example Cutover migration type); this scenario is tricky because if the Exchange server is using, at the same time, two Domain Controllers the migration to Exchange Online could fail with the following error message:
ProvisioningFailedException: Resource 'ActiveDirectoryReplicationLatency' is unhealthy and shouldn't be accessed.
This kind of error is caused by the following reason: DefaultDomainControllers , DefaultConfigurationServer and DefaultGlobalCatalog properties on the Exchange server are pointing on different domain controllers (even if they're correctly replicating each other); this is caused from timestamp comparison of replication intervals...if they don't are the same this error, on Exchange Online, will be triggered.
To statically tell Exchange 2010/2013 to use certain Domain Controller and/or Global Catalog servers, use the Set-ExchangeServer cmdlet (running Exchange Powershell Console with administrative privileges).
To see the current settings, run:
Get-ExchangeServer –Identity-Status | FL.
By default StaticDomainControllers and StaticGlobalCatalog will be blank.
To set new settings run:
To set the StaticDomainControllers:
Set-ExchangeServer -Identity-StaticDomainControllers DC-01.dc.local,DC-02.dc.local
To set the StaticGlobalCatalogs:
Set-ExchangeServer -Identity-StaticGlobalCatalogs DC-01.dc.local,DC-02.dc.local
You should see these changes reflected in two areas, tipically after some time (Exchange will reflect the request change in 30 minutes): the event log, event ID 2080 should say something different this time:
Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1296). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
(Server name | Roles | Enabled | Reachability | Synchronized | GC capable | PDC | SACL right | Critical Data | Netlogon | OS Version)
In-site:
DC-01.dc.local CDG 1 7 7 1 0 1 1 7 1
DC-02.dc.local CDG 1 7 7 1 0 1 1 7 1
Out-of-site:
The change will be reflected even on the Exchange Management Console > Server Configuration:
Return from Default
To clear this entry, run:
Set-ExchangeServer -Identity-StaticDomainControllers $Null
Set-ExchangeServer -Identity-StaticGlobalCatalogs $Null
Set preferred Domain Controllers with Set-ADServerSettings
You can also set a preferred domain controller for your entire session. Note the cmdlet to use here, Set-AdServerSettings. This cmdlet configures the session settings such as the preferred Domain Controller and other settings such as the recipient scope.
First take a look at the current session settings; just use the cmdlet:
Get-ADServerSettings | fl
You'll receive an output similar to this:
NOTE: in a typical configuration, the DefaultConfigurationDomainController, the DefaultPreferredDomainController and the DefaultGlobalCatalog will point all to the same Domain Controller (server, with FQDN specified).
Using Set-ADServerSettings we can specify the preferred server for the current session with the -PreferredServer switch.
C:\>Set-ADServerSettings -PreferredServer dc2.example.local
Now, after we have confirmed the execution of the previous command, the Get-ADServerSettings cmdlet will show that this change has occurred.
An "On-One-Row" example
Obviously all this commands can be executed (to enable the Static specification) by using the following command (changing the example server's name with yours):
Set-ExchangeServer "ExchangeServerName" -StaticDomainControllers DC2 -StaticGlobalCatalogs DC2 -StaticConfigDomainController DC2
Sometimes it could be useful, on multi-DCs (Domain Controllers) enviroments with Exchange server 2010/2013 solution deployed, to specify statically which authentication/authorization server Exchange will have to use. This is particularly importart if you’re migrating to Office 365 Exchange Online cloud solution.
Read the solution on HeelpBook:
How (and why) to change Domain Controller and Global Catalog servers used by Exchange 2010/2013 – http://heelpbook.altervista.org/2014/how-and-why-to-change-domain-controller-and-global-catalog-servers-used-by-exchange-20102013/ #office365 #exchange HeelpBook Heelpbook Portal