Monthly Archives: February 2010

Can’t failover DAG DB

 

In my Exchange 2010 DAG environment with 2 nodes I received the error that I couldn’t failover a DB to the other node in my DAG cluster.

This was caused by the content index was in failed state, to resolve this error I had to run a script like below:

“C:\Program Files\Microsoft\Exchange Server\V14\Scripts>.\ResetSearchIndex.ps1 MDBNAME”

Done!

Creating a D.A.G (Database Availability Group)

 

A little introduction

The HA functions in Exchange have been changed a little bit; LCR, CCR, SCC and SCR are now away and replaced by D.A.G.

I think it’s a very cool and great feature with Exchange 2010, maybe the best J it makes it able to create a copy of the database to a different server(s). You are able to have more than one copy of it, so your server1 holds an active copy of DB1, server2 and server3 can hold this database as passive if server1 is broken, up to 16 copies.

The requirement is to run Exchange 2010 on a Windows 2008 (R2) Enterprise Server because it uses some components/api’s of the failover cluster service.

How to

To create a “DAG”, go to Organization Configuration, choose Database Availability Groups, right click and select ‘New Database Availability Group…’ type in a name for it, specify a Witness Server (usually the CAS/HUB server) and point out the Witness Directory like C:\fsw. It can be used on other servers to, don’t forget to add the Exchange Trusted Subsystem security group to local admins on the server that should act as FSW and allow WMI if the firewall is enabled.

When it’s created, right click the newly created DAG and choose ‘Manage Database Availability Group Membership…’ select Add button and add in the mailbox servers that should be part of the DAG.

The IP address for the DAG cannot be set in the GUI so it has to be done in PowerShell with the following command:
Set-DatabaseAvailabilityGroup DAGNAME –DatabaseAvailabilityGroupIpAddresses IPADDRESS

Now it’s time to add the other server to hold a passive copy of the database, it done by either Management Console or PowerShell. I prefer to do it in GUI.

Go to Organization Configuration and select Mailbox, and choose ‘Database Management’ tab.
Now select the database that you want to make a passive copy of, right click and choose ‘Add Mailbox Database Copy…’ a wizard is shown with a browse button, click that one and select the server that should hold the passive copy of the database.

If you want to change which server that has the active database, just select the database and choose ‘Move Active Mailbox Database’ and a wizard is shown.

A picture is shown below how to move the active mailbox database to another server


OWA/ActiveSync with Exchange 2007 coexist with Exchange 2003

 

In this scenario when have a single Exchange 2003 standard server installed and installed a new server with Exchange 2007 standard with CAS/HUB/MBX role (multi-role server).

Our problem was that we had too many users that used OWA and ActiveSync so we couldn’t be without this function.

I this case we had 3 different solutions to choose between.
1. Use two different IP addresses; one for the Exchange 2003 OWA/AS and one for the Exchange 2007 OWA/AS
2. Use a front-end firewall like ISA server or something else to publish the correct server
3. Install a new server that act as Exchange 2007 CAS server.

Option 1 was not a good choice because we don’t want to change anything on the end-user’s side like webmail address or ActiveSync settings.

Option 2 was a good idea but the customer didn’t want that type of solution and didn’t got the license for ISA.

Option 3 was the best choice in our solution, with this one we didn’t need to change the DNS record or any settings on the end-users. The only thing to change was the firewall rules.

When we had the Exchange 2003 (2003 Standard) and Exchange 2007 (2007 Standard) in place we did a decision to install a third Exchange server to act as the traditional “Front-end” server, with Exchange 2007 it’s called Client Access Server (CAS).
We imported a 3rd part certificate for IIS service thru PowerShell and configured the OWA to answer on the correct inside and outside web address.
Then we thought it was just to go… But it wasn’t!

We had 2 test users, let’s call them testuser1 and testuser2. They we’re located at different servers to check so everything worked well.
It was checked against the internal webmail address: https://hostname.domain.local/owa (can only be used if the mailbox is located at the 2007 server) so we used instead https://hostname.domain.local/exchange (this should be used if the mailbox CAN be located at the 2003 server). If the mailbox is not located on the 2003 server it will redirect the end-user to the 2007 OWA instead.

After a couple of retries, it didn’t work so well…
I searched the MS newsgroups and other resources like teamblog and google of course J
Almost without any luck!

Until I found out what was the problem, thanks to a colleague of mine that found an article on google on it.

If the original 2007 server was installed with “all” roles CAS, HUB, MBX after an uninstallation of the CAS role the server is not in correct state to support the coexistence.

The solution: In our case was to just disable the ‘Require SSL’ on the Default Web Site on the HUB, MBX server after removing the CAS role and restarted the WWW services ‘iisreset’.

On the link I found they were also running some PowerShell commands, but I didn’t need that.
I will include them to:

Get-OwaVirtualDirectory -server ServerName | Remove-OwaVirtualDirectory

New-OwaVirtualDirectory -Name “Exchange” -owaversion Exchange2003or2000
-VirtualDirectoryType Mailboxes -WebSiteName “Default Web Site”

New-OwaVirtualDirectory -Name “exadmin” -owaversion Exchange2003or2000
-VirtualDirectoryType exadmin -WebSiteName “Default Web Site”

New-OwaVirtualDirectory -Name “public” -owaversion Exchange2003or2000
-VirtualDirectoryType PublicFolders -WebSiteName “Default Web Site”

After this the redirection started to work as it should.

I completed the mission with a redirection in IIS so that the request to the server/site goes straight to /exchange.