1

Two Exchange Servers and three Domain Controllers in the same AD site. All Domain Controllers are GCs.

Exchange is Exchange 2016 on Windows Server 2016. Domain Controllers are Windows Server 2019.

On Exchange01 everything works fine - using the Exchange Management Shell I can issue commands such as Get-Mailbox successfully, and Get-DomainController returns a list of all Domain Controllers.

Exchange02 gives "Could not find any available Global Catalog in forest".

On Exchange02 I can use regular PowerShell and issue commands such as Get-ADUser which confirms AD connectivity is OK for this server.

On Exchange02 I can do Get-ADForest | Select-Object -ExpandProperty GlobalCatalogs and it correctly lists all Global Catalogs.

The evidence indicates that this is localised to Exchange connectivity to AD on Exchange02.

This has only happened over the last day and there have been no changes to the environment.

So - how do I fix it?

Maximus Minimus
  • 8,987
  • 2
  • 23
  • 36

2 Answers2

1

Resolved - this was a DNS problem.

Specifically, in my DNS forward lookup zone for my domain, the Name Servers, _msdcs node, _sites node, etc contained references to old or invalid Domain Controllers.

These references included:

  • Domain Controllers which had been decommissioned (by demoting properly, I must add) were not removed from here.
  • Domain Controllers which had been installed in one site but subsequently moved to another site retained references in both sites.

Attempts to connect to one of these Domain Controllers were causing Exchange02 to fail to find a GC.

Cleaning out the bad records, then rebooting the Exchange servers (I could have rebooted only Exchange02, but I decided to do both with Exchange01 used as a sanity check) resolved.

Because Exchange is a platform that you can't reboot too regularly (at least without it being service-affecting) I believe that this problem would have eventually manifested on Exchange01, and possibly even disappeared from Exchange02, given a sufficient number of reboots.

Maximus Minimus
  • 8,987
  • 2
  • 23
  • 36
0

Could you get a list of mailboxes by running the command Get-Mailbox in the EMS in Exchange02 server? If it failed, what the error did you get in the EMS?

What's the version of your Exchange02 server(Exchange CU11 or ealier versions)? Please check if your GCs are a supported Active Directory environment: Supported Active Directory environments. If it's Exchange CU11 or ealier versions, I suggest you that upgrade your Exchange server to CU12 or later versions.

My other thought is that prepare AD for the Exchange02 server again by running the commands mentioned in the official documentation "Prepare Active Directory and domains for Exchange Server".

Ivan_Wang
  • 1,333
  • 1
  • 4
  • 4
  • Exchange is at CU14 on both servers, which is supported. Get-Mailbox on Exchange02 gives "Could not find any available Global Catalog in forest". Ideally an answer would explain why this happens on Exchange02 but not Exchange01. – Maximus Minimus Oct 08 '20 at 14:25
  • Are all required services(https://docs.microsoft.com/en-us/exchange/plan-and-deploy/deployment-ref/services-overview?view=exchserver-2016#exchange-services-on-mailbox-servers) in the **Exchange02** server running? Check if there are any errors in the Event Viewer. – Ivan_Wang Oct 09 '20 at 09:10