Exchange 2019 Connection Problems with GCs

Question

we got a very strange Problem and we can't find a solution.

We got 11 Exchange 2019 Server, on 11 bare metal MS Server 2019 maschines. They are all in a DAG and we have 3 DCs who are also all GCs.

Sometimes some of the Exchange Servers are losing the connection to the GCs but OLNY in the EMS. If we for example try a get-Mailbox we get the following message:

Microsoft.Exchange.Data.Directory.ADTransientException: Could not find any available Global Catalog in forest X

Where X is the name of the Forest.

It happens totaly random but the longer the Server are running the longer and more often this issue occurs.

The GCs and the Exchangerserver are in different Networks but the Firewall got an ALLOW ANY <-> ANY policy between them on every port.

We put another DAG in the same Network as the other Exchange Servers and they got the same Problem. We recreated the virtual directorys but the problem is still there. We cleaned the DNS and there are no old entrys left. We kicked some of the servers out of the AD and rejoined them, nothing changed.

All Servers got the newest CU and the Windows Server below got the newest Updates

Does anyone have a hint what could be the Problem? Regards

Do you have Active Directory Sites and Services set up correctly with your sites and subnets? I'd start there. — joeqwerty, Feb 03 '21 at 15:47

score 1 · Accepted Answer · answered Feb 11 '21 at 19:08

1

Sorry for the late reply but we were busy celebrating.

The Problem has been the firewall... specifically the deep packet inspection.

Even with all ports open, the Firewall didn't like the MSRPC Requests and blocked them RANDOMLY from time to time... Maybe this information helps someone.

Thank you all very much for your replys :)

answered Feb 11 '21 at 19:08

HansSummer

11
2

Please note the first bullet point in https://docs.microsoft.com/en-us/exchange/plan-and-deploy/deployment-ref/network-ports. – Massimo Feb 11 '21 at 19:38

score 0 · Answer 2 · answered Feb 04 '21 at 05:47

Did you encounter the similar issues if you accessed other services(e.g. EAC, Outlook, ActiveSync etc.)?

Please inspect the following points when you encounter the GC connection issue, hope they are helpful to you:

See if there is any error in the Event Viewer when the issue happened.
Check if the required services(especially Microsoft Exchange Active Directory Topology) on exchange servers are all starting.
Try to restart IIS during free time and see if there is any difference.
Inspect if there is any reference to old or invalid Domain Controllers in DNS, the following thread about the similar issue is for your reference: Exchange Management Shell “Could not find any available Global Catalog in forest”

Thanks for the input. 1. yes there was an Error. 2. its running. 3. we did that but with no effect. 4. We cleaned them a month ago with no success. — HansSummer, Feb 11 '21 at 19:04

Exchange 2019 Connection Problems with GCs

2 Answers2