Exchange 2007 easy goes down

Question

Today I tried to log in on my OWA (Outlook Web Access) account, and I get following error. I tried to initiate Remote Desktop Connection to restart services, but I couldn't (I got black screen), and only thing I could do was to physically reset my server. This happens every 20 days, and I don't know why!

problem occurred while trying to use your mailbox. If the problem continues, contact technical support for your organization. 

Request
Url: https:owa/default.aspx
User host address: 

Exception
Exception type: Microsoft.Exchange.Data.Storage.StorageTransientException
Exception message: There was a problem accessing Active Directory.

Call stack
Microsoft.Exchange.Data.Storage.ExchangePrincipal.FromUserSid(ADRecipientSession recipientSession, SecurityIdentifier userSid)
Microsoft.Exchange.Clients.Owa.Core.OwaWindowsIdentity.CreateExchangePrincipal()
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.GetExchangePrincipal(OwaContext owaContext, ExchangePrincipal& exchangePrincipal)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.PrepareRequestWithoutSession(OwaContext owaContext, UserContextCookie userContextCookie)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext)
Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext)
System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Inner Exception
Exception type: Microsoft.Exchange.Data.Directory.ADTransientException
Exception message: Could not find any available Global Catalog in forest xxxx

Call stack
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType)
Microsoft.Exchange.Data.Directory.ADSession.GetConnection(String preferredServer, Boolean isWriteOperation, Boolean isNotifyOperation, ADObjectId& rootId)
Microsoft.Exchange.Data.Directory.ADSession.GetReadConnection(String preferredServer, ADObjectId& rootId)
Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCreator, CreateObjectsDelegate arrayCreator)
Microsoft.Exchange.Data.Directory.ADSession.Find(ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, CreateObjectDelegate objectCtor, CreateObjectsDelegate arrayCtor)
Microsoft.Exchange.Data.Directory.ADSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties)
Microsoft.Exchange.Data.Directory.Recipient.ADRecipientSession.FindBySid(SecurityIdentifier sId)
Microsoft.Exchange.Data.Storage.ExchangePrincipal.FromUserSid(ADRecipientSession recipientSession, SecurityIdentifier userSid)

Did you try running ExBPA on the server? – Vick Vega May 17 '12 at 19:24 — Vick Vega, May 17 '12 at 19:24
No, i didn't, but that is good idea. Thx – Mr.M May 17 '12 at 20:48 — Mr.M, May 17 '12 at 20:48

NathanG · Accepted Answer · 2012-05-17T22:14:42.650

3

The relevant line is this one:
Exception message: Could not find any available Global Catalog in forest xxxx.

Combined with the black screen on RDP, that suggests potential RPC (or broader networking) issues. Check your logs - does anything show up in the event viewer in the time leading up to when the server stops working?

EDIT: Based on your comments, you're losing connectivity to your domain controller. (I'm assuming one here - if you have multiple, you're not talking to any of them.) That explains the inability to get mail, as well as the black RDP screen (it starts the session, then tries to authenticate and hangs. Logging onto the mailserver with a local account should work, though.)

Find out what happens on the domain controller on this 20 day cycle. It could also be a networking issue. If you haven't seen any errors about services failing or running out of memory, it's somewhat less likely that it's a problem on the mailserver. These are all transient errors, so if you fix the underlying problem, Exchange should bounce right back.

edited May 17 '12 at 22:14

answered May 17 '12 at 19:22

NathanG

1,356
10
14

LDAP Bind was unsuccessful on directory xxx for distinguished name ''. Directory returned error:[0x51] Server Down. – Mr.M May 17 '12 at 20:15
A process serving application pool 'MSExchangeAutodiscoverAppPool' exceeded time limits during start up. The process id was '27976'. – Mr.M May 17 '12 at 20:17
And lots more errors! – Mr.M May 17 '12 at 20:17
Is anything unusual showing up in your domain controller's logs around the same time? (I'm guessing no, actually - but ruling that out is a first start.) – NathanG May 17 '12 at 20:19
Process MAD.EXE (PID=2360). Exchange Active Directory Provider lost contact with domain controller xxxx. Error was 0x80040934 (LDAP_UNAVAILABLE (The server is unavailable)) (). Exchange Active Directory Provider will attempt to reconnect with this domain controller when it is reachable. – Mr.M May 17 '12 at 20:41
LDAP Bind was unsuccessful on directory xxx for distinguished name ''. Directory returned error:[0x51] Server Down. DC=xxx,DC=xxx – Mr.M May 17 '12 at 20:43
Microsoft Exchange System Attendant failed to read the membership of the universal security group '/dc=xx/dc=xx/ou=Microsoft Exchange Security Groups/cn=Exchange Servers'; the error code was'80072035' The problem might be that the Microsoft Exchange System Attendant does not have permission to read the membership of the group. If this computer is not a member of the group '/dc=xx/dc=xx/ou=Microsoft Exchange Security Groups/cn=Exchange Servers',you should manually stop all Microsoft Exchange services run the task 'add-ExchangeServerGroupMember',and then restart all Microsoft Exchange services – Mr.M May 17 '12 at 20:46
Updated my answer based on your comments. – NathanG May 17 '12 at 22:12

Massimo · Answer 2 · 2012-05-17T21:52:16.467

I think this could be more a "server freeze" problem than a "service/network down" one. Your Exchange crashes could actually be a symptom of a more general problem on that server (such as a memory leak), which slowly increases from the server start up to the point when services start crashing, everything freezes and you can't even RDP into the box. This is strongly implied by the fact that the problem repeats at semi-regular intervals.

If this is not the case, then you should check what else is happening every 20 days on your network; a domain controller reboot following a Windows Update can wreak havoc on your network, especially if it's done on multiple DCs at the same time. Or maybe someone is cleaning the server room and unplugging network devices (I've seen this actually happening!)...

Exchange 2007 easy goes down

2 Answers2