Enterprise Software Thread, Exchange 2003 to 2010 PreChecks in Technical; I am in the process of upgrading our Exchange 2003 to Exchange 2010. As part of that process I am ...
I am in the process of upgrading our Exchange 2003 to Exchange 2010. As part of that process I am running "dcdiag /test:dns" etc.
I have 2 DC and whichever machine I run the diagnostic from the other machine will fail at the 'Basic' test stage.
Initially the problem was flagged up as 'WMI' not implemented but after resolving that I have a 'WMI Successfully Installed' message displayed.
However, I now get the error message 'Win32: RPC Server not Available'.
Using Computer Management I can successfully connect to a remote server but cannot get data. If I use a workstation to remotely connect I can only get success from another workstation not the servers. From the servers I cannot get any success.
I have been trawling the net all day but seem to be no closer to identifying the problem.
1. What issue do you actually have?
2. Could be issue with firewall rules in place
3. Disable AV/Firewall on server if used.
4. Run the Exch BPA and see what is says
1. What issue do you actually have?
2. Could be issue with firewall rules in place
3. Disable AV/Firewall on server if used.
4. Run the Exch BPA and see what is says
Many thanks for the reply sukh.
I don't need to answer all the questions because suggestion 3 has identified that our ISA 2004 software is the problem.
I did not realise there was an inbuilt RPC Filter which once disabled (only option available) allowed me to use computer management to access remote machines.
The dcdiag command 'dcdiag /test:dns /e /v /f:logfile' now completes successfully from either domain controller.
Disabling the RPC Filter is only a workaround and implementing the Microsoft resolution (update to latest ISA 2004 service pack) has not resolved the basic problem which is an issue with ISA 2004 and RPC Server. Adding firewall rules does not make any difference either.
Hopefully though, I will be able to continue with the upgrade from Exchange 2003 to Exchange 2010 (as an aside do I need to ensure Exchange 2003 is at latest service pack?)
1. Yes, make sure you have Exch 2003 SP2 deployed at least.
2. I've seen a few issues with RPC filter pack, even when the firewall is disabled, it still somehow stays hooked in.
I am making advances but it is like pulling teeth!!!!!
I have carried out the DNS diagnostics completed with errors but resolved as below and I have completed Replication diagnostics also completed with errors but resolved as below. But then.......this is the short story.
I am in the process of migrating Exchange 2003 to Exchange 2010 and part of that process is to carry out checks on Active Directory and File Replication.
I have 2 domain controllers, one also has ISA 2004 and the other also has Exchange 2003 (I inherited the configuration)
The first command tested DNS for both servers. 'dcdiag /test:dns /e /v /f:logfile'
It failed because the ISA 2004 machine was not accepting RCP protocol due to the default RCP Filter being enabled. I found a Microsoft Knowledgebase article that said the resolution was to install ISA 2004 SP1. I installed SP3 (latest service pack) but the problem was still there. I disabled the default RCP Filter and and then the command completed with no errors.
The next command tested replication for both servers 'repadmin /showrepl * >logfile'
It failed because of RPC issues between servers. As a shortcut test I used 'ntfrsutl version <FQDN servername> which was successful from the Exchange server but not from the ISA 2004 server.
While looking at ISA 2004 Firewall Client Settings I found the following 'rpcss disable set to 1. According to Microsoft TechNet numerous services depend on 'rpcss' so I set 'rpcss disable to 0 (hopefully enable). However the 'ntfrs' command still failed from ISA 2004 server until I enabled the ISA 2004 Server default RPC Filter. Then the 'ntfrs' command worked from either machine.
My joy was short lived because when I retried the 'dcdiag' command it failed as before.
What is going on, what do I have to do in order to resolve this problem?
1. Do you need ISA installed on these servers at all?
2. Can you PM or post me the errors and log files for each command.
1. It is the firewall software used by the school but I was coming round to the idea of isolating the system from the outside world by temporarily disabling ISA, carrying out the necessary diagnostics, resolving issues (although I would be unable to seek assistance from the www) and then completing the migration.
2. Thanks for the offer, I will take you up on that.
1. Even so, not sure why ISA has been deployed on a DC, not recommened at all.
2. If ISA is oroviding services to Exch like OWA/EAS. It should sit in the DMZ not the LAN.
I have to agree with Sukh - there are at least two things wrong with the ISA deployment, and both of them are problems I would expect to impact on a successful exchange deployment.
1. Even so, not sure why ISA has been deployed on a DC, not recommened at all.
2. If ISA is oroviding services to Exch like OWA/EAS. It should sit in the DMZ not the LAN.
The setup was inherited and as well as being a DC there are 2 Nics, 1 Lan, 1 Wan connected to the ADSL Modem.
Many thanks to sukh and his colleagues, but espcially to sukh, for the help installing Exchange 2010 onto our 2003 domain.
The solution was to move ISA Server 2004 off of the domain controller (it has been working successfully for 5 years) to another server although that did introduce issues with the ISA configuration (I initially lost access to the internet due NIC configuration and firewall rules).
Once that was resolved and with judicial use of dcdiag, repadmin and netdiag I was able to complete the pre-checks successfully.
I made use of the very helpful screencasts from Net-o-Meter to carry out the Exchange 2010 install and Stage 1 (mail services are still running through 2003) was completed yesterday. Final stage to go - to be fully 2008 R2.
My thanks again, I wouldn't have done it without the help from the EduGeek experts.
LinkBack URL
About LinkBacks
Originally Posted by sukh 
Final stage to go - to be fully 2008 R2.
