ldap bind problems.

[loupgarou]

This happens regularly on my new exchange2003 server.

I've set it up as a backup domain controller, otherwise
the ldap disconnects seem to be killing exchange itself.

these are the errors I get and I have no idea why.

The problems appear to be in active directory and not
exchange server 2003 ent. (ie: AD connection goes down and
then exchange hiccups and dies)

----


8250
The Win32 API call 'DsGetDCNameW' returned error code
[0x862] The specified component could not be found in the
configuration information. The service could not be
initialized. Make sure that the operating system was
installed properly.

8026
LDAP Bind was unsuccessful on directory
exchange2003.insight.com.sg for distinguished name ''.
Directory returned error:[0x51] Server Down.
DC=insight,DC=com,DC=sg

8260
Could not open LDAP session to directory 'INSIGHT-
PDC.insight.com.sg' using local service credentials.
Cannot access Address List configuration information.
Make sure the server 'INSIGHT-PDC.insight.com.sg' is
running. DC=insight,DC=com,DC=sg

--Before I made this server into a bdc, I got more errors
from exchange itself

The Directory Service Referral interface failed to service
a client request. RFRI is returning the error code:[0x3f0]

DSACCESS returned an error '0x80004005' on DS
notification. Microsoft Exchange System Attendant will re-
set DS notification later.

NSPI Proxy can contact Global Catalog INSIGHT-
PDC.insight.com.sg but it does not support the NSPI
service. After a Domain Controller is promoted to a Global
Catalog, the Global Catalog must be rebooted to support
MAPI Clients. Reboot INSIGHT-PDC.insight.com.sg as soon
as possible.


Referral Interface cannot contact any Global Catalog that
supports the NSPI Service. Clients making RFR requests
will fail to connect until a Global Catalog becomes
available again. After a Domain Controller is promoted to
a Global Catalog, it must be rebooted to support MAPI
Clients.

Process MAD.EXE (PID=3808). Topology Discovery failed,
error 0xffffffff.

"Process WMIPRVSE.EXE -EMBEDDING (PID=2372). Topology
Discovery failed, error 0xffffffff.


"Logon rejected for INSIGHTGROUP\cl. Unable to obtain
Terminal Server User Configuration. Error: The RPC server
is unavailable.

------------------------------------------

Right now, its doing hell to my internal connections with
mail such as


There was a SMTP communication problem with
the recipient's email server. Please contact your system
administrator.
<exchange2003.insight.com.sg #5.5.0 smtp;554
mail server permanently rejected message (#5.3.0)>

 

[Guest]

I would check to make sure the original DC is in working order. Check event
logs, DCdiag /v and netdiag.
Did you make this second DC a GC?

These are Ex2K articles but I would assume they are valid troubleshooting
information.
273395 XADM: Event 8260: Cannot Access Address List Configuration
Information
http://support.microsoft.com/?id=273395
272552 XADM: Event 8026 and Event 8260: Can't Access Address List
Configuration
http://support.microsoft.com/?id=272552

--
James Brandt [MSFT]

This happens regularly on my new exchange2003 server.

I've set it up as a backup domain controller, otherwise
the ldap disconnects seem to be killing exchange itself.

these are the errors I get and I have no idea why.

The problems appear to be in active directory and not
exchange server 2003 ent. (ie: AD connection goes down and
then exchange hiccups and dies)

----


8250
The Win32 API call 'DsGetDCNameW' returned error code
[0x862] The specified component could not be found in the
configuration information. The service could not be
initialized. Make sure that the operating system was
installed properly.

8026
LDAP Bind was unsuccessful on directory
exchange2003.insight.com.sg for distinguished name ''.
Directory returned error:[0x51] Server Down.
DC=insight,DC=com,DC=sg

8260
Could not open LDAP session to directory 'INSIGHT-
PDC.insight.com.sg' using local service credentials.
Cannot access Address List configuration information.
Make sure the server 'INSIGHT-PDC.insight.com.sg' is
running. DC=insight,DC=com,DC=sg

--Before I made this server into a bdc, I got more errors
from exchange itself

The Directory Service Referral interface failed to service
a client request. RFRI is returning the error code:[0x3f0]

DSACCESS returned an error '0x80004005' on DS
notification. Microsoft Exchange System Attendant will re-
set DS notification later.

NSPI Proxy can contact Global Catalog INSIGHT-
PDC.insight.com.sg but it does not support the NSPI
service. After a Domain Controller is promoted to a Global
Catalog, the Global Catalog must be rebooted to support
MAPI Clients. Reboot INSIGHT-PDC.insight.com.sg as soon
as possible.


Referral Interface cannot contact any Global Catalog that
supports the NSPI Service. Clients making RFR requests
will fail to connect until a Global Catalog becomes
available again. After a Domain Controller is promoted to
a Global Catalog, it must be rebooted to support MAPI
Clients.

Process MAD.EXE (PID=3808). Topology Discovery failed,
error 0xffffffff.

"Process WMIPRVSE.EXE -EMBEDDING (PID=2372). Topology
Discovery failed, error 0xffffffff.


"Logon rejected for INSIGHTGROUP\cl. Unable to obtain
Terminal Server User Configuration. Error: The RPC server
is unavailable.

------------------------------------------

Right now, its doing hell to my internal connections with
mail such as


There was a SMTP communication problem with
the recipient's email server. Please contact your system
administrator.
<exchange2003.insight.com.sg #5.5.0 smtp;554
mail server permanently rejected message (#5.3.0)>

 

[Guest]

sorry, background here.

Original Infrastructure is

Insight-pdc (PDC, operations master etc,global catalog)
Insight-bdc (bdc, global catalog)
exchange2003 (promoted to bdc,global catalog)
caching is turned on.

exchange2003 was turned into a bdc simply because without
which , these ldap bind errors would have caused way more
non delivery errors.

there are no error events regarding ldap bind issues
between insight-bdc and insight-pdc. (ie: they work
perfectly).

they are also on the same switch as exchange2003 and I've
already tried swapping cables.

I've also installed insight-pdc\insight-bdc\exchange2003
myself


These are all windows 2003 boxes.


I've included the application log, the output of dcdiag
and netdiag here for your perusal.

http://exchange2003.insight.com.sg/application4.evt
http://exchange2003.insight.com.sg/dcdiag.txt
http://exchange2003.insight.com.sg/netdiag.txt

which all pass flawlessly except for this little error..



Trust relationship test. . . . . . : Failed
[FATAL] Secure channel to domain 'INSIGHTGROUP' is
broken. [ERROR_NO_LOGON_SERVERS]

-----Original Message-----
I would check to make sure the original DC is in working order. Check event
logs, DCdiag /v and netdiag.
Did you make this second DC a GC?

These are Ex2K articles but I would assume they are valid troubleshooting
information.
273395 XADM: Event 8260: Cannot Access Address List Configuration
Information
http://support.microsoft.com/?id=273395
272552 XADM: Event 8026 and Event 8260: Can't Access Address List
Configuration
http://support.microsoft.com/?id=272552

--
James Brandt [MSFT]

This happens regularly on my new exchange2003 server.

I've set it up as a backup domain controller, otherwise
the ldap disconnects seem to be killing exchange itself.

these are the errors I get and I have no idea why.

The problems appear to be in active directory and not
exchange server 2003 ent. (ie: AD connection goes down and
then exchange hiccups and dies)

----


8250
The Win32 API call 'DsGetDCNameW' returned error code
[0x862] The specified component could not be found in the
configuration information. The service could not be
initialized. Make sure that the operating system was
installed properly.

8026
LDAP Bind was unsuccessful on directory
exchange2003.insight.com.sg for distinguished name ''.
Directory returned error:[0x51] Server Down.
DC=insight,DC=com,DC=sg

8260
Could not open LDAP session to directory 'INSIGHT-
PDC.insight.com.sg' using local service credentials.
Cannot access Address List configuration information.
Make sure the server 'INSIGHT-PDC.insight.com.sg' is
running. DC=insight,DC=com,DC=sg

--Before I made this server into a bdc, I got more errors
from exchange itself

The Directory Service Referral interface failed to service
a client request. RFRI is returning the error code: [0x3f0]

DSACCESS returned an error '0x80004005' on DS
notification. Microsoft Exchange System Attendant will re-
set DS notification later.

NSPI Proxy can contact Global Catalog INSIGHT-
PDC.insight.com.sg but it does not support the NSPI
service. After a Domain Controller is promoted to a Global
Catalog, the Global Catalog must be rebooted to support
MAPI Clients. Reboot INSIGHT-PDC.insight.com.sg as soon
as possible.


Referral Interface cannot contact any Global Catalog that
supports the NSPI Service. Clients making RFR requests
will fail to connect until a Global Catalog becomes
available again. After a Domain Controller is promoted to
a Global Catalog, it must be rebooted to support MAPI
Clients.

Process MAD.EXE (PID=3808). Topology Discovery failed,
error 0xffffffff.

"Process WMIPRVSE.EXE -EMBEDDING (PID=2372). Topology
Discovery failed, error 0xffffffff.


"Logon rejected for INSIGHTGROUP\cl. Unable to obtain
Terminal Server User Configuration. Error: The RPC server
is unavailable.

------------------------------------------

Right now, its doing hell to my internal connections with
mail such as


There was a SMTP communication problem with
the recipient's email server. Please contact your system
administrator.
<exchange2003.insight.com.sg #5.5.0 smtp;554
mail server permanently rejected message (#5.3.0)>

.

 

[Guest]

Trust relationship test. . . . . . : Failed
[FATAL] Secure channel to domain 'INSIGHTGROUP' is
broken. [ERROR_NO_LOGON_SERVERS]


so I run netdiag /fix and this error above is fixed..