I have a wonderfully weird, but not all that funny SBS 2008 problem and solution to share with you.  It is possible that this is generic to Windows 2008, but since no one in the known universe seems to have tripped over it, who knows?

Let’s start with the symptoms.  I had a client call in a bit of a panic.  They came in one morning and Exchange was not working.  I logged in remotely and looked first at the services.  All normal services were started, so it wasn’t a service issue per se.

I then started Exchange Management Console, and that is when I got a sinking feeling in my gut.  When I tried to expand anything in the left hand navigation tree, I got a set of error messages that popped up.  They all boiled down to the same thing:  Exchange said it could not connect to the Active Directory.

I started snooping through the event logs.  Sure enough, there were Exchange errors posting every so often that it could not contact AD and that there were no available servers in the organization to contact.  However, I could get to AD through Administrative Tools and I could not spot an issue.

I ran dcdiag and some other diagnostics, and I came up completely without a failing test or condition.  I was getting more stomach flips and jumps.  This was due to the fact that backup had apparently not run in about six weeks.  When I called the client back and asked about the backups, what I got floored me.  The AD problem had popped up about the time the backups stopped, but Exchange continued to run until that morning.  So much for AD restore…

Two other symptoms got noticed.  First, client machines could not get DHCP addresses.  Second, when I pinged the server using its FQDN, I only got a ipv6 response.  However, client machines could ping the server by name or IP address and get a good ipv4 response.  I could see the network from the server and get outside as well.

Rather than bore you with a lot of work with no results to try and figure this problem out, let me cut to the chase with the solution:

  1. Create a new user on the system with network administrator privileges.  I used SBS Console and if you do, note that it won’t create an email account for the user since Exchange is in la la land.
  2. Log off the current network administrator account and log on with the new account.
  3. Caution: Do not disable nor delete the old administrative user. Later, you will delete the profile information which is what caused the problems in the first place.  But you need that user!

You will discover, hopefully, that Exchange is now running great.  When I launched the Management Console, I saw that the first storage group was not mounted.  I used eseutil.exe and found the database was dirty.  I ended up having to run eseutil.exe /p to recover the files because a log was missing or bad, but 30 minutes later the repair was complete, the database mounted and no one lost any data in the process.  Perhaps you will have clean databases and can avoid this step.

I certainly did not want to remove the original user – no telling what security was doled out under its name, but the culprit certainly was a bad profile.  Still logged in under the new user, I went to c:\users\<old profile> to delete the user data, but the best I could do was to delete a few of the sub-folders. The next time I am on site, I will start in safe mode and delete the profile folder, then log on as the old administrator.  Once that works fine, I will delete the new user.

A red herring test was to disable Trend Micro Worry Free Advanced and see if that was causing the problem.  A lot of work for no result, so I would definitely try this first.

What kind of weirdness have you found?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s