Recently, while troubleshooting an Exchange environment, I ran across event ID 2142 from the MSExchangeADTopology source. This error can be found in the application logs and indicates that the topology service could not find the minimum required domain controllers needed for Exchange. For the environment, I was troubleshooting this was particularly odd as this site containing Exchange had three functional domain controllers. The environment was also a single AD site. The error in full:
Process Microsoft.Exchange.Directory.TopologyService.exe (PID=2700) Forest domain.com. Topology discovery failed, error details: No Minimal Required Number of Suitable Directory Servers Found in Forest domain.com Site Default-First-Site-Name and connected Sites.
Event ID 2124 even confirmed that it could find three domain controllers. However, it also identified a fourth domain controller that was unreachable.
This issue was further identified with event ID 2107. This error confirmed that the domain controller in question could not be found in DNS. As a result, it reported that HQDC002 would not be used by Exchange’s Active Directory provider.
Further investigation uncovered that the domain controller HQDC002 had failed several months ago and a metadata cleanup had never been performed. The server had been absent for so long that its computer account had also tombstoned. In addition, DNS scavenging had also removed the record from its zones. The output of DCDIAG across the remaining domain controllers was littered with all sorts of errors. Most refer to the inability to replicate with the missing server.
The remedy for all these errors was quite simple. It was to perform the metadata cleanup of the missing server. Metadata cleanup is a simple process. It can be performed either through the Active Directory GUI tools or the command line. Both methods are documented here: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816907(v=ws.10)
Once the metadata cleanup was complete we gave our environment twenty-four hours for the dust to settle. A day later and DCDIAG reported no errors of any kind. In addition, all errors in the application logs were gone and replaced with an informational event that three functional domain controllers could be reached. As identified by event ID 2080 (MSExchange ADAccess). This is the event you should see when Exchange is happy.
We would love to hear from you. Have you seen any of these errors before? What did you do to fix it? Drop a comment below or join the conversation on Twitter @SuperTekBoy.
Leave a Reply