Exchange Q & A: Using DAG

Source: Internet
Author: User

Using Database Availability groups is a good choice, especially because you can copy and store these groups in multiple locations-but pay attention to addressing issues.

Henrik Walther

Q:We deployed Exchange 2010 and used the Database Availability Group (DAG) to configure high availability for all mailbox servers. Everything went well and everything went as expected, except for a small detail.

If an employee receives an email from a mailbox hosted in the DAG, the recipient in turn sends an email to another employee or person in another organization, then, the Internet mail header in the email will show that the email server is configured with the APIPA address, such as 169.254.5.20. Because we use static IP addresses for all Exchange 2010 servers, we do not know why they are displayed as APIPA addresses. SeeFigure 1). Can you provide some clues?

A:This question is very interesting. Simply put, this happens only when one or more DAG is used to configure high availability for the Exchange 2010 mailbox server and the DAG function is based on the Windows failover cluster (WFC) component. This action is not performed on the mailbox server that does not belong to the DAG.

Let's take a closer look at the problem. WFC components in Windows Server 2008 R2 want to use WFC applications such as SQL, Exchange, and file servers to locate cluster resources in a specific way. The application should use the DNS server to find the appropriate information to connect to the cluster resources.

This is the so-called Client Access Point (CAP ). A cap contains a NetBIOS Name and one or more IP Address resources. In Windows Server 2008 R2, if the Server supports dynamic updates, once the CAP is online in WFC, the CAP information will be registered in DNS.

Unfortunately, some applications skip the DNS step and directly connect to the cluster node using the first network adapter in the binding list. By default, the first network adapter listed in the binding list is the Microsoft failover cluster virtual adapter. SeeFigure 2). This adapter is configured using the APIPA address.

Figure 1APIPA address in the Internet mail header

Figure 2Microsoft failover cluster virtual adapter

Which of the following applications does not use DNS to locate and connect to cluster resources? By mistake: Exchange 2010 and Exchange 2007 ).

How can this problem be solved? Fortunately, the tool named nvspbind can be easily solved. You can download this tool from the MSDN code base: code.msdn.microsoft.com/nvspbind. Nvspbind is used to modify the network binding from the command line.

Next, let's check the order of binding the adapters on the server. Run nvspbind.exe/o ms_tcpip. For exampleFigure 3As shown in, the first list is the Local Area Connection * 9 equivalent to Microsoft failover cluster virtual adapter ).

Figure 3Use nvspbind to view the binding sequence list

Next, we need to move the Local Area Connection * 9 down in the list. Run the following command:

nvspbind.exe /- “Local Area Connection* 9” ms_tcpip

Figure 4Move Local Area Connection * 9 down in the binding order list

For exampleFigure 4As shown in, Local Area Connection * 9 has been moved down in the binding order list. Now, try to send a new email. The actual IP address of the server should be displayed in the Internet mail header.Figure 5).

Figure 5Display the actual IP address of the mailbox server in the Internet mail header

Manual copy

Q:We have just deployed the Exchange 2010 server and intend to use DAG to configure high availability for the mailbox database. We plan to have eight copies for each mailbox database. The copies of each mailbox database are located in three physical locations. Each database is approximately 500 GB. Because the bandwidth at a certain physical location is limited, we predict that the seed setting will take a long time. Can we manually copy database files to a remote location using a USB drive?

A:Yes, you can do this. In addition, another method is supported. To manually copy an offline database, disable the cycle log records of the corresponding database. To do this, run:

Set-MailboxDatabaseMDB01 -CircularLoggingEnabled $false

Run the following command to uninstall the database:

Dismount-Database MDB01 -Confirm $false

Next, copy the database and all log files to another location, such as a USB drive.

After the replication process is complete, run the following command to reinstall the active database copy:

Mount-Database MDB01

Now, connect the USB disk to the server that hosts the database, copy the database and log files to the folder, and ensure that the path is the same as that used on the source server.

Use the Add-MailboxDatabaseCopy-SeedingPostponed parameter to Add a database copy. The command is as follows:

Add-MailboxDatabaseCopy -Identity MDB01 -MailboxServer E2K10EX04–SeedingPostponed

Note that the seed setting process does not exist because the EDB file and the associated log file are ready. Finally, use the following command to re-enable cyclic logging:

Set-MailboxDatabaseMDB01 -CircularLoggingEnabled $true

Mobile office staff

Q:We run Exchange 2010, and many of our mobile office staff are highly dependent on Outlook Web App or OWA, that is, Outlook Web Access ). These users cannot log on to OWA after the password expires. We also found that for those who set the account to "the user must change the password upon next login" when creating the user account for the first time, seeFigure 6New employees, they must use other mechanisms to change the password, otherwise they cannot log on to OWA.

Figure 6Enable "the user must change the password upon next login"

This problem has been plagued since we migrated from Lotus Domino to Exchange 2003 many years ago. Do you know how to solve this problem?

A:Now is a good time to solve this problem. When the Exchange team began planning Exchange 2007 SP3 and Exchange 2010 SP1, they decided to make up for this deficiency, this allows you to log on to OWA when the user password expires or the user account is set to "the user must change the password upon next Logon. They developed the OWA Password Reset tool. This tool is an IIS 7 module that detects expired passwords and redirects users to the new "Change Password" page.

Figure 7Outlook Web App 2010 form-based authentication logon page

Let's take a look at the actual effect. How can this problem be solved? The user attempts to log on to OWA 2007 or 2010 on the form-based authentication (FBA) logon page, as shown in figureFigure 7. The user is redirected to the new "Change Password" page, as shown in figureFigure 8. You need to enter the current password and new password on this page, and then click "Submit.

Figure 8Outlook Web App 2010 "Change Password" Page

Now the password has been changed. You can use the new password to log on. Is it very simple and friendly?

Remember that after installing Exchange 2007 SP3 or Exchange 2010 SP1, the "Change Password" page is disabled by default. You must use the registry key to enable this page. More specifically, You need to log on to each Exchange 2007 or Exchange 2010 client to access the server (CAS) and start the Registry Editor.

In the Registry Editor, Navigate to HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ services \ MSExchange OWA. You need to create a new REG_DWORD registry entry named ChangeExpiredPasswordEnabled here. Set the data value to "1" to enable it, as shown in figureFigure 9.

Figure 9Enable the registry key required by "Password Change" for OWA

Now, you can log on to OWA regardless of whether the mobile office staff's password has expired or needs to be changed.

Original article address

Source: Microsoft TechNet

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.