RE: [ActiveDir] Exchange issues again(ot)

[Almeida Pinto, Jorge de]

This is a builtin feature of E2K...

XADM: Exchange 2000 Installation Requires Access to Schema Master 
(http://support.microsoft.com/?kbid=280178)

http://www.petri.co.il/exchange_disasterecovery_switch.htm

It is a check the exchange schema update has been applied

I also remember another buggy feature of resetting custom permissions on the 
exchange container to the default permissions. Not sure it that was resolved by 
some hotfix

Cheers,
Jorge
 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Friday, August 26, 2005 18:48
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Exchange issues again(ot)

I'm trying to install exchange 2k with the diasterrecovery switch. I have no 
connectivity to the Schema master FSMO at the moment and exchange keeps telling 
me it can't go forward because it  can't contact the Schema master.
 
Now, i'm not trying to run forestprep(this has already been done). I'm just 
reinstalling an exchange server that exists in AD already?
 
Why would it need the schema master?
 
Does  someone know of a MS document that says installing subsequent exchange 
servers or reinstalling an existing server or running the diasterrecovery 
switch requires connectivity to the schema master?
because this makes no sense to me. It doesn't need to write to the schema. 
Forestprep has been run and there is an existing exchange org in the forest. 
I'm running this reinstall as a EA and exchange full admin.
 
Help?!!
 
Thanks
 
[EMAIL PROTECTED]   䧚Vry〱-튾4ib鲽b⮊


This e-mail and any attachment is for authorised use by the intended 
recipient(s) only. It may contain proprietary material, confidential 
information and/or be subject to legal privilege. It should not be copied, 
disclosed to, retained or used by, any other party. If you are not an intended 
recipient then please promptly delete this e-mail and any attachment and all 
copies and inform the sender. Thank you.
[EMAIL PROTECTED]   ��V�r�y���-�÷Š¾4���i�b��b��

RE: [ActiveDir] Exchange issues again(ot)

[joe]

 a list of all servers in the
topology with their home domain DNS names. This causes the DSProxy RFR
service to return global catalogs only from the root directory of the
mailbox of the client.
 



 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Friday, August 26, 2005 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Exchange issues again(ot)

 Sheesh, i'm getting to hate Exchange
That's a very common feeling. Eventually people either come to love it or
learn to live with it - ask Joe :-)
 
Anyway, your question is broad, but let me briefly explain this:
When you ran ForestPrep, you are just creating (empty) place-holders in the
Schema for Exchange-specific objects and attributes. Things like
ms-Exch-Information-Store, ms-Exch-IP-Address, like Org name, server name,
Routing Groups, etc.
 
You were putting the structure in place, so to speak. Now, that you are
really installing Exchange, the install process needs to supply values for
some of those place-holders. We need to plug in the name of the Exchange
server(s), the admin/routing group info, things like that. You follow?
 
If you REALLY must know what's done when and where, the Exchange Server
Technical Reference is a good (and informative) weekend-killer. You should
be able to download it from the exchange site on microsoft.com/exchange
 
Good luck. Now I have to bail.
 
 
Sincerely,

Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday?  -anon



From: [EMAIL PROTECTED] on behalf of Kern, Tom
Sent: Fri 8/26/2005 10:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Exchange issues again(ot)


Can you tell me what setup needs to write to the schema?
Isn't this kinda a bug or at the least a big annoyance that everytime you
need to recover or install a new exchange server, you need connectivity to
the schema master?
 
What would a reinstall need to write, anyway?
its already in AD.
What the heck is it doing? 
whats the point of forestprep then?
 
Sheesh, i'm getting to hate Exchange.
 
Thanks, i'll see if your hack works and write back.

-Original Message- 
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Fri 8/26/2005 1:09 PM 
To: ActiveDir@mail.activedir.org 
Cc: 
Subject: RE: [ActiveDir] Exchange issues again(ot)


 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Exchange issues again(ot)

[joe]

I would bet along those lines as well. I have seen multiple 
similar cases in Exchange where the Schema rights were needed, I think ADC comes 
to mind right off as I seem to recall getting into a rather pissy mood one day 
when I had to give Exchange admins Schema Admin rights to install another ADC 
instance. 

If it were simply a case of I need to look that is fine, 
you don't need schema admin for that. The fact that they say, I need to look, 
and you need to be a schema admin in the off chance that I need to update 
something is crap and in my opinion poor design though if I were the designer I 
would rather it be called a bug. 

This 
whole thing gets back to assumptions made in that system. More times than not I 
am usually trying to figure out why in the world the assumptions are what they 
are. It sometimes makes me think that they polled the customers by going into 
three local mom and pop stores and asked them how they configured their Exchange 
systems. 





From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Michael B. 
SmithSent: Friday, August 26, 2005 4:50 PMTo: 
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Exchange issues 
again(ot)

I've asked "Those Who Should Know". If they deign to 
respond, I'll let you know. :-)

If I were a betting man (and I usually am, but not on 
this), I would bet that Exchange setup connects specifically to the schema 
master role holder in order to verify that the schema has been updated with 
forestprep. It would choose the schema master in order to avoid the potential 
replication delays that could be associated with consulting the "local DC" (that 
is, that the changes may not have replicated from the schema master to the local 
DC).

While it's arguable that it should check the local DC 
first, and if it doesn't find it there, then check the schema master -- I could 
see some developer saying "screw that".

That's my best guess.


From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, 
TomSent: Friday, August 26, 2005 3:45 PMTo: 
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Exchange issues 
again(ot)

I have no rights nor connectivity.

I ran adsiedit.msc as localsystem on a child dc and changed the 
fSMORoleHolder attrib on the schema NC to point to the child dc i do have 
connectivity to and it worked.

Mind you- THIS IS A TEST FOREST. I WOULD NEVER DO THIS IN PRODUCTION.

still, i'd like to know why setup needs to write to the schema AFTER 
exchange has already been installed and set up and you have an org and exchange 
servers running.
Does it do this everytime you set up a new exchange server?
what is it writing?
I'd love to know.

Thanks alot!

  -Original Message- From: Douglas M. Long 
  [mailto:[EMAIL PROTECTED] Sent: Fri 8/26/2005 3:25 PM 
  To: ActiveDir@mail.activedir.org Cc: Subject: 
  RE: [ActiveDir] Exchange issues again(ot)
  

RE: [ActiveDir] Exchange issues again(ot)

[deji]

The install process still needs to write stuff to the Schema.
 
Try this:
On the DC being used by the Exchange server during the install (you can find
this by doing set L from a cmd prompt) add the following reg value:
 
HKEY LOCAL MACHINE\System\Current Control Set\Services\NTDS\Parameters
Schema Update Allowed
Type - REG_DWORD 
Value - 1
 
Don't know if it'd work, considering the other problems you've been having to
date. But it's worth a try.
 
Sincerely,

Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday?  -anon



From: [EMAIL PROTECTED] on behalf of Kern, Tom
Sent: Fri 8/26/2005 9:48 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Exchange issues again(ot)



I'm trying to install exchange 2k with the diasterrecovery switch. I have no
connectivity to the Schema master FSMO at the moment and exchange keeps
telling me it can't go forward because it  can't contact the Schema master.

Now, i'm not trying to run forestprep(this has already been done). I'm just
reinstalling an exchange server that exists in AD already?

Why would it need the schema master?

Does  someone know of a MS document that says installing subsequent exchange
servers or reinstalling an existing server or running the diasterrecovery
switch requires connectivity to the schema master?
because this makes no sense to me. It doesn't need to write to the schema.
Forestprep has been run and there is an existing exchange org in the forest.
I'm running this reinstall as a EA and exchange full admin.

Help?!!

Thanks

.+w?B+v*
rz Vryi?? 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Exchange issues again(ot)

[Kern, Tom]

Can you tell me what setup needs to write to the schema?
Isn't this kinda a bug or at the least a big annoyance that everytime you need 
to recover or install a new exchange server, you need connectivity to the 
schema master?
 
What would a reinstall need to write, anyway?
its already in AD.
What the heck is it doing? 
whats the point of forestprep then?
 
Sheesh, i'm getting to hate Exchange.
 
Thanks, i'll see if your hack works and write back.

-Original Message- 
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Fri 8/26/2005 1:09 PM 
To: ActiveDir@mail.activedir.org 
Cc: 
Subject: RE: [ActiveDir] Exchange issues again(ot)


 

winmail.dat

RE: [ActiveDir] Exchange issues again(ot)

[Kern, Tom]

That didn't work.
 
Setup gives me the error that setup cannot run in diasterrecovery mode before 
running the setup/forestprep ans domain prep switch
 
I just don't understand in my tiny brain why exchange setup in dr switch or 
reinstall switch(or heck, just installing a second server in AD) would need to 
write to the schema?
 
can someone please tell me before i pull my hair out?
 
I would say this is not a feature.
 
Thanks

-Original Message- 
From: Kern, Tom on behalf of Kern, Tom 
Sent: Fri 8/26/2005 1:56 PM 
To: ActiveDir@mail.activedir.org 
Cc: 
Subject: RE: [ActiveDir] Exchange issues again(ot)


 

winmail.dat

RE: [ActiveDir] Exchange issues again(ot)

[deji]

 Sheesh, i'm getting to hate Exchange
That's a very common feeling. Eventually people either come to love it or
learn to live with it - ask Joe :-)
 
Anyway, your question is broad, but let me briefly explain this:
When you ran ForestPrep, you are just creating (empty) place-holders in the
Schema for Exchange-specific objects and attributes. Things like
ms-Exch-Information-Store, ms-Exch-IP-Address, like Org name, server name,
Routing Groups, etc.
 
You were putting the structure in place, so to speak. Now, that you are
really installing Exchange, the install process needs to supply values for
some of those place-holders. We need to plug in the name of the Exchange
server(s), the admin/routing group info, things like that. You follow?
 
If you REALLY must know what's done when and where, the Exchange Server
Technical Reference is a good (and informative) weekend-killer. You should be
able to download it from the exchange site on microsoft.com/exchange
 
Good luck. Now I have to bail.
 
 
Sincerely,

Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday?  -anon



From: [EMAIL PROTECTED] on behalf of Kern, Tom
Sent: Fri 8/26/2005 10:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Exchange issues again(ot)


Can you tell me what setup needs to write to the schema?
Isn't this kinda a bug or at the least a big annoyance that everytime you
need to recover or install a new exchange server, you need connectivity to
the schema master?
 
What would a reinstall need to write, anyway?
its already in AD.
What the heck is it doing? 
whats the point of forestprep then?
 
Sheesh, i'm getting to hate Exchange.
 
Thanks, i'll see if your hack works and write back.

-Original Message- 
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Fri 8/26/2005 1:09 PM 
To: ActiveDir@mail.activedir.org 
Cc: 
Subject: RE: [ActiveDir] Exchange issues again(ot)


 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Exchange issues again(ot)

[Kern, Tom]

No, I already have an exchange org installed!!!
 
I have 10 exchange servers in my AD.
 
I'm just trying to recover one with the /disasterrecovery switch instead of 
restoring system state to dissimallar hardware.
 
I'm not introducing exchange into AD for the first time.
 
I have an exchange org and admin group and servers already in place.
I'm only trying to recover one.
 
Now, again, before you bail, why does setup need to write to the schema in this 
case?
 
Exchange is already here. the place holders have been filled with real 
objects.
 
Help me please!!
 
Ah!!!

-Original Message- 
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Fri 8/26/2005 2:17 PM 
To: ActiveDir@mail.activedir.org 
Cc: 
Subject: RE: [ActiveDir] Exchange issues again(ot)


 

winmail.dat

RE: [ActiveDir] Exchange issues again(ot)

[Douglas M. Long]

Do you just not have rights or do you not
even have connectivity?



There isnt much information about exactly
what you are doing and what has been done, to have a good explanation. 















From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Friday, August 26, 2005 1:56
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Exchange
issues again(ot)







Can you tell me whatsetup needs to write to the schema?





Isn't this kinda a bug or at the least a big annoyance that everytime
you need to recover or install a new exchange server, you need connectivity to the schema master?











What would a reinstall need to write, anyway?





its already in AD.





What the heck is it doing? 





whats the point of forestprep then?











Sheesh, i'm getting to hate Exchange.











Thanks, i'll see if your hack works and write back.







-Original
Message- 
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] 
Sent: Fri 8/26/2005 1:09 PM 
To: ActiveDir@mail.activedir.org 
Cc: 
Subject: RE: [ActiveDir] Exchange
issues again(ot)

RE: [ActiveDir] Exchange issues again(ot)

[Katherine Coombs]

Hi Tom,

Long-time lurker on the AD mailing list and after seeing your posts in 
recent weeks I really feel for you!!

Anyway, this particular situation got me interested and soI thought 
that I'd dig around to see what I could find. The closest article that I 
could find of relevance was http://thelazyadmin.com/2005/01/exchange-disaster-recovery.htmwhere the guy mentions:

"Even though forestprep and domainprep was run when you 
first installed Exchange, you will need to run them again to reset some security 
accounts. Because it is not updating the Schema, it is a lot faster than you may 
remember. Now on to the Exchange install. Run the following command to enter 
disaster recovery mode: setup.exe 
/disasterrecovery"I don't have a 
lab handy at the moment, but it sounds like the above could at least explain 
what you're seeing, namely that unless the Schema Master is available, the 
disasterrecovery switch won't work. Unfortunately I don't know of any way 
to trick Exchange into thinking that it's performed the ForestPrep and 
DomainPrep.

Cheers,
Katherine



From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, 
TomSent: 26 August 2005 23:53To: 
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Exchange issues 
again(ot)

No, I already have an exchange org installed!!!

I have 10 exchange servers in my AD.

I'm just trying to recover one with the /disasterrecovery switch instead of 
restoring system state to dissimallar hardware.

I'm not introducing exchange into AD for the first time.

I have an exchange org and admin group and servers already in place.
I'm only trying to recover one.

Now, again, before you bail, why does setup need to write to the schema in 
this case?

Exchange is already here. the place holders have been filled with "real" 
objects.

Help me please!!

Ah!!!

  -Original Message- From: 
  [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Fri 
  8/26/2005 2:17 PM To: ActiveDir@mail.activedir.org Cc: 
  Subject: RE: [ActiveDir] Exchange issues 
  again(ot)
  

RE: [ActiveDir] Exchange issues again(ot)

[Kern, Tom]

I have no rights nor connectivity.
 
I ran adsiedit.msc as localsystem on a child dc and changed the fSMORoleHolder 
attrib on the schema NC to point to the child dc i do have connectivity to and 
it worked.
 
Mind you- THIS IS A TEST FOREST. I WOULD NEVER DO THIS IN PRODUCTION.
 
still, i'd like to know why setup needs to write to the schema AFTER exchange 
has already been installed and set up and you have an org and exchange servers 
running.
Does it do this everytime you set up a new exchange server?
what is it writing?
I'd love to know.
 
Thanks alot!

-Original Message- 
From: Douglas M. Long [mailto:[EMAIL PROTECTED] 
Sent: Fri 8/26/2005 3:25 PM 
To: ActiveDir@mail.activedir.org 
Cc: 
Subject: RE: [ActiveDir] Exchange issues again(ot)


 

winmail.dat

RE: [ActiveDir] Exchange issues again(ot)

[Michael B. Smith]

I've asked "Those Who Should Know". If they deign to 
respond, I'll let you know. :-)

If I were a betting man (and I usually am, but not on 
this), I would bet that Exchange setup connects specifically to the schema 
master role holder in order to verify that the schema has been updated with 
forestprep. It would choose the schema master in order to avoid the potential 
replication delays that could be associated with consulting the "local DC" (that 
is, that the changes may not have replicated from the schema master to the local 
DC).

While it's arguable that it should check the local DC 
first, and if it doesn't find it there, then check the schema master -- I could 
see some developer saying "screw that".

That's my best guess.


From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, 
TomSent: Friday, August 26, 2005 3:45 PMTo: 
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Exchange issues 
again(ot)

I have no rights nor connectivity.

I ran adsiedit.msc as localsystem on a child dc and changed the 
fSMORoleHolder attrib on the schema NC to point to the child dc i do have 
connectivity to and it worked.

Mind you- THIS IS A TEST FOREST. I WOULD NEVER DO THIS IN PRODUCTION.

still, i'd like to know why setup needs to write to the schema AFTER 
exchange has already been installed and set up and you have an org and exchange 
servers running.
Does it do this everytime you set up a new exchange server?
what is it writing?
I'd love to know.

Thanks alot!

  -Original Message- From: Douglas M. Long 
  [mailto:[EMAIL PROTECTED] Sent: Fri 8/26/2005 3:25 PM 
  To: ActiveDir@mail.activedir.org Cc: Subject: 
  RE: [ActiveDir] Exchange issues again(ot)