Microsoft Exchange’s hyper-sensitivity to DNS issues
Wednesday, August 1st, 2007Recently, I had a problem with a MS Exchange system. On boot, Exchange refused to start, and the first real warning was:
Event ID 2102 Process MAD.EXE (PID=1448). All Domain Controller Servers in use are not responding.
There were a large number of other errors in the event log, but I initially thought this was the main one.
A long story short, it was a DNS problem. Exchange / Windows 2003 is hyper-sensitive to DNS issues. I have found that sometimes a small error with DNS won’t affect anything except in the weirdest ways. The Windows 2003 system that was running Exchange was a GC and a AD domain server.
The chief complaint from Exchange seemed to be that it couldn’t find the AD in order to begin loading. If you waited until the system booted, logged in, then started the Exchange service manually, everything seemed to work fine.
This implied to me to be a problem with boot ordering, but it still didn’t make sense, since there was a second AD server on the network, sitting there, waiting to help Exchange to its feet.
The critical error seemed to be in the Exchange servers DNS lookup entries. We had 127.0.0.1 (the Exchange server was also a DNS server – The exchange server was originally the first and only AD server on the network, some roles were never migrated off) but we also had a Linux firewall. The firewall correctly replicated the AD domain for the site, but it seems that due to a slight incompatibility, it didn’t replicate some of the _SVR records correctly.
Exchange was querying the Linux server, not getting the right result, and throwing its arms in the air and dying. Once we changed the Exchange server to use another other Windows AD server as its second DNS, everything came right.
This once again comfirms my golden rule:
If its a weird problem that might be related to Active Directory, check, re-check, and double-check your DNS configuration.
