I’m posting this as a public service due to recent issues that we have had at my company. Hopefully this helps someone somewhere down the road and you don’t have to go through what we have been going through for the last 3 weeks.
Scenario: Our network engineer is setting up Exchange 2003 so that we can bring email internal. Problem: Once installed, it won’t configure properly and he can’t get it working. He spends about a week or so on it himself. It seems like we have Active Directory issues. Additionally, he was having a hell of a time getting Active Directory replication working.
The network is split between a few locations. Our location is a separate tree in the main forest which is housed elsewhere. At each location we have two domain controllers. At each location, one is Windows 2003, and one is Windows 2000. Therein lies half of the problem. We also don’t resolve NETBIOS across the VPN, so we use the FQDN (fully-qualified domain name) to talk between the two domains. The other location is the master domain.
So, after going through about a full week of troubleshooting on the phone with Microsoft, trying all kinds of things, and at one point having 4 people on the phone on the Microsoft end, the resolution came today in the form of two revelations:
1) When one DC is 2000 and one is 2003, the RPC Locator Service has to be set up a specific way. On the 2000 machine, it has to be Manual and Stopped. On the 2003 machine it has to be Automatic and Started. Incidentally, this totally also fixed the replication issue between the two domains, and everything runs like a champ now.
2) As a result of the dual domain setup this one came out. It appears that Exchange is hard-coded to look for the domain master by NETBIOS name, not FQDN. This came as news to the team on the phone who thought it was FQDN, and it’s documented that it’s FQDN. This problem comes up because the domain master cannot be reached by NETBIOS name. Essentially you have to work around this. I forget exactly how he said they did it, but I’ll ask him and update the entry here.
So, a couple weeks later, Exchange is up and running. The undocumented bizarro things on an individual network that can screw up a simple install really reared their ugly heads here, so much so that the Microsoft guys were taking copious notes to pass along to colleagues. Hopefully if anyone runs into this issue they can find this entry and solve it, save you the couple of weeks.