Log in


Tags » ‘Single Copy Cluster’

My Client Visit Yesterday Part 2

Categories: Exchange Server Microsoft Related
February 12th, 2010 by Scott

So, yesterday I was out at a client site to review their Exchange 2007 deployment.  In my previous post I talked about how the Subnet the Exchange 2007 servers were in did not have the IP subnet associated with an AD site.  Well, I did come across another interesting issue that was a bit more troublesome.

The client is deploying an Exchange 2007 SP2 environment leveraging a Single Copy Cluster (SCC) and two CAS/HUB servers. 

While testing the failure over process of the SCC we came to the point where using the manage clustered mailbox command in the Exchange Management Console or the Exchange Management Shell would not work.  We were receiving an error message that the Database failed to initialize.  The error log was huge, errors on creating the D drive (where the database was located), errors opening the database, mounting the database, it just wasn’t working!

I then suggested to go back and use the MS Failover Cluster Management tool.  We took a node off line, and failover worked.  How Odd!  This appeared to be an issue with permissions on the servers.  Something was prevent Exchange from performing the failover.  We then tried another failover vial the managed clustered mailbox command and I noticed that the shared disk drives were attempting to fail over to the passive node but they couldn’t!

We then proceeded to check permissions into the Windows Cluster and Exchange Cluster, adjusted a few settings but nothing worked.  Well, I then asked, is there a Group Policy blocking any time of assignment to “Manage auditing and security log”, he said no.  We checked Group Policy to be certain and there was nothing configured.  I then asked him to take a look at the local security policy on the system, sure enough, only the Administrators were in the group Manage auditing and security log.  Once adding the Exchange Servers to this group on each system the Single Copy Cluster was able to fail over with no problems! 

I am not certain as to why the Exchange Servers did not get added to the local security policy, there was nothing in group policy or anything on the system to over write this to my knowledge.  But none the less, it is very important to make sure the Exchange Servers do have access to the security setting.

Either way it was quite an interesting day at my client site, a few more issues came up but nothing as notable as the ones discussed here. 

Hope you have a great day!

Tags:
No Comments »