Thursday, November 20, 2008

IPv6 and Exchange 2007

Hopefully this post prevents someone from the pain I went through with Exchange 2007 SP1 running on Windows Server 2008. The short version is this: Exchange 2007 SP1 running on Windows Server 2008 requires IPv6 to run properly.

We have a server that we support with Exchange 2007 running on Windows Server 2008. We took over support of this server from another company. Consequently there are always surprises. We try to do most of our service remotely and we had not rebooted the server in the 3 months we had been managing it. After performing some maintenance on it, we did a reboot and all hell broke loose.

Symptoms were:
  • Terminal services no longer functional

  • Exchange services not starting, specifically the Hub Transport service

  • Limited functionality in most MMC snap-ins (Server Manager would open but not show information, services would open and show status but not allow you to change startup configuration of a service)


Basically, the server was hooped. Eventually we edited the registry to stop the Exchange services from starting automatically and we got control of the server back.

The clue to resolving the problem came from the event logs. The day before we had removed a domain controller and all seemed to be working Ok at the time. However, it appears that the Exchange server had been talking to that DC rather than the DC/GC running on the local server (this is a small organization with only two servers).

The error appeared as:

Process MSEXCHANGEADTOPOLOGYSERVICE.EXE (PID=1880). Exchange Active Directory Provider has discovered the following servers with the following characteristics:
(Server name Roles Enabled Reachability Synchronized GC capable PDC SACL right Critical Data Netlogon OS Version)
In-site:
dc1.domain.com CDG 1 0 0 1 0 0 0 0 0


Previous to removing the DC2, the application log Event ID 2080 showed this:

Process STORE.EXE (PID=1992). Exchange Active Directory Provider has
discovered the following servers with the following characteristics:
(Server name Roles Enabled Reachability Synchronized GC capable PDC SACL
right Critical Data Netlogon OS Version)
In-site:
dc2.domain.com CDG 1 7 7 1 0 1 1 7 1
dc1.domain.com CDG 1 0 0 1 0 0 0 0 0


After enabling IPv6, everything was function and Event ID 2080 showed this:

Process STORE.EXE (PID=1924). Exchange Active Directory Provider has
discovered the following servers with the following characteristics:
(Server name Roles Enabled Reachability Synchronized GC capable PDC SACL
right Critical Data Netlogon OS Version)
In-site:
dc1.domain.com CDG 1 7 7 1 0 1 1 7 1


The weird part, is that we don't recall ever disabling IPv6. So, our best guess is that the system was up and running just fine with IPv6 enabled. Then at some point, the previous support company disabled IPv6, but there had been no reboots until this time. Then after the reboot things stopped working. It is likely that when an DC/GC is available on another server it continutes to function properly with IPv6 disabled, but I wasn't about to test theories at a client site.

I found MS docs that indicate IPv6 is a requirement when running Exchange 2007 on Windows Server 2008 unless you go through some hoops to completely disable it. Also related to IPv6, with anything less that update rollup 4 for SP1, Outlook Anywhere has problems when IPv6 is enabled.

So, the simple solution is to patch Exchange 2007 with the most recent update rollup and leave IPv6 enabled.

No comments:

Post a Comment