I've been busy with a small Exchange 2007 to Exchange 2010 engagement the last few days and we decided to go with Windows Server 2012 for the base operating system. Luckily for us Exchange 2010 SP3 has been released and I was very excited to deploy on a new Windows Server 2012 OS.
I thought it would be a good idea to share my experiences as I picked up some issues during the deployment specifically the configuration of the Database Availability Groups.
I’m not going to cover the actual migration, just the Windows Server 2012 part and the issues I picked up during the Database Availability Group configuration. There are many great TechNet articles that cover the coexistence:
First things first – let’s read the release notes on Exchange 2010 SP3:
Two important points:
There are also some minor changes in the prerequisites for Windows Server 2012.
Dot Net Framework 3.5 and Windows Powershell 2.0 needs the Windows Server 2012 image mounted as the side by side store (sxs) source files are not available locally after install – you only need to use the source files if you don’t have internet access to Windows Updates from your box – which was the case for me. You don’t have to uninstall Dot Net Framework 4.5 or Windows PowerShell 3.0.
To install Dot Net Framework 3.5 and Windows Powershell 2.0 via PowerShell using SXS source files:
Import-Module ServerManagerInstall-WindowsFeature NET-Framework-Core,PowerShell-V2 –Source E:\Sources\sxs
Where E:\ is the drive where you mounted the Windows Server 2012 image file.
The rest of the MultiRole prerequisites (I install telnet client additionally for troubleshooting purposes):
Install-WindowsFeature Telnet-Client,RSAT-ADDS, RSAT-Clustering,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Request-Monitor,Web-Static-Content,Web-Mgmt-Console,Web-Lgcy-Mgmt-Console,Web-WMI,WAS-Process-Model,Web-Asp-Net,Web-Client-Auth,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Http-Errors,Web-Http-Logging,Web-Http-Redirect,Web-Http-Tracing,Web-Digest-Auth,Web-Dir-Browsing,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart
Install the Office 2010 Filter Packs found here: http://www.microsoft.com/en-us/download/details.aspx?id=17062
Install Office 2010 Filter Pack Service Pack 1 found here: http://www.microsoft.com/en-us/download/details.aspx?id=26604
The next step is the actual install – which I won’t cover as there are tons of content on the web around that.
After my brand spanking new multirole servers were deployed and base configuration completed it was time for the DAG configuration.
The first thing to know when creating the DAG on Windows Server 2012 is that your cluster name object (CNO) needs to be pre-staged, because of the permission changes in Windows Server 2012 with regards to computer objects.
It’s important to ensure the above CNO pre-staging is correct as the cluster is only formed once you add the first mailbox server to the DAG. This is where my second issue popped up.
I noticed that during Add-DatabaseAvailabilityGroupServer the process got stuck at installing the Failover Cluster Components. I’m not entirely sure if this is Windows Server 2012 related or only happened to me on that day (it has never happened on Windows Server 2008 R2), but I killed the process and noticed that the components were indeed installed on the server. When I reran Add-DatabaseAvailabilityGroupServer it finished successfully and the cluster was created.
I don’t like processes getting stuck and then killed in mid configuration, so before my second Add-DatabaseAvailabilityGroupServer I pre-installed the Failover Cluster components by using the following PowerShell cmdlet:
Install-WindowsFeature -Name Failover-Clustering –IncludeManagementTools
At this stage I encountered my third issue (yeah it was a tough day at work :-) ):
When the second server is added to the cluster, the cluster is changed to Node and File Share majority – thus using the predefined File Share Witness server (FSW) and Witness directory that you specified in New-DatabaseAvailabilityGroup. For some reason my FSW cluster resource would just not go online with an error message 0x8007052e: "unknown user name or bad password".
Trying to avoid unnecessary time wasting I decided to just remove the cluster completely and start again (luckily PowerShell makes this very easy):
Moral of the story: Sometimes it’s better and faster to start again than to troubleshoot for hours on end. I might have been able to get the FSW online with a little digging in the cluster logs, I have feeling that the CNO had some problem in AD, but with minimal deployment time I decided to reconfigure and luckily it worked out with minimal troubleshooting this time around.
The rest of the deployment went without a hitch, I’ll be migrating mailboxes soon and hopefully I don’t pick up any other anomalies along the way (if I do I’ll definitely add it as a blog post :-) ).
Hopefully someone will find the information above helpful when they deploy on Windows Server 2012!
Until next time.
How can you go from 2007 to 2013? We're still waiting on CU1?
This blog entry is about Exchange Server 2010 SP3 on Windows Server 2012.
Hi Michael, Did you run into any odd RPC issues with your install? I am migrating a client from SBS 2003 R2 to Server 2012 and Exchange 2010 SP3. Everything was rolling right along until I installed the CAS and rebooted the server. After rebooting the server would no longer process GPO's and Netlogon was throwing errors left and right. I started randomly losing connection to shares on the box and while troubleshooting found DNS errors occurring like crazy and the server was no longer replicating with the other DC's, all errors pointing to DNS and RPC unavailable. After troubleshooting for hours I uninstalled Exchange and rebooted and the server was back to normal. Replication returned, GPO's were processed and DNS issues went away.
I didn't run into any weird RPC or DNS issues like that, but from your description it sounds like you were installing Exchange 2010 SP3 on a Windows Server 2012 Domain controller? We don't really recommend doing this as it may cause some issues on the DC's - if you really need to deploy on the same server for a small environment I'd rather virtualize the server with Hyper-v and split into DC and Exchange on seperate VM's.
there is a comma missing in the PS script "Web-Http-Tracing Web-Digest-Auth"
Thanks Jeremy! I fixed it.
I have followed the above to the letter but still cannot connect to the FSW
Can exchange 2010 run on Windows 2012 R2?
Honestly, we haven't received any official statement from the Product Group and we also probably won't get any statement until Windows Server 2012 R2 RTM's.
Hey Michael - I can successfully connect to our exchange 2010 sp3 ru2 servers and run powershell against them. The problem comes when I try and import-module ActiveDirectory. Have you been able to successfully do this? I get these errors:
[PS] C:\Windows\system32>import-module activedirectory
import-module : The 'C:\Windows\system32\WindowsPowerShell\v1.0\Modules\activedirectory\activedirectory.psd1' module ca
nnot be imported because its manifest contains one or more members that are not valid. The valid manifest members are (
'ModuleToProcess', 'NestedModules', 'GUID', 'Author', 'CompanyName', 'Copyright', 'ModuleVersion', 'Description', 'Powe
rShellVersion', 'PowerShellHostName', 'PowerShellHostVersion', 'CLRVersion', 'DotNetFrameworkVersion', 'ProcessorArchit
ecture', 'RequiredModules', 'TypesToProcess', 'FormatsToProcess', 'ScriptsToProcess', 'PrivateData', 'RequiredAssemblie
s', 'ModuleList', 'FileList', 'FunctionsToExport', 'VariablesToExport', 'AliasesToExport', 'CmdletsToExport'). Remove t
he members that are not valid ('HelpInfoUri'), then try to import the module again.
At line:1 char:14
+ import-module <<<< activedirectory
+ CategoryInfo : InvalidData: (C:\Windows\syst...edirectory.psd1:String) [Import-Module], InvalidOperatio
+ FullyQualifiedErrorId : Modules_InvalidManifestMember,Microsoft.PowerShell.Commands.ImportModuleCommand
Any insight would be appreciated. I'm a powershell user, but not any kind of expert.
Sorry for the late reply, only noticed the comment today.
I've never experienced the above issue when importing the AD modules, but I would remove the ad management tools and reinstall them via server manager or powershell.
What version of PowerShell are you using to import the module?