An annoying problem that I have seen since we upgraded to Exchange 2010 is when in the Exchange Management Console (EMC), you are not able to perform certain tasks because a DC could not be contacted. The domain controller in the error is usually one that has been demoted from your environment but sometimes not. The issues can also occur after recent changes to a DC, which causes the EMC to lose contact with the Domain Controller.
When this particular scenario was first noticed, it puzzled us because the DC in question was still running and Exchange was able to discover it. We did all the typical AD and Exchange troubleshooting steps, checked permissions, AD replication, etc., but none these steps fixed the issue. The tech was still unable to create accounts. After some more digging around we later found out some FSMO roles were removed from that DC. Aha! A major change to the DC.
Common error messages may contain “Active Directory operation failed on Dcxxxx” or “LDAP server was unavailable”. When the problem occurs you are not able to perform certain actions in the EMC, such as creating accounts, mailbox moves, basically any operation that requires contact with the DC.
An example of an error is shown below:
So what’s the problem you ask?
The problem is a result of the Exchange Management Console caching the domain controller details in the MMC temp files. It caches the data but it’s not smart enough to update the data or locate another DC. To fix the issue you have to remove the MMC cache file from the users profile.
Use the following steps to clear the EMC MMC cache file:
1. Close the EMC if you have it open
2. Go to the User’s profile directory and delete the Exchange Management Console file.
3. File location can be found here:
- C:\users\<specific user>\AppData\Roaming\Microsoft\MMC\Exchange Management Console
4. Reopen the EMC
See Microsoft KB article http://support.microsoft.com/kb/2019500