• Article

No suitable domain controllers in the local site

 

Topic Last Modified: 2007-11-16

The Microsoft Exchange Server 2007 Management Pack for Operations Manager monitors the Windows Application log on computers that are running Exchange Server 2007 and generates this alert when the event or events specified in the following Details table are logged.

To learn more about this alert, if you are using Microsoft Operations Manager 2005, do one or more of the following:

  • From the Operator Console, select this alert, and then click the Properties tab. Review the description of the alert that includes the variables specific to your environment.

  • From the Operator Console, click the Events tab, and then double-click the event in the list for which you want to review the event description. Review the events that have been logged that meet the criteria of this Operations Manager alert.

To learn more about this alert, if you are using System Center Operations Manager 2007, do one or more of the following:

  • From the Operations Console, double-click this alert, and then click the General tab. Review the description of the alert that includes the variables specific to your environment.

  • From the Operations Console, double-click this alert, and then click the Alert Context tab. Review the events that have been logged that meet the criteria of this Operations Manager alert.

Details

Product Name

Exchange

Product Version

8.0 (Exchange Server 2007)

Event ID

2086

Event Source

MSExchange ADAccess

Alert Type

Warning

MOM Rule Path

Microsoft Exchange Server/Exchange 2007/Common Components/Active Directory Access

MOM Rule Name

No suitable domain controllers in the local site. Make sure that you have configured enough global catalog servers in the local site. Review the Application log for other ADAccess events.

Explanation

This event indicates that topology discovery determined that there are no suitable domain controllers in the local site. DSAccess will use out-of-site domain controllers. However, they might respond slower, which can cause message queuing and network saturation.

This event may be logged when the following conditions are true:

  • No domain controllers exist in the local site.

  • All in-site domain controllers are down or not suitable.

  • Network problems prevent the Exchange server from contacting the domain controllers.

  • Permissions problems exist.

  • Configuration errors exist.

User Action

To resolve this event, do one ore more of the following:

  • Make sure that the local site has enough domain controllers for Exchange.

  • Use the nltest /dsgetdc: /site:<local site name> command to verify that a domain controller can be located in the local site. The NLTest tool is installed with the Windows support tools.

  • Check the Application log for related events. The detail in other ADAccess events and other events may help determine the root cause of this warning. Increase diagnostic logging for the MSExchangeADAccess\Topology category to Minimum or higher.

    • To review the current MSExchangeADAccess service diagnostic logging settings, in the Exchange Management Shell, type Get-EventLogLevel MSExchangeADAccess.

    • To change the logging level for the Topology category, in the Exchange Management Shell, type Set-EventlogLevel MSExchangeADAccess\Topology -Level Minimum.

  • If MSExchangeADAccess Event ID 2080 is logged, no suitable global catalogs may have been found when initial topology discovery completed. Review that event to determine which domain controllers have been contacted and if they are unsuitable for any reasons. Correct any problems as indicated by the event description. For more information, see Microsoft Knowledge Base article 316300, Event ID 2080 from MSExchangeDSAccess.

  • If MSExchangeADAccess Event ID 2070 is logged, a global catalog may be down or is unreachable. Review the event for more information about why each domain controller has become unsuitable. ADAccess found no suitable global catalogs when initial topology discovery completed.

  • Use the Ping or PathPing command line tools to test basic connectivity. Use Ping to isolate network hardware problems and incompatible configurations. Use PathPing to detect packet loss over multiple-hop trips. For more information, see Microsoft Knowledge Base article 325487, How to troubleshoot network connectivity problems.

  • Run the Dcdiag command line tool to test domain controller health. To do this, run dcdiag /s:<Domain Controller Name> at a command prompt on the Exchange server. Use the output of Dcdiag to discover the root cause of any failures or warnings that it reports. For more information, see Dcdiag Overview at the Microsoft Windows Server TechCenter.

For more information about diagnostic logging commands, see get-eventloglevel and set -eventloglevel in the Exchange 2007 Help.

For More Information

To search the Microsoft Knowledge Base articles based on criteria that generated this alert, visit the Search the Support Knowledge Base (KB) Web site.

To review Exchange 2007 event message articles that may not be represented by Exchange 2007 MOM alerts, see the Events and Errors Message Center.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.