In a recent post I looked at how to specify a domain controller for use in the Exchange Management Shell for Exchange Server 2007. In this post I will demonstrate the same technique for Exchange Server 2010.
Any Exchange Management Shell cmdlet will permit you to specify a domain controller using the -DomainController switch. But you can also set a preferred domain controller for your entire session.
Note the cmdlet to use here – Set-AdServerSettings. This cmdlet configures the session settings such as the preferred Domain Controller and other settings such as the recipient scope. Check out the full list of Set-AdServerSettings parameters here.
First take a look at the current session settings. In this example dc1.exchangeserverpro.local has been automatically selected.
[PS] C:\>Get-ADServerSettings | fl RunspaceId : 15e4d968-032b-4cd8-bc66-bf0b665c4161 DefaultGlobalCatalog : DC1.exchangeserverpro.local PreferredDomainControllerForDomain : {} DefaultConfigurationDomainController : DC1.exchangeserverpro.local DefaultPreferredDomainControllers : {DC1.exchangeserverpro.local} UserPreferredGlobalCatalog : UserPreferredConfigurationDomainController : UserPreferredDomainControllers : {} RecipientViewRoot : exchangeserverpro.local ViewEntireForest : False Identity : IsValid : True
Using Set-ADServerSettings we can specify the preferred server for the current session with the -PreferredServer switch.
[PS] C:\>Set-ADServerSettings -PreferredServer dc2.exchangeserverpro.local
Now Get-ADServerSettings shows this change has occurred.
[PS] C:\>Get-ADServerSettings | fl RunspaceId : b15cbfd9-5144-442e-bc74-c00a3216b864 DefaultGlobalCatalog : dc2.exchangeserverpro.local PreferredDomainControllerForDomain : {} DefaultConfigurationDomainController : dc2.exchangeserverpro.local DefaultPreferredDomainControllers : {DC1.exchangeserverpro.local} UserPreferredGlobalCatalog : dc2.exchangeserverpro.local UserPreferredConfigurationDomainController : dc2.exchangeserverpro.local UserPreferredDomainControllers : {dc2.exchangeserverpro.local} RecipientViewRoot : exchangeserverpro.local ViewEntireForest : False Identity : IsValid : True
How to change Default Preferred Domain Controllers option ?
Hello Paul!
Do you know what exactly “ConfigDomainControllers” means/does? I’ve searched the web for a bit but couldn’t find anything useful in that regard. I was just wondering if it makes sense/a difference to set a DC static for “StaticConfigDomainControllers” if I did it for “StaticDomainControllers” and “StaticGlobalCatalogs” already, which difference it would make if I keep it blank/don’t?
Thanks in advance!
Paul,
How can get both of my domain controllers to appear in the EMC>>Server Configuration >> ‘Exchange Server’ properties >>System Settings tab.. right now only one domain controller (DC2)is listed in there, and when i reboot that domain controller, exchange crashes as well. I would like to have (DC1) included in there as well.
I see both as Domain Controllers in AD Sites, and Services, and Global catalog is selected.
Is there an easy fix for this?
Use Get-ExchangeServer to look for static or excluded DCs.
[PS] C:\Windows\system32>Get-ExchangeServer | Select name,*domain*
Name : EX2010SRV1
Domain : exchangeserverpro.net
StaticDomainControllers : {}
StaticConfigDomainController :
StaticExcludedDomainControllers : {}
CurrentDomainControllers : {}
CurrentConfigDomainController :
Hi, i am currently moving FSMO roles to a different site dc01 has pdc, rid, domain, and schema master, dc02 has Infrastructure role. dc02 will be virtualized and will keep infrastructure here at current site. will exchange 2010 servers take change after moving roles? or is there something else i have to do? thanks
sorry one more question, this multi rol DC i am demoting is the DC/GC being used for exchange, will i have to run a command to change this? thanks
If the Set-ADServerSettings applies only to the current session, is there a way to set Exchange 2010 to look at a specific DC by default when logging in via OWA or Outlook or delivering email, when the main DC is unavailable?
In my environment, my main (dc1) and secondary (dc2) Domain Controller’s are on premise, but my Exchange 2010 server and an RODC are in the cloud. If my ipSec VPN goes down, not only am I not able to login to email via OWA, but inbound email doesn’t get delivered either. I had thought that by putting the RODC in place on the same subnet as the cloud server, that it would roll over automatically, but I am sensing that there is a setting I can apply that will force Exchange to use my cloud DC as its primary. Is that correct? If so, what would be the command to force it?
If I run the Get-ADServerSettings command, I show a DefaultConfigurationDomainController of dc1 and a DefaultPreferredDomainController of dc2, and the cloud domain controller (dc3) does not list at all.
Follow Up …
I found some information about setting StaticDomainControllers and StaticGlobalCatalogs, and the pitfall if you set just a single entry. However, I also found where you could identify multiple entries in a single command.
If DC3 is my RODC in the cloud, will the following command be the way to force Exchagne to look at DC3 as its primary DC?
Set-ExchangeServer “ExchangeServerName” -StaticDomainControllers DC3,DC1,DC2 -StaticGlobalCatalogs GC3,GC1,GC2
And … will this setting also keep mail delivery going if my ipSec VPN tunnel goes down to my primary DC (dc1)?
Hi Paul,
we have exchange 2010 set up, but our exchange is not picking default site GC & DC in system setting. it is catching another site GC & dc
Please suggest
Pingback: Změna DC v Exchange | kaldy123
Hi Paul,
I really like the way you explain things. Nice 1!
Hi,
I recently added new Domain Controller with OS windows 2008 R2 and transferred all the FSMO roles successfully but still my old domain controllers connected and when I run Get-AdServerSettings | fl in exchange 2010 PowerShell it still shows my old domain servers new migrated server is not listed, one of my task is demote old domain controllers and when old machine disconnected from network mails gets affected
Please help
Thanks Ehsan
I know the last post was in Feb, but the topic of not pointing Exchange to a PDC seems like a good thing to touch on. My understanding is this:
The reason you don’t want to allow Exchange to use the PDC as a DC is a performance consideration. The PDC already has a heavy load in large environments because of its role as the immediate replication partner for password changes. Adding Exchange traffic to that increases that load even more.
In smaller environments – I’d say fewer than 5,000 users, it’s probably not that big of an issue. In my network, where we have closer to 150,000 users, it could cause a much higher (unnecessary) load on the PDC.
Just my thoughts.
-CJ
Hi Paul,
if i’m not looking at demoting or removing any AD servers in my site, i was wondering if there was a valid reason why i would change the ADServerSettings.
I recently had a PFE do a ExRap and one of his recommendation was ” not to point exchange to a PDC emulator”
in each of my remote sites, i have 2 DCs both of which are GCs but only one is the PDC. my concern is if the 2nd “none PDC DC” goes down, my exchange gets affected.
i guess what i’m asking is ” is there a reason why i would change it to point to a single DC ?” when nothing else is changing.
sorry about the whole bunch of acronyms.
Cheers,
Ed
Good day brother,
how do i change this to “DC1.exchangeserverpro.local”
DefaultConfigurationDomainController : dc2.exchangeserverpro.local
Please help – this is were i stand now..
Pingback: Anonymous
When I run the script “Set-ADServerSettings -PreferredServer pdc.domain.com”, it changes the data to what I expected when I run the “Get-ADServerSettings | fl “however when I close the EMS and re-open it and run the “Get-ADServersettings | fl” script it shows the old configuration for “dns.domain.com”.
I have checked that the EMS is running “as administrator” and checked that the administrator can change the Exchange server.
The system log files show that the changes took place but it appears it is not working as expected. Am I missing something?
This is a new Exchange 2010 SP1 on Server 2008 R2 in a New Domain/Forest. I have check that it is fully patched, and that the DC’s are fully patched and the DC’s are both GC’s. I am runing this via a RDP, do I have to run it at the Exchange console?
Any help would be appreciated.
Hi Rich, Set-ADServerSettings applies only to the current session.
If you want the setting to be applied each time you open a new session you could look at using a PowerShell profile:
http://technet.microsoft.com/en-us/library/ee692764.aspx
could you help me about applying Set-ADServerSettings in each time
i have additional domain controller 2008 that needs to be working with exchange 2010.
Thanks man!! 🙂
what is the difference if i try to do the same job using the Set-ExchangeServer cmdlet.
for example : Set-ExchangeServer -Identity -StaticDomainControllers dc1.mydomain.ad,dc2.mydomain.ad
by the way, your blog is really one of my favorite one 🙂
Set-ExchangeServer sets server settings that the server itself uses for AD access.
Set-AdServerSettings sets the settings for your Exchange Management Shell session. Eg if you were running the shell on your admin workstation.
Why the option DefaultPreferredDomainControllers keeps pointing to : {DC1.exchangeserverpro.local}? I have a lab environment that there are two dcs. I would like to demote one of them, but the exc keeps connected on it like your example. And I’ve changed the GC. 🙂
Hi Daniel,
you have to run this command
set-adserversettings -configurationdomaincontroller
paul used the preferreddomaincontroller switch.
You may or may not see this issue I had on Exchange 2007 but good to refer to: http://bit.ly/5KKRXX – Exchange 2007 Setup Error: Setup Cannot use Domain Controller