John
Fri May 09 13:13:13 CDT 2008
That's correct. Instead of trying to acess the virtual name on the virtual
IP, it's trying to access the virtual name on the IP of the passive node. A
network trace would probably sort things out.
John
"Mike O." <MikeO@discussions.microsoft.com> wrote in message
news:0DD47E3C-9420-41D7-A46D-D96CAAA5B719@microsoft.com...
> Thank you for the response. So it sounds like it's an issue from whatever
> is
> calling the system, not something misconfigured in Exchange, correct?
>
> I'll keep looking to see what is trying to access the system at those
> times.
>
> "John Fullbright" wrote:
>
>> Whatever it was tried to acces a cluster resource using the cluster name
>> on
>> a node that the cluster group was not running on (the passive node).
>>
>> Each node has a target name and the cluster virtual server has a target
>> name. If the virtual server is active on node a, both target names exist
>> on
>> node a. In your case the call was to the virtual name, EXMBC1, that
>> used
>> the IP of EXMBC1B when EXMBC1B was not the active node. Something is
>> misconfigured to take to the host IP addresses insted of the virtual IP
>> address.
>>
>>
>>
>>
>> "Mike O." <MikeO@discussions.microsoft.com> wrote in message
>> news:CDC727E3-06E5-4707-B6A6-AED7C32950E9@microsoft.com...
>> >
>> >
>> > "Andy David {MVP}" wrote:
>> >
>> >> On Wed, 7 May 2008 22:04:40 -0400, "Mike O" <put_the_spam@the.can>
>> >> wrote:
>> >>
>> >> >
>> >> >"Andy David {MVP}" <adavid@pleasekeepinngcheesebucket.com> wrote in
>> >> >message
>> >> >news:j49324p51e2mb5farv5p3eko9l51b5vd58@4ax.com...
>> >> >> On Tue, 6 May 2008 23:18:32 -0400, "Mike O" <put_the_spam@the.can>
>> >> >> wrote:
>> >> >>
>> >> >>>I have a new Windows 2007 setup with two mailbox servers with
>> >> >>>Windows
>> >> >>>2003
>> >> >>>R2 x64 in a CCR/Minority node set cluster with file share witness .
>> >> >>>It's
>> >> >>>only got a few users on it at this time, but we're getting ready to
>> >> >>>start
>> >> >>>migrating our existing users from our 2003 system.
>> >> >>>The mailbox cluster is called EXMBC1. The two nodes are EXMBC1a
>> >> >>>and
>> >> >>>EXMBC1b. Our internal domain is "company.local" (these are not the
>> >> >>>real
>> >> >>>names).
>> >> >>>
>> >> >>>It seems be working OK, the cluster fails over within 30 seconds,
>> >> >>>the
>> >> >>>users
>> >> >>>are getting the email, but I've noticed about once a day, usually
>> >> >>>overnight,
>> >> >>>the system event log shows a Kerberos error, ID# 4 in each mailbox
>> >> >>>server:
>> >> >>>*************************
>> >> >>>The kerberos client received a KRB_AP_ERR_MODIFIED error from the
>> >> >>>server
>> >> >>>host/exmbc1b.company.local. The target name used was exmbc1. This
>> >> >>>indicates
>> >> >>>that the password used to encrypt the kerberos service ticket is
>> >> >>>different
>> >> >>>than that on the target server. Commonly, this is due to
>> >> >>>identically
>> >> >>>named
>> >> >>>machine accounts in the target realm (company.local), and the
>> >> >>>client
>> >> >>>realm.
>> >> >>>Please contact your system administrator"
>> >> >>>**********************************
>> >> >>>
>> >> >>>The cluster was installed using the normal setup, the hardware is
>> >> >>>new
>> >> >>>and
>> >> >>>nothing very unusual.
>> >> >>>
>> >> >>>I've done some searching, but not found too much that seems to
>> >> >>>apply.
>> >> >>>I've
>> >> >>>seen some articles that address this error, but they seem to be
>> >> >>>related to
>> >> >>>an issue where the info store won't start after a failover; ours
>> >> >>>seems
>> >> >>>to
>> >> >>>start OK.
>> >> >>>
>> >> >>>Like I said, it doesn't seem to be causing any major problems, but
>> >> >>>I'd
>> >> >>>like
>> >> >>>to get it taken care of. Any suggestions would be appreciated.
>> >> >>
>> >> >> Do the events fire at the same time as your Exchange backups?
>> >> >>
>> >> >>
>> >> >
>> >> >I'm not sure, but I don't think so. The backup window for this
>> >> >server
>> >> >is
>> >> >between 1:00am and 6:00am. I'd have to check with our Operations
>> >> >group
>> >> >on
>> >> >when they end, but we only have two users on the server, so I don't
>> >> >think
>> >> >the backups are taking too long.
>> >>
>> >> Thats also almost the IS Maint window, so make sure your backups are
>> >> interferring with IS maintenance.
>> >>
>> >> >
>> >> >The kerberos errors are very scattered on the time. Here's the last
>> >> >week
>> >> >or so:
>> >> >5/7 1:00:25am
>> >> >5/6 3:57am
>> >> >5/5 1:00am
>> >> >5/4 3:25am
>> >> >5/3 1:00am
>> >> >5/2 6:02am
>> >> >5/1 5:49am
>> >> >4/30 5:46am
>> >>
>> >> Any other remote processes hitting that server? Monitoring, other
>> >> users, batch files? Someone checking the event logs remotely etc?
>> >>
>> >>
>> >> >
>> >> >I'll check with our operations group to see if there have been any
>> >> >delays on
>> >> >other backup jobs that might be pushing the Exchange backup schedule
>> >> >off.
>> >> >If it IS happening when the backups finish, what would be the cause?
>> >>
>> >
>> > I checked with Operations, it's definately NOT tied to the timing of
>> > the
>> > backups. It happened at 2:39am last night, then again 9:47 this
>> > morning.
>> > I can't think of anything we would have that would hit that server,
>> > especially the middle of the night times.
>> >
>> > What exactly is that error saying?
>>
>>
>>