Hi all,

I'm hoping to draw on some Windows Server 2003 expertise out there to solve a problem I'm having getting Exchange Server 2003 running for a class project. Ran dcdiag, passed all the tests. Ran netdiag, passed all the tests but one. I got this error ouput:


LDAP test....:FAILED

[FATAL] Cannot do NTLM authenticated ldap_bind to '(domain name)': Timeout.

[FATAL] No LDAP servers work in the domain '(domain name)'.


Can I still proceed with the Exchange installation in spite of this error, or this this an indicator of a flaw that will prevent Exchange from running properly? Is it an Active Directory configuration problem? I've googled about a bit, as well as perusing the MS Knowledge Base articles, but nothing seems to be particularly helpful. Any suggestions would be appreciated.

From what little I know, it does sound like it didn't manage to connect to any AD servers. I guess that will be a problem if you want it to authenticate users against the AD.

As for suggestions, sorry, but you'll have to wait for the windows-guys to arrive. All I can say is *bump* .

perhaps the new Exch server is unable to locate the LDAP server via DNS due to the AD domain not being able to make dynamic updates to the DNS server.

ensure that your DNS servers are allowing dynamic updates and that your servers are all pointing to them properly. then re-register the dns settings by restarting the NETLOGON service on your domain controllers and verify the updates were made by checking on the DNS server and looking for entries such as _msds, etc in the forward lookup zone that corresponds to your FQDN

perhaps the new Exch server is unable to locate the LDAP server via DNS due to the AD domain not being able to make dynamic updates to the DNS server.

ensure that your DNS servers are allowing dynamic updates and that your servers are all pointing to them properly. then re-register the dns settings by restarting the NETLOGON service on your domain controllers and verify the updates were made by checking on the DNS server and looking for entries such as _msds, etc in the forward lookup zone that corresponds to your FQDN

The box that Exchange is being installed on is the root for AD. I know you wouldn't normally do that, but this being an academic setting, we only have 2 machines to do the installs on (one for Server 2003 and one FreeBSD box as a firewall in front of it). I guess maybe that means that AD is not set up right if netdiag can't find any LDAP servers?

The problem might still be in the interaction between AD and DNS, though, if exchange always uses DNS to find the AD server (I sincerely have no idea).

How's the DNS server doing?

Just got back from working on it. Our professor was there and he said the above-mentioned problem wouldn't affect the Exchange intstall -- apparently not, since everything seems to work. The only thing is, we edited the ipfilter rules and now that won't work :p. But, it shouldn't be too hard to get that part all ironed out. I think BSD has been giving us a lot less trouble than 2003 as far as getting things working is concerned (except for the typo I made in sshd_config that prevented us from being able to SSH into the machine for 2 weeks till we finally figured out what was wrong... :rolleyes: )

I take it allllll back! Ipfilter is being more difficult than 2k3 Server. :mad: On the upside, we have confirmed that Outlook Web Access works. On the downside, everytime we turn the firewall back on, we can't get in :p

I think we have identified the problem:

the interface between the keyboard and the chair... ;)

LoL thank you ever so much for your kind words :rolleyes:

The point of the exercise is educational so that the PEBKAC goes away ;)