Here is my issue: In our organization, Exchange server 2013 is installed on windows server 2012,
From few months we are having issue with cluster fail-over.
We have a DAG with 8 nodes and in that 4 servers are having this issue
Here is the below event logs we are receiving and exchange DBs will get fail-over to the passive node
Let me know if you need any more detail
Could you please let me know the cause and resolution for this issue.
Here is the flow of event logs..
"IMPORTANT thing is this is happening every 3rd or 4th day the month, depends on the number of days in the month (30/31 days ) "
1 : NETLOGON
This computer was not able to set up a secure session with a domain controller in domain VCN due to the following:
The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
event : 5719
2 : Security Kerberos:
The digitally signed Privilege Attribute Certificate (PAC) that contains the authorization information for client Server-name$ in realm(FQDN) could not be validated.
This error is usually caused by domain trust failures; Contact your system administrator
event iD 7
3 : DNS Client event
The system failed to register host (A or AAAA) resource records (RRs) for network adapter
with settings:
Adapter Name : {******-3175-888-9999-******}
Host Name : Server-name
Primary Domain Suffix : FQDN
DNS server list :
131.**.***.*, 131.**.***.*
Sent update to server : <?>
IP Address(es) :
131.**.***.***
The reason the system could not register these RRs was because the update request it sent to the DNS server timed out. The most likely cause of this is that the DNS server authoritative for the name it was attempting to register or update is not running at this time.
You can manually retry DNS registration of the network adapter and its settings by typing 'ipconfig /registerdns' at the command prompt. If problems still persist, contact your DNS server or network systems administrator.
Even ID : 8015
4 : Fail-over cluster:
File share witness resource 'File Share Witness \\segotn5102.xyz.ab.abc.net\SEGOTNC5110.xyz.ab.abc.net)' failed to arbitrate for the file share \\segotn5102.xyz.ab.abc.net\SEGOTNC5110.xyz.ab.abc.net)'. Please ensure that file share \\segotn5102.xyz.ab.abc.net\SEGOTNC5110.xyz.ab.abc.net)' exists and is accessible by the cluster.
Segotn5102 - witness server
segotn5110 - DAG name (Virtual name)
event : 1564
Thank you,
Pradeep K
- Edited by Pradeep KS Friday, February 06, 2015 6:38 AM