Make sure the CNO has the right permissions:
After adding the mailbox to the DAG, the server needs to be restarted
Hello everybody!
There is a DAG on Exchange 2019 CU 12, I'm trying to add two mailbox servers to the DAG cluster. When you add the Add-DatabaseAvailabilityGroupServer -Identity DAG 03 -Mailbox Server MB 06 command, the server is added and the Failover Cluster role is being installed. I'm trying to add a second mailbox server to the cluster in the same way and I get an error. As it turned out, the source server requires a reboot - as far as I understood because of the cluster role. After that, he asks to add the mailbox to the cluster.
Can you tell me how to correctly add mailboxes to an existing DAG, that is, pre-install the Failover Cluster role?
Strange, but in the Exchange 2016 version I did not need to reboot the servers while adding mailboxes to the cluster, even when installing the Failover Cluster component, why is that?
Thanks!
9 additional answers
Sort by: Most helpful
-
Cobion 111 Reputation points
2023-02-01T22:47:59.99+00:00 add-databaseavailabiltygroupserver started on machine SRV-MAIL-03. [2023-02-01T22:29:40] add-dagserver started [2023-02-01T22:29:40] commandline: $scriptCmd = {& $wrappedCmd @PSBoundParameters } [2023-02-01T22:29:40] Option 'Identity' = 'DAG2022'. [2023-02-01T22:29:40] Option 'MailboxServer' = 'srv-mail-03'. [2023-02-01T22:29:40] Option 'DatabaseAvailabilityGroupIpAddresses' = ''. [2023-02-01T22:29:40] Option 'WhatIf' = ''. [2023-02-01T22:29:40] Process: w3wp w3wp.exe:11432. [2023-02-01T22:29:40] User context = 'NT AUTHORITY\SYSTEM'. [2023-02-01T22:29:40] Member of group 'Everyone'. [2023-02-01T22:29:40] Member of group 'BUILTIN\Users'. [2023-02-01T22:29:40] Member of group 'NT AUTHORITY\SERVICE'. [2023-02-01T22:29:40] Member of group 'CONSOLE LOGON'. [2023-02-01T22:29:40] Member of group 'NT AUTHORITY\Authenticated Users'. [2023-02-01T22:29:40] Member of group 'NT AUTHORITY\This Organization'. [2023-02-01T22:29:40] Member of group 'BUILTIN\IIS_IUSRS'. [2023-02-01T22:29:40] Member of group 'LOCAL'. [2023-02-01T22:29:40] Member of group 'IIS APPPOOL\MSExchangePowerShellAppPool'. [2023-02-01T22:29:40] Member of group 'BUILTIN\Administrators'. [2023-02-01T22:29:40] Updated Progress 'Validating the parameters.' 2%. [2023-02-01T22:29:40] Validating the parameters. [2023-02-01T22:29:40] Working [2023-02-01T22:29:40] Mailbox server: value passed in = srv-mail-03, mailboxServer.Name = SRV-MAIL-03, mailboxServer.Fqdn = srv-mail-03.entadm.group [2023-02-01T22:29:40] LogClussvcState: Received an InvalidOperationException for server srv-mail-03. [2023-02-01T22:29:40] LogClussvcState: clussvc is not installed on srv-mail-03.entadm.group. Exception (if any) = none [2023-02-01T22:29:40] The IP addresses for the DAG are (blank means DHCP): 10.128.49.20 [2023-02-01T22:29:40] Looking up IP addresses for DAG2022. [2023-02-01T22:29:40] DAG2022 = [ 10.128.49.20 ]. [2023-02-01T22:29:40] Looking up IP addresses for srv-mail-03. [2023-02-01T22:29:40] srv-mail-03 = [ fe80::7c6b:8e2c:4e7b:1b54%7, fe80::a9b6:99ae:d6e5:dc5a%6, 10.128.49.23, 10.106.5.23 ]. [2023-02-01T22:29:40] Looking up IP addresses for srv-mail-03.entadm.group. [2023-02-01T22:29:40] srv-mail-03.entadm.group = [ fe80::7c6b:8e2c:4e7b:1b54%7, fe80::a9b6:99ae:d6e5:dc5a%6, 10.128.49.23, 10.106.5.23 ]. [2023-02-01T22:29:40] DAG DAG2022 has 2 servers: [2023-02-01T22:29:40] SRV-MAIL-03 has an Operating System Version of 10.0 [2023-02-01T22:29:40] SRV-MAIL-02 has an Operating System Version of 10.0 [2023-02-01T22:29:40] SRV-MAIL-01 has an Operating System Version of 10.0 [2023-02-01T22:29:40] DAG DAG2022 contains server SRV-MAIL-02. [2023-02-01T22:29:40] DAG DAG2022 contains server SRV-MAIL-01. [2023-02-01T22:29:40] According to GetNodeClusterState(), the server SRV-MAIL-03 is NotInstalled. [2023-02-01T22:29:40] Updated Progress 'Checking if Mailbox server 'SRV-MAIL-03' is in a database availability group.' 4%. [2023-02-01T22:29:40] Checking if Mailbox server 'SRV-MAIL-03' is in a database availability group. [2023-02-01T22:29:40] Working [2023-02-01T22:29:40] GetRemoteCluster() for the mailbox server failed with exception = An error occurred while attempting a cluster operation. Error: Cluster API failed: "OpenCluster(srv-mail-03.entadm.group) failed with 0x6d9. Error: There are no more endpoints available from the endpoint mapper". This is OK. [2023-02-01T22:29:40] Ignoring previous error, as it is acceptable if the cluster does not exist yet. [2023-02-01T22:29:40] DumpClusterTopology: Opening remote cluster DAG2022. [2023-02-01T22:29:40] Dumping the cluster by connecting to: DAG2022. [2023-02-01T22:29:40] The cluster's name is: DAG2022. [2023-02-01T22:29:40] Groups [2023-02-01T22:29:40] group: Available Storage [not a CMS] [2023-02-01T22:29:40] OwnerNode: srv-mail-02.entadm.group [2023-02-01T22:29:40] State: Offline [2023-02-01T22:29:40] group: Cluster Group [Cluster Main Group] [2023-02-01T22:29:40] OwnerNode: srv-mail-02.entadm.group [2023-02-01T22:29:40] State: Online [2023-02-01T22:29:40] Resource: Cluster IP Address [Online, type = IP Address, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:29:40] Address = [10.128.49.20] [2023-02-01T22:29:40] EnableDhcp = [0] [2023-02-01T22:29:40] Network = [Cluster Network 1] [2023-02-01T22:29:40] Resource: File Share Witness (\\srv-sso-01.entadm.group\DAG2022.entadm.group) [Online, type = File Share Witness, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:29:40] Resource: Cluster Name [Online, type = Network Name, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:29:40] NetName = [DAG2022] [2023-02-01T22:29:40] Nodes [2023-02-01T22:29:40] node: srv-mail-01.entadm.group [ state = Up ] [2023-02-01T22:29:40] node: srv-mail-02.entadm.group [ state = Up ] [2023-02-01T22:29:40] Subnets [2023-02-01T22:29:40] Name(Cluster Network 1), Mask(10.128.49.0/27), Role(ClusterNetworkRoleInternalAndClient) [2023-02-01T22:29:40] NIC 10.128.49.21 on Node srv-mail-01 in State=Up [2023-02-01T22:29:40] NIC 10.128.49.22 on Node srv-mail-02 in State=Up [2023-02-01T22:29:40] Name(Cluster Network 3), Mask(10.106.0.0/16), Role(ClusterNetworkRoleInternalUse) [2023-02-01T22:29:40] NIC 10.106.5.21 on Node srv-mail-01 in State=Up [2023-02-01T22:29:40] NIC 10.106.5.22 on Node srv-mail-02 in State=Up [2023-02-01T22:29:40] Opening the cluster on nodes [srv-mail-02, srv-mail-01]. [2023-02-01T22:29:40] Other mailbox servers in the DAG are already members of cluster 'DAG2022' [2023-02-01T22:29:40] The server SRV-MAIL-03 does not belong to a cluster, and the other servers belong to DAG2022. [2023-02-01T22:29:41] Successfully resolved the servers based on the stopped servers list. [2023-02-01T22:29:41] The following servers are in the StartedServers list (The list is the StartedServers property of the DAG in AD): [2023-02-01T22:29:41] srv-mail-02 [2023-02-01T22:29:41] srv-mail-01 [2023-02-01T22:29:41] The following servers are in the StoppedServers list: [2023-02-01T22:29:41] Verifiying that the members of database availability group 'DAG2022' are also members of the cluster. [2023-02-01T22:29:41] Verifying that the members of cluster 'DAG2022' are also members of the database availability group. [2023-02-01T22:29:41] InternalValidate() done. [2023-02-01T22:29:41] Updated Progress 'Adding server 'SRV-MAIL-03' to database availability group 'DAG2022'.' 6%. [2023-02-01T22:29:41] Adding server 'SRV-MAIL-03' to database availability group 'DAG2022'. [2023-02-01T22:29:41] Working [2023-02-01T22:29:41] Updated Progress 'The task is installing the Windows Failover Clustering component on server SRV-MAIL-03.' 8%. [2023-02-01T22:29:41] The task is installing the Windows Failover Clustering component on server SRV-MAIL-03. [2023-02-01T22:29:41] Working [2023-02-01T22:30:44] The following log entry comes from a different process that's running on machine 'SRV-MAIL-03'. BEGIN [2023-02-01T22:30:44] [2023-02-01T22:29:41] Updated Progress 'The task is installing the Windows Failover Clustering component on server srv-mail-03.' 2%. [2023-02-01T22:29:41] Working [2023-02-01T22:29:41] Running PS> Import-Module -Name ServerManager [2023-02-01T22:29:41] Running PS> Add-WindowsFeature -Name RSAT-Clustering -IncludeAllSubFeature [2023-02-01T22:30:15] Produced result: Success: True, ExitCode: Success, RestartNeeded: No [2023-02-01T22:30:15] Running PS> Import-Module -Name ServerManager [2023-02-01T22:30:15] Running PS> Add-WindowsFeature -Name Failover-Clustering -IncludeAllSubFeature [2023-02-01T22:30:44] Produced result: Success: True, ExitCode: SuccessRestartRequired, RestartNeeded: Yes [2023-02-01T22:30:44] Warning: Please restart this computer before adding or removing roles or features. [2023-02-01T22:30:44] Updated Progress 'The task has installed the Windows Failover Clustering component.' 4%. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] The preceding log entry comes from a different process running on computer 'SRV-MAIL-03'. END [2023-02-01T22:30:44] Updated Progress 'The task has installed the Windows Failover Clustering component.' 10%. [2023-02-01T22:30:44] The task has installed the Windows Failover Clustering component. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] DumpClusterTopology: Opening remote cluster DAG2022. [2023-02-01T22:30:44] Dumping the cluster by connecting to: DAG2022. [2023-02-01T22:30:44] The cluster's name is: DAG2022. [2023-02-01T22:30:44] Groups [2023-02-01T22:30:44] group: Available Storage [not a CMS] [2023-02-01T22:30:44] OwnerNode: srv-mail-02.entadm.group [2023-02-01T22:30:44] State: Offline [2023-02-01T22:30:44] group: Cluster Group [Cluster Main Group] [2023-02-01T22:30:44] OwnerNode: srv-mail-02.entadm.group [2023-02-01T22:30:44] State: Online [2023-02-01T22:30:44] Resource: Cluster IP Address [Online, type = IP Address, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:30:44] Address = [10.128.49.20] [2023-02-01T22:30:44] EnableDhcp = [0] [2023-02-01T22:30:44] Network = [Cluster Network 1] [2023-02-01T22:30:44] Resource: File Share Witness (\\srv-sso-01.entadm.group\DAG2022.entadm.group) [Online, type = File Share Witness, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:30:44] Resource: Cluster Name [Online, type = Network Name, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:30:44] NetName = [DAG2022] [2023-02-01T22:30:44] Nodes [2023-02-01T22:30:44] node: srv-mail-01.entadm.group [ state = Up ] [2023-02-01T22:30:44] node: srv-mail-02.entadm.group [ state = Up ] [2023-02-01T22:30:44] Subnets [2023-02-01T22:30:44] Name(Cluster Network 1), Mask(10.128.49.0/27), Role(ClusterNetworkRoleInternalAndClient) [2023-02-01T22:30:44] NIC 10.128.49.21 on Node srv-mail-01 in State=Up [2023-02-01T22:30:44] NIC 10.128.49.22 on Node srv-mail-02 in State=Up [2023-02-01T22:30:44] Name(Cluster Network 3), Mask(10.106.0.0/16), Role(ClusterNetworkRoleInternalUse) [2023-02-01T22:30:44] NIC 10.106.5.21 on Node srv-mail-01 in State=Up [2023-02-01T22:30:44] NIC 10.106.5.22 on Node srv-mail-02 in State=Up [2023-02-01T22:30:44] Updated Progress 'Windows Failover Clustering is now installed. Running additional checks.' 12%. [2023-02-01T22:30:44] Windows Failover Clustering is now installed. Running additional checks. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] According to GetNodeClusterState(), the server SRV-MAIL-03 is NotInstalled. [2023-02-01T22:30:44] Updated Progress 'Checking if Mailbox server 'SRV-MAIL-03' is in a database availability group.' 14%. [2023-02-01T22:30:44] Checking if Mailbox server 'SRV-MAIL-03' is in a database availability group. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] GetRemoteCluster() for the mailbox server failed with exception = An error occurred while attempting a cluster operation. Error: Cluster API failed: "OpenCluster(srv-mail-03.entadm.group) failed with 0x6d9. Error: There are no more endpoints available from the endpoint mapper". This is OK. [2023-02-01T22:30:44] Ignoring previous error, as it is acceptable if the cluster does not exist yet. [2023-02-01T22:30:44] DumpClusterTopology: Opening remote cluster DAG2022. [2023-02-01T22:30:44] Dumping the cluster by connecting to: DAG2022. [2023-02-01T22:30:44] The cluster's name is: DAG2022. [2023-02-01T22:30:44] Groups [2023-02-01T22:30:44] group: Available Storage [not a CMS] [2023-02-01T22:30:44] OwnerNode: srv-mail-02.entadm.group [2023-02-01T22:30:44] State: Offline [2023-02-01T22:30:44] group: Cluster Group [Cluster Main Group] [2023-02-01T22:30:44] OwnerNode: srv-mail-02.entadm.group [2023-02-01T22:30:44] State: Online [2023-02-01T22:30:44] Resource: Cluster IP Address [Online, type = IP Address, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:30:44] Address = [10.128.49.20] [2023-02-01T22:30:44] EnableDhcp = [0] [2023-02-01T22:30:44] Network = [Cluster Network 1] [2023-02-01T22:30:44] Resource: File Share Witness (\\srv-sso-01.entadm.group\DAG2022.entadm.group) [Online, type = File Share Witness, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:30:44] Resource: Cluster Name [Online, type = Network Name, PossibleOwners = SRV-MAIL-01,SRV-MAIL-02 ] [2023-02-01T22:30:44] NetName = [DAG2022] [2023-02-01T22:30:44] Nodes [2023-02-01T22:30:44] node: srv-mail-01.entadm.group [ state = Up ] [2023-02-01T22:30:44] node: srv-mail-02.entadm.group [ state = Up ] [2023-02-01T22:30:44] Subnets [2023-02-01T22:30:44] Name(Cluster Network 1), Mask(10.128.49.0/27), Role(ClusterNetworkRoleInternalAndClient) [2023-02-01T22:30:44] NIC 10.128.49.21 on Node srv-mail-01 in State=Up [2023-02-01T22:30:44] NIC 10.128.49.22 on Node srv-mail-02 in State=Up [2023-02-01T22:30:44] Name(Cluster Network 3), Mask(10.106.0.0/16), Role(ClusterNetworkRoleInternalUse) [2023-02-01T22:30:44] NIC 10.106.5.21 on Node srv-mail-01 in State=Up [2023-02-01T22:30:44] NIC 10.106.5.22 on Node srv-mail-02 in State=Up [2023-02-01T22:30:44] Opening the cluster on nodes [srv-mail-02, srv-mail-01]. [2023-02-01T22:30:44] Other mailbox servers in the DAG are already members of cluster 'DAG2022' [2023-02-01T22:30:44] The server SRV-MAIL-03 does not belong to a cluster, and the other servers belong to DAG2022. [2023-02-01T22:30:44] Successfully resolved the servers based on the stopped servers list. [2023-02-01T22:30:44] The following servers are in the StartedServers list (The list is the StartedServers property of the DAG in AD): [2023-02-01T22:30:44] srv-mail-02 [2023-02-01T22:30:44] srv-mail-01 [2023-02-01T22:30:44] The following servers are in the StoppedServers list: [2023-02-01T22:30:44] Verifiying that the members of database availability group 'DAG2022' are also members of the cluster. [2023-02-01T22:30:44] Verifying that the members of cluster 'DAG2022' are also members of the database availability group. [2023-02-01T22:30:44] Updated Progress 'Updating the membership of server 'SRV-MAIL-03' in the AD group 'DAG2022'.' 16%. [2023-02-01T22:30:44] Updating the membership of server 'SRV-MAIL-03' in the AD group 'DAG2022'. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] Database 'MDB-04' is hosted on server 'SRV-MAIL-03'. Updating MasterServerOrAvailabilityGroup [2023-02-01T22:30:44] Updated Progress 'Updating the MasterServerOrAvailabilityGroup property of database 'MDB-04' to 'DAG2022'.' 17%. [2023-02-01T22:30:44] Updating the MasterServerOrAvailabilityGroup property of database 'MDB-04' to 'DAG2022'. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] Updating 'MDB-04'.MasterServerOrAvailabilityGroup to 'DAG2022. [2023-02-01T22:30:44] database[ 0 ] (MDB-04)'s MsOrDag=DAG2022. [2023-02-01T22:30:44] Updated Progress 'Successfully updated the membership of server 'SRV-MAIL-03' in Active Directory group 'DAG2022'.' 19%. [2023-02-01T22:30:44] Successfully updated the membership of server 'SRV-MAIL-03' in Active Directory group 'DAG2022'. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] Updated Progress 'Checking that the CNO for DAG2022 is part of Exchange Trusted Subsystems.' 21%. [2023-02-01T22:30:44] Checking that the CNO for DAG2022 is part of Exchange Trusted Subsystems. [2023-02-01T22:30:44] Working [2023-02-01T22:30:44] Unable to make Exchange Trusted Subsystems the owner of the CNO for DAG2022. Error: An Active Directory Constraint Violation error occurred on srv-rwdc-11.entadm.group. Additional information: This security ID may not be assigned as the owner of this object. Active directory response: 0000051B: AtrErr: DSID-030F25BA, #1: 0: 0000051B: DSID-030F25BA, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 20119 (nTSecurityDescriptor) . [2023-02-01T22:30:44] Updated Progress 'The CNO DAG2022 is now part of the Exchange Trusted Subsystem Security Group.' 23%. [2023-02-01T22:30:44] The CNO DAG2022 is now part of the Exchange Trusted Subsystem Security Group. [2023-02-01T22:30:44] Working [2023-02-01T22:30:46] Updated Progress 'Successfully added server 'SRV-MAIL-03' to database availability group 'DAG2022'.' 25%. [2023-02-01T22:30:46] Successfully added server 'SRV-MAIL-03' to database availability group 'DAG2022'. [2023-02-01T22:30:46] Working [2023-02-01T22:30:46] Updated Progress 'Done!' 100%. [2023-02-01T22:30:46] Done! [2023-02-01T22:30:46] COMPLETED add-databaseavailabiltygroupserver explicitly called CloseTempLogFile().