I think that it is pretty apparent that Exchange server relies heavily on Active Directory (AD). In fact, you will not get very far without AD or with an unhealthy AD. This post will talk about the Exchange Active Directory Topology Service and then examine Event 2080. This post will not go into every aspect on how Exchange relies on AD.
A Windows service called the Microsoft Exchange Active Directory Topology service is a required service for Exchange to function. It is probably easy to say that it is the most important Exchange service.
Most Exchange services cannot function if this service is stopped. Here is a list of services that depend on the Exchange Active Directory Topology service.
The Topology Discovery process is set to run every 15 minutes and will generate Event 2080 in the Application Event Log. If the AD topology changes or if domain controllers become unavailable, Exchange will update its list of usable domain controllers and represent those in Event 2080.
Note that DC’s will be listed in priority and will be classified as either within the same AD site or out of the AD site. Exchange will always use DC’s within its own site first. Also note the letters and numbers that are listed after each DC. Below we will review what each of these letters/numbers mean and what values should be expected.
First let’s define each position. We will use the details out of the above event:
Position | Flag Use | Notes |
A | Configuration DC | Value is either “C” or “-“. A hyphen means that this server cannot act as a Configuration DC |
B | Regular DC | Value is either “D” or “-“. A hyphen means that this server cannot act as a regular DC |
C | Global Catalog | Value is either “G” or “-“. A hyphen means that this server cannot act as a Global Catalog |
D | Availability | Value of “1” indicates that the server is available |
E | Port Access | Bit mask indicating what ports are available for LDAP access:
”0” = server is unusable by ADAccess ”1” = LDAP access for global catalog is possible on port 3268 ”2” = server is reachable for DC requests on port 389 ”4” = server can act as the configuration DC ”7” = server is available on all necessary ports |
F | Synchronization Status | Bit mask indicating the AD synchronization status as indicated by the “isSynchronized” flag on the rootDSE object:
”1” = global catalog is synchronized ”2” = the DC is synchronized ”4” = the configuration DC is synchronized ”7” = the server is completely synchronized in terms of AD |
G | Global Catalog | “0” = server is a DC ”1” = server is a global catalog server |
H | PDC flag | “0” = server is not the primary DC ”1” = server is the primary DC (PDC) |
I | SACL rights test | “0” = ADAccess does not have necessary permission “1” = ADAccess has the necessary security permission to read Exchange information from directory |
J | Critical data | “1” = ADAccess located the Exchange server that it is running on in the configuration naming context of the DC |
K | Netlogon | Bit mask indicating success of ADAccess in connecting to Netlogon service running on DC using RPC:
”7” = all attempts were successful |
L | OS Version | “0” = does not meet requirements ”1” = DC runs a version of Windows that is supported by Exchange 2010 |
This is a great place to start troubleshooting intermittent issues with Exchange since everything relies on a healthy and accessible AD.