Resolved: Exchange 2013 SP1 readiness check failing with AD errors (User permissions and connectivity)
Recently I’ve been having issues with our storage array for which reason I decided to deploy our Exchange Server 2013 SP1 server on the cloud instead of onPremise. As I tried to install the system I came across multiple readiness check failures that threw me off. After all, you usually expect things like you are missing some IIS components or some framework, but this time all the errors were about the user not having Enterprise Admin rights, not being able to connect to AD, etc. Obviously this is not our first Exchange server and I had successfully deployed and added the admin to all the relevant security groups… so what’s going on?
As I mentioned I was deploying our server on the public cloud which currently has a DC with GC capabilities configured as a separate site on a different subnet. For some reason Exchange Server 2013 SP1 when found on such environment struggles with AD… I tried all the basics to check for connectivity or issues using DCDIAG and that other tool I can’t remember the name at the moment. But reading online I found someone on a similar situation and mentioned several changes one including the server’s site on his possible resolutions. That clearly sent me on the right direction.
So in order to resolve this issue what I ended up doing was doing a VPN connection to our main office forcing all the traffic through it (that way it will use our HQs DNS and our primary AD site). Apparently that was all it took for the system to recognize my credentials, permissions and AD again. Maybe there is a setting I haven’t properly configured that needs to be in place when the server is on a different AD site, but for now this change did the trick. After I was done setting up Exchange I proceeded to leave the network connections in their original state and it still works fine.
If you have come across this issue and have any ideas why deploying on a different AD site subnet causes this issues I would appreciate if you could share it with us. This is not the first time we do such a deployment, we had done it using CU2 and CU3 on the cloud with no issues so something probably changed on SP1 is my best guess. Regardless getting a more clear idea of this would be helpful.