How to change Active Directory Site for Exchange 2010, step by step
Updated: Mar 30, 2019
If you are looking for a procedure to change the Active Directory site where your Exchange servers (CAS, DAG, HUBs) are located without affecting the users connectivity with services as Autodiscover, this post shows how to do that in a very easy manner.
I would like to highlight that is extremely important that you test it in a separate environment before executing it in your production servers.
Step by Step
1. Before starting, confirm that your Exchange servers are authenticated and located at the same AD site than your DCs, which in this moment the expected output should be the OLD_SITE. To do that, execute the command: nltest /dsgetdc:domain
2. Next, from one of your CAS server, make sure the AD Site is the OLD_SITE for Auto Discover Site Scope web services and for the CAS array:
Get-ClientAccessServer | ft name,autodiscoversitescope
Get-ClientAccessArray | ft name,site
3. Open your EMC and switchover all DB copies to DAGPROD2K801 server:
4. Open AD Sites and Services Span-in, and change the Exchange subnets 10.11x.2.3x/28 and 10.11x.2.1x/28 from the OLD_SITE_PROD to site NEW_SITE_PROD. Do the same for the DR environment.
5. Force AD replication with the command repadmin /syncall /AdeP;
6. Reboot all your CAS servers and after all are back up again, reboot your DAG server which has no mounted DBs (DAGPROD2K802). Make sure the servers were authenticated by one of the DCs located in the AD site NEW_SITE_PROD. To do that, execute the command -> nltest /dsgetdc:domain
7. If you have Edge Transport Server in your environment, perform the below cmdlet in a CAS server to re-create the service to the new AD site (do the same for DR):
New-EdgeSyncServiceConfig -Site NEW_SITE_PROD
8. Check if the object EdgeSyncService was created in the site NEW_SITE_PROD and after, force the AD replication with the command repadmin /syncall /AdeP;
9. From a CAS server, open Services and make sure MS Exchange EdgeSync has started;
10. Change the CAS servers site affinity with the below cmdlet from a CAS server:
Set-ClientAccessServer -Identity "CASPROD2K801" -AutoDiscoverSiteScope “NEW_SITE_PROD”;
Set-ClientAccessServer -Identity "CASPROD2K802" -AutoDiscoverSiteScope “NEW_SITE_PROD”;
Set-ClientAccessServer -Identity "CASPROD2K803" -AutoDiscoverSiteScope “NEW_SITE_PROD”;
Set-ClientAccessServer -Identity "CASDR2K801" -AutoDiscoverSiteScope “NEW_SITE_DR”;
11. After to execute the above commands no output is expected, so you need to make sure now that the AD site is the new one. To do that, execute the below command:
Get-ClientAccessServer | ft name,autodiscoversitescope;
12. Next, change the CASARRAY site affinity with the below cmdlet from a CAS server:
Set-ClientAccessArray -Identity "PRODxxxARRAY.contoso.local" -Site “NEW_SITE_PROD”
13. Make sure the AD site is NEW_SITE_PROD for PRODxxxArray:
Get-ClientAccessArray | ft name,site;
Do the same for DR environment, changing only the specific parameters.
14. From the server DAGPROD2K802, open your EMC and switchover all DB copies to this server. After that, restart the second DAG server DAGPROD2K801 and make sure it was authenticated by a DC in the site NEW_SITE_PROD: nltest /dsgetdc:domain
15. Finally, check the Event logs in all servers and make sure you got the event ID MSExchange AD Topology 2080 with the content CDG177101171.
16. At this point, all your Exchange servers are running in a new AD site, connecting to new DCs, and your users should be able to connect to Exchange servers from MS Outlook.
For any doubts or suggestions, please leave a comment below.