Setting Up a Database Availability Group in Exchange 2013

DAG, Exchange 2013, High Availability

We’ll walk through the steps of setting up a Database Availability Group or DAG for short in Exchange 2013.  Our setup is we have two mailbox servers:

PHDC-SOAE13MBX1 – IP Address of

SFDC-SOAE13MBX1 – IP Address of

There are a couple of requirements that we need to ensure are met before we can set up the DAG, and that things run well once we do. 

Requirement #1 – Windows Failover Clustering

For starters, Exchange DAG’s use windows failover clustering as the means to setup the foundation of the DAG.  This means that you will need to install Windows Failover Clustering on each of the mailbox servers that will be a member of the DAG.  The Exchange 2013 DAG setup will perform the install for you, so there is no need to do it ahead of time.  What you do need to know though, is that the underlying Windows operating system needs to be able to install it.  Meaning your Windows OS must be one of the following:

  • Windows Server 2008 R2 Enterprise
  • Windows Server 2012 Standard
  • Windows Server 2012 Enterprise

Requirement #2 – Same Operating System

Since Windows Failover Clustering has this requirement, so does Exchange 2013 DAG’s.  All members of the DAG need to run the same OS level.  Meaning you cannot have one DAG member running 2008 R2 Enterprise and another running 2012 Standard.

Requirement #3 – One DAG per Server

Each mailbox server can only be a member of one DAG at a time. 

Requirement #4 – You Need an IP address for the DAG in each subnet there is a mailbox server

Since the DAG is a cluster, that cluster needs an IP address in each subnet that there is a mailbox server.  This is separate from the mailbox server’s IP address.  In our example, we have two subnets we are spread across:

This means we need an extra IP address for each subnet to assign to the DAG.  In our case we will use:

Requirement #5 – Name of DAG

The name of the DAG needs to fit the NETBIOS requirements, meaning 15 characters or less.

In our example, we will use SOA-DAG-13.

Requirement #6 – Witness Server

We need a Witness Server that will be used in the event that we have an even number of members in the DAG, and there needs to be a tie breaking vote.  Best practice is to use an Exchange 2013 CAS server.  Realistically ANY windows server will do, but you need to add the Exchange Trusted Subsystem as an administrator to that local PC before you can use it.

In our example we will use PHDC-SOAE13CAS1 and use the directory of C:\Witness\SOA-DAG-E13.soa.corp

Optional Requirement – Replication Networks

While it is not required, it is certainly best practice to create a replication network.  With that, you would have an extra NIC on each DAG member that would be dedicated for replication traffic only.  In bigger installations this is certainly recommended as seeding and replication can easily use a significant portion of the bandwidth.

So let’s get started. 

Pre-Stage the DAG CNO

The first thing we need to do is pre-stage the computer name for the DAG. Open up AD Users and Computers.  Navigate to an OU that contains both your Mailbox servers in it.  Right click and create a new computer object.  Fill in the details as necessary:


Next, right click the account you just created and select Disable Account


Now, we need to assign permissions to this account so that the mailbox servers are allowed to manipulate the object, as well as the group Exchange Trusted Subsystem.

In AD Users and Computers, go to View->Advanced Features


Right click the account you created and go to Properties->Security tab.

Add the following objects to the computer account with Full Control

  • Exchange Trusted Subsystem
  • Each mailbox server

(You only really need to the add the first mailbox server that you are using to create the DAG, but just to make things uniform you can add both)




Ensure that AD replication has finished before moving on.

Creating the DAG

First, lets log into the Exchange Control Panel on either of the servers.  You can get there by going to https://servername/ecp .

Navigate to Servers->Database Availability Groups.  In our example, you can see my pre-existing Exchange 2010 DAG:


Click on the + symbol at top to create a new DAG, and enter in the information:


Not that we have added the Name of the DAG, the Witness Server, and the Witness Directory.  Then we add the IP’s we have assigned to the DAG itself underneath.  Click Save to create the DAG.

Now, if we double click and open the DAG, we will note there is nothing in it.  We need to add mailbox servers to it:


Back on the DAG screen, select your DAG object, then select the little server with the gear on it.  This will allow us to manage the membership of the DAG.


Select your mailbox servers:



And click save to begin adding them to the DAG:


If you didn’t install Windows Failover Clustering before hand, this will install it on each node for you.  It can take about five minutes for each server for the entire process.

Eventually the DAG will be complete:


Setting DAC Mode on the DAG

Once your DAG is done, there is one last item you should follow.  On an Exchange 2013 server, open the exchange management shell. run the following command to enable DAC mode:

Set-DatabaseAvailabilityGroup –Identity SOA-DAG-13 –DatacenterActivationMode DAGOnly


The purpose of DAC mode is to help prevent split brain, and also allow you to use to Stop-DatabaseAvailabilityGroup and Start-DatabaseAvailabilityGroup commands for failover.

Now your all set, the last thing to do is to add copies of the database on each DAG member. 



  1. This is very helpful and another thing could you explain on how to create alternative file share witness?

  2. David

    This worked a treat! Thank you so much for taking the time to place this out there.

Comments are closed.