In the first article of this series, we went over some of the premises of Exchange 2010, Database Availability Groups or DAG’s, and Database Activation Coordinator. We discussed our test environment, as well as how, in theory, an Exchange 2010 DAG handles the failure of a datacenter.
In this article, I’ll show you how to actual activate your disaster recovery site, should your primary site go down.
One of the first thing’s we need to take into consideration is how the clients, most importantly Outlook, connect to the DAG. We spoke in the first article how there is a new service in Exchange 2010 Client Access Servers, called the Microsoft Exchange RPC Client Access Service. Outlook clients now connect to the Client Access Server, and the Client Access Server connects to the Mailbox Server. This means Outlook clients don’t connect directly to the Mailbox Server’s anymore. This becomes significant in a disaster recovery situation.
Lets look at the output of the command:
Get-MailboxDatabase | Select Name,*rpc*
The RpcClientAccessServer value on a particular Mailbox Database indicates that connections to this database, are passed through to the Client Access Server listed. So, for all these databases above, all Outlook connections have to go through NYHT01.nygiants.com. (If you have more than one Client Access Server per site, which you should for redundancy and load balancing, you can create a cluster using either Windows Network Load Balancing, or a hardware load balancer, and change this value to point to the cluster host name). Lets look at our Outlook Client, and we notice that all connections are being passed to NYHT01.nygiants.com:
Alright, now, we are ready to start failing over servers! My test user, Paul Ponzeka, is located on a mailbox database named MDB02 which is running on server NYMB02:
So, to simulate a datacenter failure, we’ll just pull the power on ALL NY servers:
NY-XP1 (client machine)
So now, all of our NY machines are off, lets check the status of the Databases on our DR servers located in Boston:
Well, that’s not good huh? Notice how the DB’s for the two copies in NY are listed as ServiceDown under copy status? Also note that DRMB01, the Mailbox Server in Boston’s copy of the database is Disconnected and Healthy. The reason the DB is not mounted, is because of the DAC mode enabled on the DAG, which we discussed in Part 1 of this series. DRMB01 dismounts ALL its Mailbox Databases because there are not a majority number of DAG members available, this it can’t make quorum. It dismounts to prevent a possible split brain scenario, but in this case, we REALLY need to get this activated. How do we do this? What we need to do is remove the NY server members as being active participating members of the DAG. We do this through the Exchange Shell.
If we note the current status of the DAG with the command:
Get-DatabaseAvailabilityGroup | select Name,*server*
Notice that the Servers value lists DRMB01, NYMB01 and NYMB02 has servers in the DAG, and lists them again as StartedMailboxServers? Well, we need to tell the DAG, that NYMB01 and NYMB02 are no longer “started” or operational. We need to use the following command for that:
Our command can specify each server that’s down, one by one:
Stop-DatabaseAvailabilityGroup –Identity DAG1 –MailboxServer NYMB01,NYMB02
Or, since we lost the entire NY site, we can specify that the entire NY site:
Stop-DatabaseAvailabilityGroup –Identity DAG1 – ActiveDirectorySite NYC
Now, since our Mailbox Servers in NY are actually unreachable, we want to specify the –ConfigurationOnly option at the end of this command. Otherwise, the command attempts to actually stop the mailbox services on every mailbox server in the NYC site, and causes the command to take an extremely long time to complete:
Now, if we re-run the command:
Get-DatabaseAvailabilityGroup | select Name,*server*
We notice that the NY mailbox servers, NYMB01 and NYMB02 are both now listed as Stopped Mailbox Servers.
Next, ensure that the clustering service is stopped on DRMB01:
Now, we want to tell the DR site, it should restart with the new settings (both the NY servers missing):
Restore-DatabaseAvailabilityGroup –Identity DAG1 –ActiveDirectorySite DR
You will see a progress bar, indicating its adjusting Quorum and the cluster for the new settings. Don’t be alarmed if you see an error regarding the command not being able to contact the downed mailbox servers.
If we return to the Exchange Management Console, all our databases in the DAG have been mounted on DRMB01!
Great right? But our clients are still having trouble connecting. What’s the problem?
The reason is that NYHT01.nygiants.com is still listed as the RPC Client Access Server for this database:
We have two choices. First, is to change the DNS record for NYHT01.nygiants.com to be a CNAME for DRHT01.nygiants.com. Or the second, and faster method, is changing the RPC Client Access Server to be DRHT01.nygiants.com with the following command:
Set-MailboxDatabase MDB02 –RpcClientAccessServer DRHT01.nygiants.com
To do it for every DB that you failed over is simple:
Now, back to the Outlook client and WHOILA!
Now all your messaging services are back and running in your Disaster Recovery site, with limited downtime for your end users.
In this article we discussed how to fail over a datacenter to your backup or disaster recovery datacenter, should your primary go offline.
In the next and final part of this series, I’ll show you have to fail back to the primary datacenter site, which some admins think is even more terrifying than failing over!