Exchange 2013 SP1 introduced support for Windows Server 2012 R2, and also introduced support for a new feature in Windows Server 2012 R2, Failover Clusters without an Administrative Access Point. You can now create a DAG, that does not need separate IP’s on each subnet for the DAG itself. It also no longer creates the CNO which is seen as the computer account in Active Directory. The benefit of this feature is that you reduce complexity, no longer need to manage the computer account for the DAG, and no longer need to assign IP addresses for each subnet on which the cluster operates. There are some downsides, but it shouldn’t affect Exchange admins much. Mainly, since there is no ip address and no CNO, you cannot leverage Windows Failover Cluster admin tools to connect to it. You need to leverage local PowerShell against a cluster node directly. With Exchange, this shouldn’t be too much of a problem as almost all of the management of the cluster is handled with Exchange tools through management of the DAG itself.
In our example, we have two servers in separate AD sites that we are going to configure in our DAG:
We will create a DAG named SOA-DAG-2013. Now, previously this would be the name of the CNO that Exchange would create underneath. This is changed to essentially be a label that is stamped on all the nodes for management, but will no longer create the CNO.
If we login to EAC and navigate to Servers->Database Availability Groups, we can create the DAG by click on the plus sign:
Enter in the information for the DAG, and remember to specify your Witness Server. It should be another Exchange 2013 Server in your primary datacenter location that is not also a member of the DAG. We will specify one IP address of 255.255.255.255:
If we are doing this in PowerShell, the syntax is different:
New-DatabaseAvailabilityGroup –Name SOA-DAG-2013 –DatabaseAvailabilityGroupIPAddresses ([System.Net.IPAddress]::None) –WitnessServer NYDC-SOAE13CAS1.soa.corp –WitnessDirectory c:\WitnessDirectory\SOA-DAG-2013
Now, from here, building the DAG should have the same steps. Lets add the mailbox servers to the DAG. If you don’t already have Windows Failover Clustering installed, these steps will install it for you.
From the EAC:, under Database Availability Groups select the DAG name, and click on the Server with the gearbox icon:
Add your servers to the DAG and click Save:
From the Exchange Management Shell:
Add-DatabaseAvailabilityGroupServer -Identity SOA-DAG-2013 -MailboxServer SFDC-SOAE13MBX2
And your all set. The DAG has been configured with no Administrative Access.
If we check the properties of the DAG in the EAC we can see the IP address is listed as 255.255.255.255:
And even though we had that string in the PowerShell command, if we check the IP address in PowerShell, we only have 255.255.255.255 listed as an IP address: