When creating a new DAG on top of Windows Server 2012 the new DAG object must be created before running the wizard/cmdlet using either Exchange Admin Center or Exchange Management Shell.
You may want to use the same procedures where the Exchange Admin does not have enough permissions to create AD objects.
In this Series we are going to name our DAG as DAGTOR and it will have 4 members (TOREX01, TOREX02, POAEX01 and POAEX02), as you may have noticed the DAG will be spread in two datacenters, each step required to build that environment will be demonstrated in this series.
Creating the DAG object in Active Directory Users and Computers..
First of all, let’s open the Active Directory Users and Computers, and then click on View and then Advanced Features.
and create a new computer. Right click on the desired OU, then select New and then computer.
Well done! Computer account created, now let’s right-click on the object that we have just created, and then click on Disable Account and then Yes.
Permissions required on the new object..
Time to play with the permissions, let’s as properties of the object that we have just created, and let’s go to the Security tab.
The first step is to find out the Exchange Trusted Subsystem entry and after selecting it, make sure to click on the first column of the line Full Control as shown in the figure below.
Now, we need to assign permissions to the first DAG member that will be added to the new DAG. Let’s click on Add… and then click on Object Types… and make sure to select only Computers and then click OK.
Back to the second window, type in the name of the first DAG member (in our case will be TOREX01) and click on Check Names, and finally click on OK.
Now that we are back on the properties of the new DAG computer object, select the computer that we have just added to the list and select the first column of the Full Control. Click on Apply and OK.
That’s it! Now on our series we checked the process to create and manage the DAG Witness Server and how to create the object that will be used to create our future DAG.
Latest posts by Anderson Patricio (see all)
- How to remove non-routable domains from your Exchange Organization - April 14, 2015
- Exchange Server 2013 Cumulative Update 8 is out - March 17, 2015
- Managing your UC Certificate to add support to ADFS - March 17, 2015
- Using EOP to block messages based on country/language - March 16, 2015