Wednesday , October 23 2019

How to create a DAG (Database Availability Group) in Exchange 2010

Well, Creating DAG is much more simpler,

But configuring it properly is the best part to have it efficiently working.

So lets see how to create a 2 node DAG , where most of the Environments are willing to have 2 Dedicated servers for Exchange which has all the roles HUB,CAS,MBX.

NOTE **Am not Describing Client access array in this blog , Windows NLB won’t work if you have all roles installed on the same Server

you should for a 3rd party NLB in this Scenario for Client access Array ,

I will describe my environment now

I have 2 AD sites

image

Exchange Servers = 2 , Every AD site has a Exchange Server

image

========================================================

First we will prepare the Environment for the DAG

You can Skip this Step if you are not going to Have your File Share Witness in the Domain Controller

 

Am Adding Exchange Trusted Subsystems in Administrators Group as am going to have my File Share Witness in the “Primary-DC”

To get rid of permissions issue. If you are not giving this permission , you may end up with the below error while creating DAG.

Insufficient permissions to access file shares on witness server . Until this problem is corrected, the database availability group may be more vulnerable to failures. You can use the Set-DatabaseAvailabilityGroup cmdlet to try the operation again. Error: Access is denied

Open Administrators Group and add Exchange Trusted Subsystem Group to it.

image

———————————————————————————-

I will have my Primary LAN . Will add a Replication LAN ,for my DAG replication

So that I will come out of an Single point of failure on my LAN

If my replication network fails it can failover to the production network. vice versa.

image

My Replication Network , IP configuration should be defined as below

as one machine cannot have 2 default gateways,

image

Will do the same on both the nodes . will add a route for my Replication IP , so that they can ping each other

==========================================================================

Now we will  Create a DAG ,

image

Specify the DAG name . Witness Server Name , Witness Location

image

“ Always have File Share Witness in the Primary Site “

Now my DAG is Ready

Add members to it.

image

Adding the members

image

image

Great !! Now your DAG is ready !!

Now go to your DAG properties , Assign a Static IP for the DAG

if you have difference subnet or different class of ip on either Sites.

Have Two IP address for the DAG so that DAG resource can be online while failover on either sites

If you have only one Subnet , then you can have only one Ip address for the DAG

image

Now you can see your Database Master Servers are pointing to the DAG

image

Now you can add a Mailbox Database Copy , So that Databases can Failover Each other

image

Choosing a Server to Add a Copy

image

Now your Copy Shows Healthy

image

Now you can Activate a copy on the other server to Test the Failing over a database

image

image

Lossless is 0 logs lost, Good Availability is 3 logs lost, and Best Availability, which is the default, is 6 logs lost

Best Effort – You might have a massive loss of data.

You can choose as per your convenience ,Great !! you did a Database failover now !!

For Disaster Recovery Purpose You got to add Two more steps

Enabling DataCenterActivationMode , This avoids Split Brain Syndrome if the whole Primary Datacenter Fails

Set-DatabaseAvailabilityGroup "DAG1-CareExch" –DataCenterActivationMode DAGOnly

image

Configuring Alternate File Share Witness

Set-DatabaseAvailabilityGroup "DAG1-CareExch" –AlternateWitnessServer "DR-DC" –AlternateWitnessDirectory "C:\File Share Witness"

image

Now you got the Recommended design for DAG !!

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Azure365pro.com. Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Save Public IPs using F5 LTM Policies

F5 has different modules and one of them is LTM – Local Traffic Manager . ...

9 comments

  1. Nice one.

    Why are you using the “primary-exch’ as your witness server?

    My understanding is the Witness server should be a separate Exchange server with at least one role installed (e.g., hub transport). Therefore, you have “primary-exch” and “dr-exch” as member servers then you have the third exchange server as the witness server.

  2. Hi,
    I have 2* Windows 2008 R2 server with Exchange as nodes + one another Windows 2008 R2 server to be configured as Witness server.

    All the 3 systems are under “Exchange Trusted Subsystem” security group. However, my DAG configuration constantly fails with the error as below:

    “Warning:
    Insufficient permissions to access file shares on witness server ‘win-52-239.interopexchange.com’. Until this problem is corrected, the database availability group may be more vulnerable to failures. You can use the Set-DatabaseAvailabilityGroup cmdlet to try the operation again. Error: Access is denied

    Exchange Management Shell command completed:
    New-DatabaseAvailabilityGroup -Name ‘InteropDAG1? -WitnessServer ‘win-52-239.interopexchange.com’ -WitnessDirectory ‘c:\witness’

    Elapsed Time: 00:00:00?

    Any help possible on this please? Please let me know if you need any further information?

  3. Will you be able to enable DataCenterActivationMode with only 2 members in DAG? I think the requirement to enable DataCenterActivationMode is 3 or more DAG members.

  4. Hi,
    i have exchange 2013 sp1 with win 2012, my problem is my database mount automatically even i shutdown my primary data center, (DAC mode is enable)
    file share witness are on both side..
    PAM is on primary data center.
    is it due to dynamic quram model ?
    Regards

    • Satheshwaran Manoharan

      DAG cannot have two witness . Secondary witness . needs manual intervention . Witness doesn’t fail over.

      Read misconceptions of DAG . Google it .

  5. Hi,
    from file share witness server on both side i mean i mention my alternate file share witness in DAG.
    but still file share is on primary site.. i am not ruing any command to activate DR site.

  6. Internet is written with the capital letter in a sentence, by the way. And hundredths are written not with a point but with a comma. This is according to the standard. And actually everything is very good..!

Leave a Reply

Your email address will not be published.