Unusual Exchange server troubleshooting

 ISSUE: there are 3 domain controllers on the environment, one of them is the primary DC, when we try closing it, outlook can't authenticate with exchange server. an outlook prompt keeps appearing we want to test in case of update or outage that nothing could go wrong Cause: The Primary Domain Controller had all FSMO roles including PDC role which is responsible for authentication. Resolution: Before closing the DC, we transferred the PDC role to another Domain controller, then shutdown the primary one To do so please follow: Click Start, point to Administrative Tools, and then click  Active Directory Users and Computers. Right-click  Active Directory Users and Computers , and then click  Connect to Domain Controller (If you on another DC) . Do one of the following actions: In the  Enter the name of another domain controller  box, type the name of the domain controller that will be the new role holder, and then click OK. -or- In the  Or, select an available domain controller  list,

 Issue: we closed the last exchange server on Prem, and run a script to delete the AD remnant, when we try to download Exchange Mangement tools we get the following error: The well-known object entry B:32:A1C2016C84D003458132789127B84:CN=Exchange Servers\0ADEL:b2360aad-5e45-40ae-a52a-22397689104a,CN=Deleted Objects,DC=contoso,DC=lab on the otherWellKnownObjects attribute in the container object CN=Configuration,DC=contoso,DC=lab  points to an invalid DN or a deleted object.  Remove the entry, and then rerun the task. Cause: After deletion of ADSI remnants of exchange server, some attribute transferred to deleted object container but is still added to  otherWellKnownObjects  attribute. Solution: 1 . Log on a Domain Controller with Domain Admin permissions 2 . Run ldp.exe -- the LDAP GUI pops up 3 . Click on the Connection menu item and choose the "Connect" item . Leave everything as it is. DO NOT ENTER THE SERVER. Click OK The right side panel populates with domain info. 4 .

 Issue: When we try to Renew the certificate and in the export certificate command we get error: A special RPC error has occurred on server E1901: The private key could not be exported as PKCS-12 could not be exported. Either no access was possible or the key cannot be exported. + CategoryInfo : InvalidArgument: (:) [Export-ExchangeCertificate], InvalidOperationException + FullyQualifiedErrorId : [Server=E1901,RequestId=6985d3ef-0907-4371-82c7-c3273b667433,TimeStamp=19.04.2024 14 23:22] [FailureCategory=Cmdlet-InvalidOperationException] 69D2698D,Microsoft.Exchange.Management.SystemConfigurat Cause: A certificate key was invalid. Resolution: A Rekey is requested for the certificate and it worked.