Export (0) Print
Expand All
0 out of 1 rated this helpful - Rate this topic

Troubleshooting the RollAlternateServiceAccountCredential.ps1 Script

Exchange 2010
 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-07-23

This topic provides solutions and information about common errors that may occur when you use the RollAlternateServiceAccountPassword.ps1 script.

When you use the parameters ToEntireForest or ToArrayMembers with the script, in some instances, one or more of the Client Access servers may not be updated.

Verify the servers the script will target all required servers by using the Get-ClientAccessArray cmdlet, as shown in the following example.

Get-ClientAccessArray | fl members

If the server that's failing to update is a member of the Client Access array and is still not updating correctly, rerun Exchange Setup and add the Client Access server role to the server again. You can also specify individual servers to target using the parameter ToSpecificServers.

In some circumstances, servers might fail to update because of transient errors such as a bad network connection.

Verify that the servers in question have network and Active Directory connectivity, and then try the script again.

If a server is out of rotation for a longer period of time but is still a member of the array, as determined by the Get-ClientAccessArray cmdlet, the script functionality may be impaired when using the parameters ToArrayMembers and ToEntireForest. The same problem will occur if a server has had a permanent failure but hasn't been cleanly removed from your deployment.

To resolve this issue, remove the server from your deployment using Exchange Setup or run the script in attended mode until the server can be removed.

If the server will only be down for a short time, and you don't want to permanently remove Exchange, you can adjust the script to run against specific servers using the parameter ToSpecificServers so that only active servers are targeted. Or, you can remove the RPC Client Access service from the non-responsive server’s Active Directory object by using the Remove-ClientAccessArray cmdlet, as shown in the following example.

Remove-RPCClientAccess -Server Server.Contoso.com

After the RPC Client Access service has been removed, the server won't be returned as an array member by Get-ClientAccessArray and the script won't target it. As soon as the server is functional again, you can re-add the RPC Client Access service by using the New-RpcClientAccess cmdlet. When the RPC Client Access service is re-added, be sure to restart the Microsoft Exchange Address Book service on the affected server.

CautionCaution:
Before you remove the RPC Client Access service from a server, see the topic Remove-RpcClientAccess.
 © 2010 Microsoft Corporation. All rights reserved.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.