A database availability group (DAG) is a high availability and data recovery feature of Exchange Server.It’s introduced with Exchange 2010.DAG member server can host a copy of mailbox database from any other servers in DAG.DAG member provide automatic recovery from database failures ( disk,server, or network)
In this example i created DAG with two members (m1 and m2)
It’s advisable (but not neccessary) to have separate DAG subnet (replication network),in this example,subnet 10.10.10.0 was used as replication network.If DAG replication network is configured,it needs to be exempted from DNS registration
Check box Register this connection’s addresses in DNS has to be unchecked
192.168.0.0 is LAN (MAPI) network in which client computers are connected.
Prestaging CNO in Active Directory
One of the first steps in DAG configuration is to pre-stage Cluster Name Object (CNO) in Active Directory.CNO is needed for providing an identity to DAG and cluster.CNO is computer object in AD.
On domain controller,create new computer object,add Full Control permissons to Exchange Trusted Subsystem and first DAG member (m1)
Exchange Trusted Subsystem is a highly privileged group and has read/write access to every Exchange-related object in all Exchange-prepared domains in the forest
Enable Advanced Featurs,(it’s neccessary to enable security tab in newly created object)
Click on security tab,add Exchange Trusted Subsystem and m1 (check computers in object types) in and give it full control
And finally disable dag computer account:
Configuring witness server (quorum.ja.com)
Witness server is used to host shared folder for DAG and is used to maintain an quorum (configuration in a failover cluster that determines the number of failures that the cluster can sustain while still remaining online)
More about quorum:http://blogs.msdn.com/b/clustering/archive/2011/05/27/10169261.aspx
Witness server is only used when there is an even number of nodes in the DAG (vote counts).You can use domain controller as witness server but it is not recommended.A DAG member can not be configured as witness server.A DAG must have “quorum” to mount databases and if it loses it, mailbox database won’t be mounted.Each DAG member participate in “voting”.Formula for calculating enough number of vote members to maintain the cluster online is (number of nodes / 2) +1. In our case,with 2 nodes,we need 2 online members for cluster to be up and running.In normal circumstances,witness is not needed,because we have 2 DAG members online,but if one of DAG nodes goes down,remaining DAG member will use our witness server to maintain cluster online.(Witness gives it’s “vote”).But,if we restart the witness server,database will dismount until failed DAG member goes online again.
We must add Exchange Trusted Subsystem to local administrators group on witness server.In this example,quorum.ja.com is witness server.In run box,type lusrmgr.msc and add Exchange Trusted Subsystem to local administrators group:
On witness server,open ports for file and print sharing,port 135 (for RPC connection) and RemoteAdmin
netsh firewall set service RemoteAdmin enable netsh firewall add portopening protocol=tcp port=135 name=DCOM_TCP135
Creating DAG
Using ECP:
Click Servers-Database Availability Groups (+) sign
Enter dag name,witness server,path to shared folder on witness server (you don’t need to create that folder manually,it will be created automatically), and dag IP address (it’s address from LAN-MAPI network)
Using PowerShell:
[PS] C:\Users\administrator.JA\Desktop>New-DatabaseAvailabilityGroup -Name dag -WitnessServer quorum.ja.com -WitnessDirectory c:\DAG -DatabaseAvailabilityGroupIpAddresses 192.168.0.60
Note! if you get error that “The Exchange Trusted Subsystem is not a member of the local Administrators group on specified witness server <ServerName>.”,and you addedd Trusted subsystem to local Admin group,just ignore that warning
https://support.microsoft.com/en-us/kb/2644540
On witness server,shared DAG folder is created automatically,CNO object dag,we have created earlier,have full share permissions.(That’s why we have added Exchange Trusted Subsystem into Local Admins group on witnes server)
Adding DAG members
We now need to add m1 and m2 as DAG members
Using ECP:
Click marked (“cog” sign with server simbol)
Click + and add DAG members
Powershell:
[PS] C:\Users\administrator.JA\Desktop>Add-DatabaseAvailabilityGroupServer -Identity dag -MailboxServer m1 [PS] C:\Users\administrator.JA\Desktop>Add-DatabaseAvailabilityGroupServer -Identity dag -MailboxServer m2
On both DAG members (m1 and m2),Failover cluster is installed,with Node and File Share Majority.
Configuring Database Copies
During Exchange install,mailbox database “Mailbox Database 0677329633” was created.We want to replicate this database to m2 DAG member Exchange server (no databases exist)
using ECP:
click servers-databases-select database we want to replicate and then click on “three dots”
Click on Add Database copy
Type database name,click browse and select server to which you want to replicate database (m2).Activation preference number
(During database activation, when multiple database copies satisfy the criteria for activating, the Activation Preference Number is used to decide which database copy is to be activated) is automatically increased to next available number-2.(m1 already host the database with preference number of 1)
Powershell:
[PS] C:\Users\administrator.JA\Desktop>Add-MailboxDatabaseCopy -Identity "Mailbox Database 0677329633" -MailboxServer m2 -ActivationPreference 2
On m2,database folder is automatically created:
In Exchange Control Panel,we can see that database is hosted on both servers
Or with PowerShell:
[PS] C:\Users\administrator.JA\Desktop>Get-MailboxDatabaseCopyStatus -Identity "Mailbox Database 0677329633" | ft
Moving Database Copy between DAG members
In this example,we will move “Mailbox Database 0677329633” from m1 to m2.It is planned “switchover”
Using ECP:
on m1 select the database and click Activate
Powershell:
[PS] C:\Users\administrator.JA\Desktop>Move-ActiveMailboxDatabase "Mailbox Database 0677329633" -ActivateOnServer m2 -MountDialOverride:None -Confirm:$false
-MountDialOverride:None-m2 mounts the database using its own defined database auto mount dial settings
-MountDialOverride:GoodAvailability-the database automatically mounts immediately after a failover if the copy queue length is less than or equal to six. The copy queue length is the number of logs recognized by the passive copy that needs to be replicated. If the copy queue length is more than six, the database doesn’t automatically mount. When the copy queue length is less than or equal to six, Exchange attempts to replicate the remaining logs to the passive copy and mounts the database.
-MountDialOverride:BestAvailability-the database automatically mounts immediately after a failover if the copy queue length is less than or equal to 12
-MountDialOverride:Lossless- the database doesn’t automatically mount until all logs that were generated on the active copy have been copied to the passive copy.
Conclusion
DAGs only provide high availability for mailbox databases not for the other Exchange Server role.Database availability groups provide high availabilty solutions in single data center environments,but are not suited in stretched DAGs.
geekdudes 