Problem:
After some sort of update, Exchange services stuck in starting and won’t start. Error messages include “Unexpected error Logon failure: unknown user name or bad password. Facility: LDAP Provider ID no: 8007052e Microsoft Exchange System Attendant occurred.”
Solution:
(h/t Microsoft)
What I realized is that the issue was more rooted than just Exchange. When you try running DNS it comes back with a pop up that states “Access Denied”. If you check the FSMO roles, they all come back positive. DCDiag also has an error message.
The solution ended up being quite simple (after hours of research). First off, we suggested bloody switching to Office 365 and then the following:
- In case you have other Domain Controller/ DNS server present in the environment then configure the server experiencing the issue to point to other active DNS server in TCP/IP properties.
- Stop the KDC service on the DC experiencing the issue.
- Run the following command with elevated rights: netdom resetpwd /server:<PDC.domain.com> /userd:<Domain\domain_admin> /passwordd:*
- It will prompt for the password of the Domain Admin account that you used, enter that.
- Once the command executes, reboot the server.
- DNS zones should load now.
If this is the only DC in the environment and there are no other DNS Servers available then perform the same steps but replate the “PDC.Domain.com” with the server’s own IP address (since it itself is the PDC)