Microsoft Exchange team releases Exchange Server Security Updates (SUs) when vulnerabilities are discovered. You don't…
In the course Exchange Server High Availability, you learned how to load balance Exchange Server and keep the mail flow active. To complete the course, it’s essential to create a Database Availability Group (DAG) in Exchange 2013/2016/2019. Configure Exchange DAG to keep the mailboxes available when an Exchange Server fails.
Table of contents
Exchange Database Availability Group
A database availability group (DAG) is the base component of the Mailbox server high availability and site resilience framework built into Microsoft Exchange Server. A DAG is a group of up to 16 Mailbox servers that hosts a set of databases and provides automatic database-level recovery from failures that affect individual servers or databases.
All servers within a DAG must be running the same version of Exchange. For example, you can’t mix Exchange 2013 servers and Exchange 2016 servers in the same DAG.
There are two possibilities to configure DAG for Exchange Server:
- IP-based DAG (with IP)
- IP-less DAG (without IP) since Exchange 2013 SP1 (CU4)
In Exchange Server 2016 and higher, the default DAG set up is IP-less DAGs.
In this article, we will cover the IP-less DAG, which we do recommend to set up.
Single network interface
In Exchange Server 2016 and higher, we don’t recommend to create a dedicated network for replication (DAG). Use the same subnet and network that you already have set up.
The preferred architecture leverages a single, non-teamed network interface for both client connectivity and data replication. A single network interface is all that is needed because ultimately our goal is to achieve a standard recovery model regardless of the failure – whether a server failure occurs or a network failure occurs, the result is the same: a database copy is activated on another server within the DAG. This architectural change simplifies the network stack and obviates the need to manually eliminate heartbeat cross-talk.
Read more about the preferred architecture by the Exchange Team.
Convert between IP-based DAG and IP-less DAG
Do you want to move from IP-based DAG to IP-less DAG or the other way around? You have to create a new IP-based DAG or IP-less DAG because there is no option to convert.
Configure Database Availability Group
In four steps, you will configure the Exchange DAG.
Configure File Share Witness (FSW)
The first step is to configure the file share witness server permissions. We recommend you to use a file server and not any other server.
Don’t use a domain controller as a witness server!
Log in to the File Server. Go to Administrative Tools and start Computer Management.
Expand Local Users and Groups and click on Groups. Double-click on the Administrators group and add the group Exchange Trusted Subsystem.
Step one is done. Let’s create the DAG in the next step.
Create DAG (Database Availability Group)
Log in to Exchange Admin Center. Click on servers in the feature pane and click on database availability groups in the tabs. In the toolbar, click on + to create a new DAG.
Fill in the DAG name, witness server, witness directory. Leave the IP address empty or specify the IP address 255.255.255.255. Click Save.
Exchange Server will automatic add the IP address 255.255.255.255 if you leave it empty.
The database availability group is created. You will see the DAG in the list view. Double-click on the DAG01-2016.
In the menu, click on IP address. Verify that you see the IP address 255.255.255.255.
Step two is done. The third step is to add the Exchange Servers to the DAG.
Add Exchange Servers to DAG
Select the database availability group in the list view and click the Manage DAG membership icon.
Click the + icon.
Select the Exchange Servers. Click on Add and follow with OK.
The task will install the Windows Failover Clustering on both the Exchange Servers.
The operation will add the Exchange Server to the database availability group.
The same will apply to the other Exchange Servers.
The operation will complete. Click Close.
The column Member Servers shows the Exchange Servers.
Step three is done. In step four, which is the last step, you will verify the witness server folder.
Verify File Share Witness folder
Go to the file server C:\ drive and verify that the DAG01-2016 folder is created. After opening the folder, you will find a GUID folder, and in there you will see two files with the name:
It can take a couple of minutes before both files show up. The size is small, and it will stay that way.
Exclude the File Share Witness folder from your Antivirus/Security product.
You did successfully configure an Exchange database availability group. The next step is to add mailbox database copies.
In this article, you learned how to create a DAG in Exchange 2016 step by step. Before you start, add the Exchange Trusted Subsystem to the Witness Server local administrator group. After that, create the DAG in Exchange Admin Center and add the Exchange Servers to the DAG. Don’t forget to verify your work as always.
Did you enjoy this article? You may also like Exchange Server in DMZ or LAN network. Don’t forget to follow us and share this article.