A hybrid environment is set up between Exchange on-premises and Office 365. This time you…
Create DAG Exchange Server step by step
In the course Exchange Server High Availability, you learned how to load balance Exchange Server and keep the mail flow active. To complete the course, it’s essential to create a Database Availability Group (DAG) in Exchange 2013/2016/2019. Configure Exchange DAG to keep the mailboxes available when an Exchange Server fails.
Table of contents
Exchange Database Availability Group
A database availability group (DAG) is the base component of the Mailbox server high availability and site resilience framework built into Microsoft Exchange Server. A DAG is a group of up to 16 Mailbox servers that hosts a set of databases and provides automatic database-level recovery from failures that affect individual servers or databases.
Note: All servers within a DAG must be running the same version of Exchange. For example, you can’t mix Exchange 2013 servers and Exchange 2016 servers in the same DAG.
There are two possibilities to configure DAG for Exchange Server:
- IP-based DAG (with IP)
- IP-less DAG (without IP) since Exchange 2013 SP1 (CU4)
Note: In Exchange Server 2016 and higher, the default DAG set up is IP-less DAGs.
In this article, we will cover the IP-less DAG, which we do recommend to set up.
Single network interface
In Exchange Server 2016 and higher, we don’t recommend to create a dedicated network for replication (DAG). Use the same subnet and network that you already have set up.
The preferred architecture leverages a single, non-teamed network interface for both client connectivity and data replication. A single network interface is all that is needed because ultimately our goal is to achieve a standard recovery model regardless of the failure – whether a server failure occurs or a network failure occurs, the result is the same: a database copy is activated on another server within the DAG. This architectural change simplifies the network stack and obviates the need to manually eliminate heartbeat cross-talk.
Read more about the preferred architecture by the Exchange Team.
Convert between IP-based DAG and IP-less DAG
Do you want to move from IP-based DAG to IP-less DAG or the other way around? You have to create a new IP-based DAG or IP-less DAG because there is no option to convert.
Configure Database Availability Group
In four steps, you will configure the Exchange DAG.
Configure File Share Witness (FSW)
The first step is to configure the file share witness server permissions. We recommend you to use a file server and not any other server.
Important: Don’t use a domain controller as a witness server!
Sign in to the File Server. Go to Administrative Tools and start Computer Management.
Expand Local Users and Groups and click on Groups. Double-click on the Administrators group and add the group Exchange Trusted Subsystem.
Step one is done. Let’s create the DAG in the next step.
Create DAG (Database Availability Group)
Sign in to Exchange Admin Center. Click on servers in the feature pane and click on database availability groups in the tabs. In the toolbar, click on + to create a new DAG.
Fill in the DAG name, witness server, witness directory. Leave the IP address empty or specify the IP address 255.255.255.255. Click Save.
Note: Exchange Server will automatic add the IP address 255.255.255.255 if you leave it empty.
If Windows Firewall is enabled on the witness server, it may block the creation of the DAG. Exchange uses Windows Management Instrumentation (WMI) to create the directory and file share on the witness server
Do one of the following on the witness server:
- Enable the WMI exception in Windows Firewall
- Disable Windows Firewall
The database availability group is created. You will see the DAG in the list view. Double-click on the DAG01-2016.
In the menu, click on IP address. Verify that you see the IP address 255.255.255.255.
Step two is done. The third step is to add the Exchange Servers to the DAG.
Add Exchange Servers to DAG
Select the database availability group in the list view and click the Manage DAG membership icon.
Click the + icon.
Select the Exchange Servers. Click on Add and follow with OK.
The task will install the Windows Failover Clustering on both the Exchange Servers.
The operation will add the Exchange Server to the database availability group.
The same will apply to the other Exchange Servers.
The operation will complete. Click Close.
The column Member Servers shows the Exchange Servers.
Step three is done. In step four, which is the last step, you will verify the witness server folder.
Verify File Share Witness folder
Go to the file server C:\ drive and verify that the DAG01-2016 folder is created. After opening the folder, you will find a GUID folder, and in there you will see two files with the name:
It can take a couple of minutes before both files show up. The size is small, and it will stay that way.
Note: Exclude the File Share Witness folder from your Antivirus/Security product. Read more in the article Antivirus exclusions for Exchange Server.
You did successfully configure an Exchange database availability group. The next step is to add mailbox database copies.
Keep reading: DAG activation preference behavior change in Exchange 2016 CU2 »
You learned how to create a DAG in Exchange Server step by step. Before you start, add the Exchange Trusted Subsystem to the Witness Server local administrator group. After that, create the DAG in Exchange Admin Center and add the Exchange Servers to the DAG. Don’t forget to verify your work as always.
Did you enjoy this article? You may also like Exchange Server in DMZ or LAN network. Don’t forget to follow us and share this article.
This Post Has 25 Comments
I have a IP-less DAG in Exchange 2013 and now i want migrate to Exchange 2019. Is it possible to make another IP-less DAG on Exchange 2019 ??
Yes, you should create a new IP-less DAG on Exchange Server 2019 and add the Exchange Server 2019 member servers.
Tnx ali ,
I did It but i have a lot of queue in shadow redundancy and SmtRrelayWithAdSitetoEdge .
ok , i must find the problem. do you have any idea ???
Can we have two DAG one IP-based DAG and one IP-less DAG in one DataCenter.
Thanks a lot for your support. This article is helpful.
I have one simple question. Does this tutorial cover Exchange 2013? We have two same version Exchange 2013 servers but Im not sure should we use this tutorial?
You can follow the article and configure an IP-less DAG if you have:
Windows Server 2012 R2 or higher
Exchange 2013 SP1 (CU4) or higher
Thanks for sharing Ali,
We want to configure Ip Less new DAG2019 for our 2 Exchange2019 servers.
We use for our Organisation 3th Party Backup Software(Veeam).
Does using Ip Less prevent backup? I read this somewhere.
Thanks for your answer.
IP-less DAG is the recommended way. That said, good backup software will support IP-less DAG. For example, I use Veeam, and that works fine.
Ensure that you go through the documentation Veeam Backup of Database Availability Groups.
Hi,ALI,Exchange 2019 DAG Create is changed! Witness directory must be in the following format to be created successfully.
Database Availability Group Name: DAG01-2019
Witness Server: DAG01.xx.com
Witness directory: C:\DAG01-2019\DAG01-2019.xx.com
There are different combinations of options available to create an Exchange DAG. The one you showed is one of the options. The one I showed in the article works fine (just tested on Exchange Server 2019).
Hi,ALI,I found a very strange problem. I created a database high-availability group on exchange. After the creation was successful, no error was reported, but the witness directory could not be found in the C drive of the witness server.
After adding the Exchange Servers to the DAG, it will show the witness directory on the witness server.
Hi,@ALI, DAG Server can be highly available? In case the DAG server goes down, it is dangerous.
There is no way to configure DAG for high availability.
You can add more than one mailbox server to the DAG (up to 16 Mailbox Servers) and add database copies. That’s what a DAG offers. When a mailbox server goes offline, the mailbox databases will become active on another mailbox server.
Read more about Exchange Server high availability.
Can the DAG server be regularly backed up and restored as a snapshot? After the DAG server snapshot is restored, will the mail server work normally? grateful.
can mix Exchange 2016 cu 16 servers and Exchange 2016 cu 22 servers in the same DAG ?
Yes, you can mix them. But, try to keep the same CUs between both Exchange Server versions. If you keep a couple of weeks difference between the CUs, it’s okay. Just don’t keep that for the long term. In your case, both will be on Exchange Server 2016 CU22.
Read more: Install Exchange Server Cumulative Update.
What isn’t possible is to have different Exchange Server releases in a DAG. For example, Exchange Server 2016 and Exchange Server 2019 can’t be in a DAG setup.
Thanks a lot for your support.
I am running on the following issue: Event ID 1564 even through the replication is working fine.
File share witness resource ‘File Share Witness (\\fs.domain.com\DAG2019.domain.com)’ failed to arbitrate for the file share ‘\\fs.domain.com\DAG2019.domain.com’. Please ensure that file share ‘\\fs.domain.com\DAG2019.domain.com’ exists and is accessible by the cluster.
Since, we are using an IP less, it is hard to identify if the witness file is up or not, from every server tried to access the file server and it is working fine.
Did all by your guide, but in failover cluster snap got error:
Cluster network name resource ‘Cluster Name’ cannot be brought online. Ensure that the network adapters for dependent IP address resources have access to at least one DNS server. Alternatively, enable NetBIOS for dependent IP addresses.
I have completed everything as per your description. There were no errors during coping.
Database status on the second server passive healthy but after switching to the second server it is not possible to connect to any mailbox in the server.
That doesn’t sound right.
Ensure that you follow the course Exchange Server high availability.
Why did you configure the witness folder on the local exchange server?
Isn’t it better to configure the witness folder in a shared folder?
Thanks for your advice
I did configure the witness server on the FS01-2016, which is the fileserver.
The name of the DAG is DAG01-2016.
Don’t configure the witness folder on the Exchange Server.
What should I do at the step of adding servers to the DAG, if my exchange only sees itself? It doesn’t see my other server in the network?