How to Configure Witness Server in Exchange 2016 & 2013
This write up is going to teach you how to configure Witness Server in Exchange 2016 or 2013. In this article we will learn brief about witness server too. So Lets proceed..
What is Witness Server?
As you might know that the witness server is used for high availability and site resilience in a Database Availability Group (DAG). It helps exchange server for managing user requests in a DAG among nodes of two different Exchange servers. In a big organization, Exchange server is installed in a DAG for good manageability and high availability.
Best Practices to Set up Witness Server in Exchange
The new Microsoft recommendations for placing Witness Servers in Exchange 2013 and later are as follows.
| Deployment Scenario | Recommendations | Reason |
| One DAG in a Single Datacenter | Put witness server and DAG members in the same datacenter. | – For low latency and high availability.
– As the witness server is close to the DAG members no additional site is needed. – Every resource becomes localized. |
| One DAG Across Two Datacenters | 1. Put the witness server in Microsoft Azure (virtual network).
2. Keep the witness server in the primary datacenter. |
– Azure allows geographic isolation with automatic failover capability.
– Whereas the primary datacenter simplifies operations and maintains quorum even when a third site is unavailable. |
| Multiple DAGs in One Datacenter | 1. Allow the witness server to exist in the same datacenter as DAG members.
2. Use the same witness server for every DAG. 3. Make one main DAG member as a witness server for another DAG. |
– Centralizes witness placement, simplifying infrastructure.
– Reduces resource usage while maintaining high availability. – Suitable for localized deployments. |
| Multiple DAGs Across Two Datacenters | 1. Place the witness server in Microsoft Azure (virtual network).
2. Place it in the primary datacenter for each DAG. |
– Azure adds resilience through isolation and automatic failover capability.
– Primary datacenter ensures quorum for that specific DAG during partial failures. |
| One or More DAGs Across More than Two Datacenters | Put the witness server in the datacenter where the majority of quorum votes should exist. | – Retains majority of votes to avoid quorum loss.
– Also ensures continuity of service in case of failure. |
| Using a Third Location (optional) | Use a third location (physical or virtual) such as Microsoft Azure or an isolated branch office. | – Provides geographic independence
– Minimize outage risk with support for automatic failover. |
Importance of Witness Server
If you are going to install at least two different datacenters then you must configure one witness server. Lets discuss about importance of witness server in more detail.
Suppose there are ten exchange server nodes are installed in a DAG. In which five nodes are installed on datacenter 1 and five other nodes are installed on datacenter 2. datacenter 1 is the primary where all databases are active at datacenter 2 there are mirror image of site 1 database.
Lets assume that the connection between datacenter 1 and datacenter 2 is not available cause of an issue. Issue could be any disaster or anything else. The fault percentage will be 50 % because the half nodes are not online and the server will disconnect all mailboxes and like this Site A will also be unavailable.
But when File Share Witness (FSW) will be available in datacenter 1 then FSW will also be considered as an another node. And if there is no connection available between both sites then the site which have more number of nodes are Online will be available. In disconnected case datacenter 1 will have six nodes including FSW and datacenter 2 will have five nodes. Therefore all mailboxes of datacenter 2 will be disconnected.
Witness server is useful when there are even number of exchange servers are installed in a DAG. According to above defined scenario witness server provides failover clustering and help to remain at least one datacenter active at any cost.
Preconfiguration for Witness Server Installation
Before going to install and configure Witness Server in Exchange 2016 DAG, first go through the windows firewall setting and check whether your computer is connected to the domain or not. If already connected then all is okay other wise you have to connect your computer to domain first.
This is not much different from the steps used to delete orphaned mailboxes in Exchange 2010 edition.
Now go to Add Roles and Features Wizard to install one server role. Therefore select File Server under File and Storage Services and complete the installation process.
After Installation of file server role add Exchange Trusted Subsystems Group to local Administrator. You just need to go to computer management and then in left panel expand Local Users and Groups and then click on groups. Now in result pane at middle select Administrators and add new group of Exchange Trusted Subsystems.
Configure Witness Server in Exchange 2016 with EAC and PowerShell
To create and configure new witness server in Exchange 2016 or 2013 there must be a shared folder related to it. Therefore first create a shared folder. Just go to C drive and create a folder (in my case folder name is abc). Then go to properties and make it shared.
After creation of shared folder, go through Exchange Admin Center (EAC) then click on Servers and then click on database availability groups. Now click on + sign and enter new Database Availability Group Name, Witness Server and Enter the location of Shared folder which you have created.
This was the GUI mode if you want more control over the process and have experience handling PowerShell scripts before the following cmdlets can help you a lot.
The Entire process can be broken down into 3 essential steps:
Step 1. First, Get the Current DG Witness
Using the Admin account, open a new instance of Exchange Management Shell (EMS).
Make sure you have the DAG name, Witness server, and the corresponding witness directory. Then type:
Get-DatabaseAvailabilityGroup -Identity <DAGName> -Status | ft Name, Witness*, Servers
Witness* here acts as a wildcard to fetch WitnessServer, WitnessDirectory, WitnessShareInUse.
Once you have the information, the next step is:
Step 2. Change DAG Witness Server and Witness Directory
To do this, type:
Set-DatabaseAvailabilityGroup -Identity <DAGName> -WitnessServer <WitnessServerName> -WitnessDirectory <WitnessDirectoryLocation>
Note: If you don’t get results right away and instead see a warning label, it means the firewall is preventing the query from running. You can disable it temporarily.
Finally,
Step 3. Verify the DAG Witness Server
Use the following cmdlet:
Get-DatabaseAvailabilityGroup -Identity <DAGName> -Status | ft Name, Witness*, Servers
Conclusion
In this article we have discussed about how to configure witness server in exchange 2016. We have also discussed about what is witness server? and the Importance and usage of witness server.
Tej Pratap Shukla
https://about.me/tejpratap