Microsoft KB Archive/914255

= How to use the Remonitor tool to clear the cache for the routing engine in an Exchange Server 2003 organization or in an Exchange 2000 Server organization =

Article ID: 914255

Article Last Modified on 11/27/2007

-

APPLIES TO


 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition
 * Microsoft Exchange 2000 Enterprise Server
 * Microsoft Exchange 2000 Server Standard Edition

-





SUMMARY
''Microsoft Exchange Server 2003 and Microsoft Exchange 2000 Server use routing groups to provide messaging services in an organization. Therefore, when you experience message delivery issues, one of the critical areas that you must troubleshoot is the communication failure between routing groups.

If you do experience messaging delivery issues, you can use the Winroute tool to start troubleshooting the issues. If the following text entry is adjacent to a deleted routing group, it indicates a routing entry that has not been flushed from the routing engine cache:''

[object_not_found_in_DS]

After you use the Winroute tool, you can use the Remonitor tool (Remonitor.exe) to further troubleshoot messaging delivery issues. This article describes how to use the Remonitor tool in this scenario.



INTRODUCTION
Microsoft has released the Remonitor tool to clear the cache for the routing engine. The Remonitor tool lets you fix problems with stale routes without having to shut down and restart all Microsoft Exchange servers at the same time. In the versions of Microsoft Exchange Server that are earlier than Exchange 2000 Server, you had to shutdown and restart all the Exchange servers at the same time to force concurrent destruction of the Organization object from inside the Reapi.dll file on all the Exchange servers in the organization.

Important We recommend that you run the Remonitor tool under the guidance and supervision of Product Support Services (PSS).



The Remonitor tool
The Remonitor tool performs the following two main functions:
 * Monitors the change in a routing packet on a given Exchange server.
 * Injects a custom built routing packet on an Exchange server to reduce the footprint of a deleted routing group.

Injection mode
The Injection mode of the Remonitor tool lets you inject a packet that removes the deleted server and the connector containers. After you inject a packet that removes the deleted server and the connector containers, the following risks are reduced:
 * The chance of routing to a deleted container is eliminated.
 * The size of the packet is greatly reduced.
 * Zombie connector entries that are in a deleted routing group that can cause misrouting or delayed delivery are eliminated.

The Remonitor tool automatically works on Exchange Server 2003. However, the Remonitor tool can work on Exchange 2000 Server if the required user rights are granted in the Monitor mode or in the Injection mode. The Remonitor tool performs the following actions on all routing groups:
 * Examines all routing groups.
 * Identifies the deleted routing groups.
 * Injects a version of a routing packet that does not include the deleted server and connector pair.

The injected version of the packet's major and minor version entries is increased by one. This behavior occurs to prevent the package from being overridden. Additionally, the injected packet will have the &quot;deleted&quot; keyword in its routing group address. This behavior prevents the Remonitor tool from injecting against already inject-processed entries.

Finally, the Remonitor tool will modify the routing group address triplet to include the “deleted” keyword. Therefore, the Remonitor tool can detect entries that are already modified and will ignore these entries in future injections.

How to obtain the Remonitor tool
You can obtain the Remonitor tool from Microsoft Product Support Services (PSS). To contact PSS, click the following link:

http://support.microsoft.com/common/international.aspx?rdpath=dm;en-us;select&target=assistance

Additionally, click &quot;Microsoft Support and Consulting Services&quot; on the following Web page:

http://support.microsoft.com/default.aspx

Where to install the Remonitor tool
You must copy the Remonitor tool to the following directory:

Drive_Letter\Exchsrvr\bin

How to run the Remonitor tool in Inject mode as a local system account
Important Because Exchange Routing Services uses mutual authentication and runs under the local system account, you cannot inject packets against the same server from which you run the Remonitor tool.

You must run the Remonitor tool only after sufficient time has passed since you deleted the last routing group. This provides time for the deletion to be reflected to all domain controllers and to prevent false positives. In case the Remonitor tool deletes a legitimate routing group, you can recover the routing group by recycling the routing service of the routing master server.

For more information about how to run the Remonitor tool as a local system account, view the following document on the Microsoft Technet Web site:

http://technet.microsoft.com/en-us/library/4b102ebd-c5c1-4440-8e35-04f4945fac86.aspx

How to use Remonitor tool in Exchange Server 2003
This section provides information about how to use the Remonitor tool to monitor or inject packets in Exchange Server 2003.

How to monitor in Exchange Server 2003
To run the Remonitor tool in Exchange Server 2003, you must be logged on with an account that has the ADS_RIGHT_ACTRL_DS_LIST rights. Typically, this is the Domain Administrator account.

How to use the Injection mode in Exchange Server 2003
Note The steps in this section describe how to start the Remonitor tool directly from a server that is running Exchange Server 2003. Additionally, this section describes how to inject packets against a remote server that is running Exchange 2000 Server or against a remote server that is running Exchange Server 2003.

To inject packets, you must be logged on an account that has Send As user rights in Exchange Server 2003 or in Exchange 2000 Server. Therefore, we recommend that you run under the local system account. To open a command prompt under the local system account, follow these steps:
 * 1) Click Start, click Run, type cmd in the Open box, and then press OK.
 * 2) At the command prompt, type at 5:55 /interactive cmd.exe . This adds a new task to the server’s scheduled tasks list.
 * 3) Click Start, click Control Panel, and then double-click Scheduled Tasks.
 * 4) Locate the new task that you just created, right-click the task, and then click Run. This starts a new Command Prompt window under the local system account.
 * 5) In this Command Prompt window, move to the Exchsrvr\bin directory to run the Remonitor tool.

How to use Remonitor in Exchange 2000 Server
This section provides information about how to use the Remonitor tool to monitor or to inject packets in Exchange 2000 Server.

How to monitor in Exchange 2000 Server
To monitor in a server that is running Exchange 2000 Server, you do not have to run under an account that has special user rights because there is no access checks for the debug request in Exchange 2000 Server. You can type Remonitor at a command prompt to display detailed parameter usage for both the Monitor and Injection modes by moving to the directory on which you copied the Remonitor files. By default, the Remonitor tool displays the monitoring results to the screen.

How to use the Injection mode in Exchange 2000 Server
Note The following steps describe how to start the Remonitor tool directly from a server that is running Exchange 2000 Server. Additionally, the steps describe how to inject packets against a remote server that is running Exchange 2000 Server or a remote server that is running Exchange Server 2003.

To prepare to run the Remonitor tool from a server that is running Exchange 2000 Server, follow these steps:  Create a separate directory, for example Remon2003, and then copy all the required binaries together with Remonitor.exe to this directory.

The following is a list of the required binaries files:  the Exchmem.dll file the Gwart.dll file the Reapi.dll file the REMonitor.exe file</ul>

These .dll files are required because these are the .dll files for which the export signature has changed in Exchange Server 2003. You should obtain these binaries together with the Remonitor tool from PSS.</li> Add the bin folder to the operating system path. To do this, follow these steps: <ol style="list-style-type: lower-alpha;"> Click Start, click Control Panel, and then double-click System.</li> Click the Advanced tab, and then click Environment Variables.</li> In the System variables box, click Path, and then click Edit.</li> Move to the end of the existing string, and then type a semi-colon followed by the required path. For example, type the following:

;Drive_letter:\Program Files\Exchsrvr\bin

</li> Click OK three times. You may have to restart the computer to enable this change.</li></ol> </li> Run the Remonitor tool on the server that is running Exchange 2000 Server. To do this, follow these steps: <ol style="list-style-type: lower-alpha;"> Click Start, click Run, type cmd in the Open box, and then press OK.</li> At the command prompt, type at 5:55 /interactive cmd.exe. This adds a new task to the server’s scheduled tasks list.</li> Click Start, click Control Panel, and then double-click Scheduled Tasks.</li> Locate the new task that you just created.</li> Right-click the task, and then click Run. This opens a new Command Prompt window under the local system account.</li> In this Command Prompt window, move to the directory that you created in step 1, and then run the Remonitor tool.</li></ol> </li></ol>

Injection mode: Step-by-step example
In the following example, there is one deleted group that contains two servers and connectors. Roughly, the size of the deleted routing group object is 1200 bytes. Use the Winroute tool to view routing group information.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

281382 How to use the WinRoute tool

The following is a Winroute Snapshot of the example environment:



Now, run the Remonitor tool in Injection mode as described in the &quot;How to use the Injection mode in Exchange 2000 Server&quot; section and in the &quot;How to use the Injection mode in Exchange Server 2003&quot; section. You see that the Remonitor tool detects one deleted routing group entry out of the total of two entries. The following figure is an example of the information that appears:



After you run the Remonitor tool in the Injection mode, the deleted routing group object is removed. Additionally, the following state is achieved:
 * The deleted objects are removed from both the server and the connector containers
 * The routing group address triplet under RG Addresses is replaced with the &quot;deleted&quot; keyword.
 * The major version of the deleted entry is increased by one. In our example, it is increased from three to four.

The final processed entry has a fixed size of approximately 280 bytes. In this example, the deleted entry size is reduced by 77 percent (%). The reduction is larger when there are more servers and connectors in the deleted routing group. The following is a Winroute Snapshot of the routing groups after you run the Remonitor tool in the Injection mode:



Finally, the Remonitor tool can detect already injected entries. If you run the Remonitor tool again in Injection mode, the tool will detect previously processed entries. These entries are skipped. If injection is not needed, the Remonitor tool will exit passively, as in the following figure:



Frequently asked questions
Q 1: Do we have to run the Remonitor tool on each server in the organization individually?

A 1: Injection is propagated by routing. Therefore, you must run the Remonitor tool against only one server that is correctly running the routing services.

Q 2: After the Remonitor tool is run one time, will the tool stop the future occurrence of the [Routing groups not found in DS] object error whenever an existing routing group is deleted?

A 2: If you delete a routing group after you run the Remonitor tool, you have to run the tool again to empty the newly deleted item.

Q 3: Will the Remonitor tool cleanup the Winroute view completely?

A 3: The [Routing groups not found in DS] object will still appear in the Winroute tool. To clear this view in the Winroute tool, a separate fix for the Winroute tool is required. If you want to completely clear the view in the Winroute tool, you still have to shutdown and restart all the servers that are running Exchange Server 2003 and Exchange 2000 Server at the same time. However, the footprint of the injected packet is around 280 bytes. This insignificant size makes the restarting of servers unnecessary.

Q 4: Can the Remonitor tool inject packets on the local computer?

A 4: The Exchange routing service uses mutual authentication. Additionally, it runs under the local system account. Therefore, you cannot inject on the local computer. This behavior is by design. If you have to inject on the local computer, you can try to run the Remonitor tool under an account that has the Send As user right.

Q 5: Where can I find the scheduled tasks?

A 5: To find the scheduled tasks, click Start, point to All Programs, click Accessories, point to System Tools, and then click Scheduled Tasks.

Q 6: How can I obtain help about the Remonitor tool?

A 6: You can obtain help on the Remonitor tool. To do this, move to the Exchsrvr\bin directory, and then type the following command:

Remonitor

'''Q 7: Can the Remonitor tool inject packets between two different routing groups? For example, when the source server that is running the Remonitor tool is in one routing group and the target server is in another routing group.'''

A 7: Yes, the Remonitor tool can inject packets across routing groups. But if there is a firewall blocking port 691 or if a connection cannot be made to port 691 for other reasons, packets cannot be injected. In this case, you will experience other serious routing issues.

Q 8: Can the Remonitor tool work between cluster nodes or from a stand-alone Exchange server to a cluster node, or vice versa?

A 8: The Remonitor tool will work in all these scenarios.

Q 9: Will the Remonitor tool injection feature work from a Terminal Services or from a Remote Control session?

A 9: If the Remonitor tool is started through a Terminal Services or a Remote Control session, the account will not be a local system account. Therefore, the Remonitor tool will not work. This behavior occurs because the AT command requires the Console mode. The Console mode is not possible in a typical Terminal Services session. However, you can start the Terminal Services session in Console mode in Microsoft Windows Server 2003 or on Microsoft Windows XP. To do this, use the following command at a command prompt:

mstsc -v:servername /F –console

In this command, the placeholder mstsc is the Remote Desktop connection executable file, the placeholder -v:servername indicates the server to connect to, the placeholder /F indicates Full-Screen mode, and the placeholder -console is the instruction to connect to the Remote Console session.

You can obtain more help on the Remote Desktop connection command by typing the following command at the command prompt:

mstsc /?

Note You cannot use this command in Microsoft Windows 2000.

For more information about the Mstsc command, click the following article numbers to view the articles in the Microsoft Knowledge Base:

278845 How to connect to and shadow the console session with Windows Server 2003 Terminal Services

311926 You cannot use Mstsc.exe with the /CONSOLE switch to connect to a console session on a Windows 2000 Server-based computer

Additional query words: XADM

Keywords: kbhowto KB914255

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.