How to use the Remonitor tool to clear the cache for the routing engine in an Exchange Server 2003 organization or in an Exchange 2000 Server organization

Microsoft has released the Remonitor tool to clear the cache for the routing engine. The Remonitor tool lets you fix problems with stale routes without having to shut down and restart all Microsoft Exchange servers at the same time. In the versions of Microsoft Exchange Server that are earlier than Exchange 2000 Server, you had to shutdown and restart all the Exchange servers at the same time to force concurrent destruction of the Organization object from inside the Reapi.dll file on all the Exchange servers in the organization.

Important We recommend that you run the Remonitor tool under the guidance and supervision of Product Support Services (PSS).

The Remonitor tool

The Remonitor tool performs the following two main functions:

• Monitors the change in a routing packet on a given Exchange server.
• Injects a custom built routing packet on an Exchange server to reduce the footprint of a deleted routing group.

Injection mode

The Injection mode of the Remonitor tool lets you inject a packet that removes the deleted server and the connector containers. After you inject a packet that removes the deleted server and the connector containers, the following risks are reduced:

• The chance of routing to a deleted container is eliminated.
• The size of the packet is greatly reduced.
• Zombie connector entries that are in a deleted routing group that can cause misrouting or delayed delivery are eliminated.

The Remonitor tool automatically works on Exchange Server 2003. However, the Remonitor tool can work on Exchange 2000 Server if the required user rights are granted in the Monitor mode or in the Injection mode. The Remonitor tool performs the following actions on all routing groups:

• Examines all routing groups.
• Identifies the deleted routing groups.
• Injects a version of a routing packet that does not include the deleted server and connector pair.

The injected version of the packet's major and minor version entries is increased by one. This behavior occurs to prevent the package from being overridden. Additionally, the injected packet will have the "deleted" keyword in its routing group address. This behavior prevents the Remonitor tool from injecting against already inject-processed entries.

Finally, the Remonitor tool will modify the routing group address triplet to include the �deleted� keyword. Therefore, the Remonitor tool can detect entries that are already modified and will ignore these entries in future injections.

How to obtain the Remonitor tool

You can obtain the Remonitor tool from Microsoft Product Support Services (PSS). To contact PSS, click the following link:Additionally, click "Microsoft Support and Consulting Services" on the following Web page:

Where to install the Remonitor tool

You must copy the Remonitor tool to the following directory:

How to run the Remonitor tool in Inject mode as a local system account

Important Because Exchange Routing Services uses mutual authentication and runs under the local system account, you cannot inject packets against the same server from which you run the Remonitor tool.

You must run the Remonitor tool only after sufficient time has passed since you deleted the last routing group. This provides time for the deletion to be reflected to all domain controllers and to prevent false positives. In case the Remonitor tool deletes a legitimate routing group, you can recover the routing group by recycling the routing service of the routing master server.

For more information about how to run the Remonitor tool as a local system account, view the following document on the Microsoft Technet Web site:

How to use Remonitor tool in Exchange Server 2003

This section provides information about how to use the Remonitor tool to monitor or inject packets in Exchange Server 2003.

How to monitor in Exchange Server 2003

To run the Remonitor tool in Exchange Server 2003, you must be logged on with an account that has the ADS_RIGHT_ACTRL_DS_LIST rights. Typically, this is the Domain Administrator account.

How to use the Injection mode in Exchange Server 2003

Note The steps in this section describe how to start the Remonitor tool directly from a server that is running Exchange Server 2003. Additionally, this section describes how to inject packets against a remote server that is running Exchange 2000 Server or against a remote server that is running Exchange Server 2003.

To inject packets, you must be logged on an account that has Send As user rights in Exchange Server 2003 or in Exchange 2000 Server. Therefore, we recommend that you run under the local system account. To open a command prompt under the local system account, follow these steps:

1. Click Start, click Run, type cmd in the Open box, and then press OK.
2. At the command prompt, type at 5:55 /interactive cmd.exe. This adds a new task to the server�s scheduled tasks list.
3. Click Start, click Control Panel, and then double-click Scheduled Tasks.
4. Locate the new task that you just created, right-click the task, and then click Run. This starts a new Command Prompt window under the local system account.
5. In this Command Prompt window, move to the Exchsrvr\bin directory to run the Remonitor tool.

How to use Remonitor in Exchange 2000 Server

This section provides information about how to use the Remonitor tool to monitor or to inject packets in Exchange 2000 Server.

How to monitor in Exchange 2000 Server

To monitor in a server that is running Exchange 2000 Server, you do not have to run under an account that has special user rights because there is no access checks for the debug request in Exchange 2000 Server. You can type Remonitor at a command prompt to display detailed parameter usage for both the Monitor and Injection modes by moving to the directory on which you copied the Remonitor files. By default, the Remonitor tool displays the monitoring results to the screen.

How to use the Injection mode in Exchange 2000 Server

Note The following steps describe how to start the Remonitor tool directly from a server that is running Exchange 2000 Server. Additionally, the steps describe how to inject packets against a remote server that is running Exchange 2000 Server or a remote server that is running Exchange Server 2003.

To prepare to run the Remonitor tool from a server that is running Exchange 2000 Server, follow these steps:

1. Create a separate directory, for example Remon2003, and then copy all the required binaries together with Remonitor.exe to this directory.
   
   The following is a list of the required binaries files:
   • the Exchmem.dll file
   • the Gwart.dll file
   • the Reapi.dll file
   • the REMonitor.exe file
   These .dll files are required because these are the .dll files for which the export signature has changed in Exchange Server 2003. You should obtain these binaries together with the Remonitor tool from PSS.
2. Add the bin folder to the operating system path. To do this, follow these steps:
   1. Click Start, click Control Panel, and then double-click System.
   2. Click the Advanced tab, and then click Environment Variables.
   3. In the System variables box, click Path, and then click Edit.
   4. Move to the end of the existing string, and then type a semi-colon followed by the required path. For example, type the following:
      ;Drive_letter:\Program Files\Exchsrvr\bin
   5. Click OK three times. You may have to restart the computer to enable this change.
3. Run the Remonitor tool on the server that is running Exchange 2000 Server. To do this, follow these steps:
   1. Click Start, click Run, type cmd in the Open box, and then press OK.
   2. At the command prompt, type at 5:55 /interactive cmd.exe. This adds a new task to the server�s scheduled tasks list.
   3. Click Start, click Control Panel, and then double-click Scheduled Tasks.
   4. Locate the new task that you just created.
   5. Right-click the task, and then click Run. This opens a new Command Prompt window under the local system account.
   6. In this Command Prompt window, move to the directory that you created in step 1, and then run the Remonitor tool.

Injection mode: Step-by-step example

In the following example, there is one deleted group that contains two servers and connectors. Roughly, the size of the deleted routing group object is 1200 bytes. Use the Winroute tool to view routing group information.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:
The following is a Winroute Snapshot of the example environment:Now, run the Remonitor tool in Injection mode as described in the "How to use the Injection mode in Exchange 2000 Server" section and in the "How to use the Injection mode in Exchange Server 2003" section. You see that the Remonitor tool detects one deleted routing group entry out of the total of two entries. The following figure is an example of the information that appears: After you run the Remonitor tool in the Injection mode, the deleted routing group object is removed. Additionally, the following state is achieved:

• The deleted objects are removed from both the server and the connector containers
• The routing group address triplet under RG Addresses is replaced with the "deleted" keyword.
• The major version of the deleted entry is increased by one. In our example, it is increased from three to four.

The final processed entry has a fixed size of approximately 280 bytes. In this example, the deleted entry size is reduced by 77 percent (%). The reduction is larger when there are more servers and connectors in the deleted routing group. The following is a Winroute Snapshot of the routing groups after you run the Remonitor tool in the Injection mode: Finally, the Remonitor tool can detect already injected entries. If you run the Remonitor tool again in Injection mode, the tool will detect previously processed entries. These entries are skipped. If injection is not needed, the Remonitor tool will exit passively, as in the following figure:

Frequently asked questions

Q 1: Do we have to run the Remonitor tool on each server in the organization individually?

A 1: Injection is propagated by routing. Therefore, you must run the Remonitor tool against only one server that is correctly running the routing services.

Q 2: After the Remonitor tool is run one time, will the tool stop the future occurrence of the [Routing groups not found in DS] object error whenever an existing routing group is deleted?

A 2: If you delete a routing group after you run the Remonitor tool, you have to run the tool again to empty the newly deleted item.

Q 3: Will the Remonitor tool cleanup the Winroute view completely?

A 3: The [Routing groups not found in DS] object will still appear in the Winroute tool. To clear this view in the Winroute tool, a separate fix for the Winroute tool is required. If you want to completely clear the view in the Winroute tool, you still have to shutdown and restart all the servers that are running Exchange Server 2003 and Exchange 2000 Server at the same time. However, the footprint of the injected packet is around 280 bytes. This insignificant size makes the restarting of servers unnecessary.

Q 4: Can the Remonitor tool inject packets on the local computer?

A 4: The Exchange routing service uses mutual authentication. Additionally, it runs under the local system account. Therefore, you cannot inject on the local computer. This behavior is by design. If you have to inject on the local computer, you can try to run the Remonitor tool under an account that has the Send As user right.

Q 5: Where can I find the scheduled tasks?

A 5: To find the scheduled tasks, click Start, point to All Programs, click Accessories, point to System Tools, and then click Scheduled Tasks.

Q 6: How can I obtain help about the Remonitor tool?

A 6: You can obtain help on the Remonitor tool. To do this, move to the Exchsrvr\bin directory, and then type the following command:Q 7: Can the Remonitor tool inject packets between two different routing groups? For example, when the source server that is running the Remonitor tool is in one routing group and the target server is in another routing group.

A 7: Yes, the Remonitor tool can inject packets across routing groups. But if there is a firewall blocking port 691 or if a connection cannot be made to port 691 for other reasons, packets cannot be injected. In this case, you will experience other serious routing issues.

Q 8: Can the Remonitor tool work between cluster nodes or from a stand-alone Exchange server to a cluster node, or vice versa?

A 8: The Remonitor tool will work in all these scenarios.

Q 9: Will the Remonitor tool injection feature work from a Terminal Services or from a Remote Control session?

A 9: If the Remonitor tool is started through a Terminal Services or a Remote Control session, the account will not be a local system account. Therefore, the Remonitor tool will not work. This behavior occurs because the AT command requires the Console mode. The Console mode is not possible in a typical Terminal Services session. However, you can start the Terminal Services session in Console mode in Microsoft Windows Server 2003 or on Microsoft Windows XP. To do this, use the following command at a command prompt: In this command, the placeholder mstsc is the Remote Desktop connection executable file, the placeholder -v:servername indicates the server to connect to, the placeholder /F indicates Full-Screen mode, and the placeholder -console is the instruction to connect to the Remote Console session.

You can obtain more help on the Remote Desktop connection command by typing the following command at the command prompt:Note You cannot use this command in Microsoft Windows 2000.

For more information about the Mstsc command, click the following article numbers to view the articles in the Microsoft Knowledge Base: