As many of you might know, Active Directory and Exchange as time sensitive. This means that if time is behind by 5 min or more or ahead, this messes with Exchange.
If you see Event ID 1035 as shown below, the error actually tells you there is a time problem:
There are a few places you need to check where the time is out:
- The actual Exchange Servers
- The domain controllers
- The underlying hypervisors, either Hyper-V or VMWare.
In this scenario, the client had a host that was ahead of time and checking the application log files showed events ahead of time. Checking the time from command prompt using the command: “net time”, showed the DC it was talking to and the time was correct.
Once you fix the time issue, the errors should stop. One thing we noticed with time being ahead is that you cannot setup an Outlook Profile yet OWA works and you get a certificate warning when launching Outlook.
Hope it helps.