In my test lab I am running 1 DC and 2 Exchange servers. I wanted my DC to be my Witness server however after it failed with the following error:
- Warning: Specified witness server ‘DC01.extest.local’ is not an Exchange server, or part of the Exchange Servers security group.
Warning: Insufficient permissions to access file shares on witness server ‘DC01.test.com’ Until this problem is corrected, the database availability group may be more vulnerable to failures. You can use the Set-DatabaseAvailabilityGroup cmdlet to try the operation again. Error: Access is denied
The steps I had already taken was to Add the DC to the Exchange Trusted Subsystem Security Group in Active Directory. To fix this error you need to Add the Exchange Trusted Subsystem group to the Builtin\Administrators group of the domain, not best practise but this is a test lab.
Once this was complete the DAG created without error.
Hope it helps.