Solved

Failure Audit for Exchange 2003

Posted on 2003-11-25
11
375 Views
Last Modified: 2010-04-11
I have the following failure audit posted in our security event log every minute after adding Exchange 2003 to our domain:

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Directory Service Access
Event ID:      565
Date:            11/25/2003
Time:            8:12:15 AM
User:            NSI\NSI-EXCHANGE$
Computer:      NSISERV
Description:
Object Open:
       Object Server:      DS
       Object Type:      configuration
       Object Name:      CN=Configuration,DC=nsi,DC=local
       New Handle ID:      -
       Operation ID:      {0,54801911}
       Process ID:      296
       Primary User Name:      NSISERV$
       Primary Domain:      NSI
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      NSI-EXCHANGE$
       Client Domain:      NSI
       Client Logon ID:      (0x0,0x36D88)
       Accesses            Control Access
                  
       Privileges            -

 Properties:
DELETE
READ_CONTROL
WRITE_OWNER
ACCESS_SYS_SEC
MAX_ALLOWED
%%7691
%%7692
%%7693
            Manage Replication Topology

Cannot find anything matching on Microsoft KB.  Any ideas?

Thank you!
Jonathan

 
0
Comment
Question by:jmatt001
  • 3
  • 3
  • 2
  • +1
11 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9818649
is an older Exchange  running on a DC that is acting as a global catalogue server?
see http://support.microsoft.com/default.aspx?scid=kb;en-us;822569
0
 

Author Comment

by:jmatt001
ID: 9819046
No, this is the only Exchange server in the domain.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9819091
looks like NSI\NSI-EXCHANGE$
doesn't have proper access to AD... is NSI\NSI-EXCHANGE$ a DC?

have you run addiag?

http://www.tburke.net/info/reskittools/topics/addiag.htm
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:jmatt001
ID: 9819198
NSI-EXCHANGE$ is a member server but not a DC.

Have not run addiag.  Not familiar with it.

Thanks
0
 

Author Comment

by:jmatt001
ID: 9824539
chicagoan,

I have researched addiag.exe.  Could you give me a little background on your suggestion to run it?  Would I run it on the Exchange server or our DC?  What would I be looking for?

Thanks!
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9824753
I'm sorry - it was late

dcdiag
http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/dcdiag-o.asp

DCDiag is command-line tool which analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, DCDiag encapsulates detailed knowledge of how to identify abnormal behavior in the system.


0
 

Expert Comment

by:3des_stang
ID: 11326599
This is how I solved the issue.  Open ADSI edit (make sure you have the configuration container in the mmc) you can get this from the support tools for win2k.  in ADSI edit open the "Configuration Container" ( if you do not see this you need to install the support tools version.  On the first sub menu of the configuration container right click and go to properties click on security tab.  I just added the group "Exchange Enterprise Servers" and gave them "manage replication topology" rights.  Hope that helps.
0
 

Expert Comment

by:3des_stang
ID: 13028676
After doing a lot of research on this error message my self this is the correct answer to this problem.  It would be nice to keep it posted for anyone else who experiences this issue.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 13061697
PAQed with no points refunded (of 250)

modulo
Community Support Moderator
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question