Failure Audit for Exchange 2003

I have the following failure audit posted in our security event log every minute after adding Exchange 2003 to our domain:

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Directory Service Access
Event ID:      565
Date:            11/25/2003
Time:            8:12:15 AM
User:            NSI\NSI-EXCHANGE$
Computer:      NSISERV
Description:
Object Open:
       Object Server:      DS
       Object Type:      configuration
       Object Name:      CN=Configuration,DC=nsi,DC=local
       New Handle ID:      -
       Operation ID:      {0,54801911}
       Process ID:      296
       Primary User Name:      NSISERV$
       Primary Domain:      NSI
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      NSI-EXCHANGE$
       Client Domain:      NSI
       Client Logon ID:      (0x0,0x36D88)
       Accesses            Control Access
                  
       Privileges            -

 Properties:
DELETE
READ_CONTROL
WRITE_OWNER
ACCESS_SYS_SEC
MAX_ALLOWED
%%7691
%%7692
%%7693
            Manage Replication Topology

Cannot find anything matching on Microsoft KB.  Any ideas?

Thank you!
Jonathan

 
jmatt001Asked:
Who is Participating?
 
moduloCommented:
PAQed with no points refunded (of 250)

modulo
Community Support Moderator
0
 
chicagoanCommented:
is an older Exchange  running on a DC that is acting as a global catalogue server?
see http://support.microsoft.com/default.aspx?scid=kb;en-us;822569
0
 
jmatt001Author Commented:
No, this is the only Exchange server in the domain.
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
chicagoanCommented:
looks like NSI\NSI-EXCHANGE$
doesn't have proper access to AD... is NSI\NSI-EXCHANGE$ a DC?

have you run addiag?

http://www.tburke.net/info/reskittools/topics/addiag.htm
0
 
jmatt001Author Commented:
NSI-EXCHANGE$ is a member server but not a DC.

Have not run addiag.  Not familiar with it.

Thanks
0
 
jmatt001Author Commented:
chicagoan,

I have researched addiag.exe.  Could you give me a little background on your suggestion to run it?  Would I run it on the Exchange server or our DC?  What would I be looking for?

Thanks!
0
 
chicagoanCommented:
I'm sorry - it was late

dcdiag
http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/dcdiag-o.asp

DCDiag is command-line tool which analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, DCDiag encapsulates detailed knowledge of how to identify abnormal behavior in the system.


0
 
3des_stangCommented:
This is how I solved the issue.  Open ADSI edit (make sure you have the configuration container in the mmc) you can get this from the support tools for win2k.  in ADSI edit open the "Configuration Container" ( if you do not see this you need to install the support tools version.  On the first sub menu of the configuration container right click and go to properties click on security tab.  I just added the group "Exchange Enterprise Servers" and gave them "manage replication topology" rights.  Hope that helps.
0
 
3des_stangCommented:
After doing a lot of research on this error message my self this is the correct answer to this problem.  It would be nice to keep it posted for anyone else who experiences this issue.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.