Solved

Failure Audit for Exchange 2003

Posted on 2003-11-25
11
372 Views
Last Modified: 2010-04-11
I have the following failure audit posted in our security event log every minute after adding Exchange 2003 to our domain:

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Directory Service Access
Event ID:      565
Date:            11/25/2003
Time:            8:12:15 AM
User:            NSI\NSI-EXCHANGE$
Computer:      NSISERV
Description:
Object Open:
       Object Server:      DS
       Object Type:      configuration
       Object Name:      CN=Configuration,DC=nsi,DC=local
       New Handle ID:      -
       Operation ID:      {0,54801911}
       Process ID:      296
       Primary User Name:      NSISERV$
       Primary Domain:      NSI
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      NSI-EXCHANGE$
       Client Domain:      NSI
       Client Logon ID:      (0x0,0x36D88)
       Accesses            Control Access
                  
       Privileges            -

 Properties:
DELETE
READ_CONTROL
WRITE_OWNER
ACCESS_SYS_SEC
MAX_ALLOWED
%%7691
%%7692
%%7693
            Manage Replication Topology

Cannot find anything matching on Microsoft KB.  Any ideas?

Thank you!
Jonathan

 
0
Comment
Question by:jmatt001
  • 3
  • 3
  • 2
  • +1
11 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9818649
is an older Exchange  running on a DC that is acting as a global catalogue server?
see http://support.microsoft.com/default.aspx?scid=kb;en-us;822569
0
 

Author Comment

by:jmatt001
ID: 9819046
No, this is the only Exchange server in the domain.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9819091
looks like NSI\NSI-EXCHANGE$
doesn't have proper access to AD... is NSI\NSI-EXCHANGE$ a DC?

have you run addiag?

http://www.tburke.net/info/reskittools/topics/addiag.htm
0
 

Author Comment

by:jmatt001
ID: 9819198
NSI-EXCHANGE$ is a member server but not a DC.

Have not run addiag.  Not familiar with it.

Thanks
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:jmatt001
ID: 9824539
chicagoan,

I have researched addiag.exe.  Could you give me a little background on your suggestion to run it?  Would I run it on the Exchange server or our DC?  What would I be looking for?

Thanks!
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9824753
I'm sorry - it was late

dcdiag
http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/dcdiag-o.asp

DCDiag is command-line tool which analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, DCDiag encapsulates detailed knowledge of how to identify abnormal behavior in the system.


0
 

Expert Comment

by:3des_stang
ID: 11326599
This is how I solved the issue.  Open ADSI edit (make sure you have the configuration container in the mmc) you can get this from the support tools for win2k.  in ADSI edit open the "Configuration Container" ( if you do not see this you need to install the support tools version.  On the first sub menu of the configuration container right click and go to properties click on security tab.  I just added the group "Exchange Enterprise Servers" and gave them "manage replication topology" rights.  Hope that helps.
0
 

Expert Comment

by:3des_stang
ID: 13028676
After doing a lot of research on this error message my self this is the correct answer to this problem.  It would be nice to keep it posted for anyone else who experiences this issue.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 13061697
PAQed with no points refunded (of 250)

modulo
Community Support Moderator
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Folder NTFS Permissions 14 91
Restrict RDP Remote Access through SonicWall 3 95
PCI Compliance Free scan 2 74
PCI Compliance with TLS 1.0 - all systems required 21 63
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now