[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Failure Audit for Exchange 2003

Posted on 2003-11-25
11
Medium Priority
?
386 Views
Last Modified: 2010-04-11
I have the following failure audit posted in our security event log every minute after adding Exchange 2003 to our domain:

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Directory Service Access
Event ID:      565
Date:            11/25/2003
Time:            8:12:15 AM
User:            NSI\NSI-EXCHANGE$
Computer:      NSISERV
Description:
Object Open:
       Object Server:      DS
       Object Type:      configuration
       Object Name:      CN=Configuration,DC=nsi,DC=local
       New Handle ID:      -
       Operation ID:      {0,54801911}
       Process ID:      296
       Primary User Name:      NSISERV$
       Primary Domain:      NSI
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      NSI-EXCHANGE$
       Client Domain:      NSI
       Client Logon ID:      (0x0,0x36D88)
       Accesses            Control Access
                  
       Privileges            -

 Properties:
DELETE
READ_CONTROL
WRITE_OWNER
ACCESS_SYS_SEC
MAX_ALLOWED
%%7691
%%7692
%%7693
            Manage Replication Topology

Cannot find anything matching on Microsoft KB.  Any ideas?

Thank you!
Jonathan

 
0
Comment
Question by:jmatt001
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9818649
is an older Exchange  running on a DC that is acting as a global catalogue server?
see http://support.microsoft.com/default.aspx?scid=kb;en-us;822569
0
 

Author Comment

by:jmatt001
ID: 9819046
No, this is the only Exchange server in the domain.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9819091
looks like NSI\NSI-EXCHANGE$
doesn't have proper access to AD... is NSI\NSI-EXCHANGE$ a DC?

have you run addiag?

http://www.tburke.net/info/reskittools/topics/addiag.htm
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jmatt001
ID: 9819198
NSI-EXCHANGE$ is a member server but not a DC.

Have not run addiag.  Not familiar with it.

Thanks
0
 

Author Comment

by:jmatt001
ID: 9824539
chicagoan,

I have researched addiag.exe.  Could you give me a little background on your suggestion to run it?  Would I run it on the Exchange server or our DC?  What would I be looking for?

Thanks!
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9824753
I'm sorry - it was late

dcdiag
http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/dcdiag-o.asp

DCDiag is command-line tool which analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, DCDiag encapsulates detailed knowledge of how to identify abnormal behavior in the system.


0
 

Expert Comment

by:3des_stang
ID: 11326599
This is how I solved the issue.  Open ADSI edit (make sure you have the configuration container in the mmc) you can get this from the support tools for win2k.  in ADSI edit open the "Configuration Container" ( if you do not see this you need to install the support tools version.  On the first sub menu of the configuration container right click and go to properties click on security tab.  I just added the group "Exchange Enterprise Servers" and gave them "manage replication topology" rights.  Hope that helps.
0
 

Expert Comment

by:3des_stang
ID: 13028676
After doing a lot of research on this error message my self this is the correct answer to this problem.  It would be nice to keep it posted for anyone else who experiences this issue.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 13061697
PAQed with no points refunded (of 250)

modulo
Community Support Moderator
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question