Failure Audit - What does it mean?

When I see a failure audit in my event viewer like this one....

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Object Access
Event ID:      565
Date:            11/12/2004
Time:            8:53:58 AM
User:            DOMAIN\jsmith
Computer:      EXSERVER
Object Open:
       Object Server:      Microsoft Exchange
       Object Type:      Microsoft Exchange Logon
       Object Name:      /o=DOMAIN/ou=first administrative group/cn=Recipients/cn=jmarino
       New Handle ID:      -
       Operation ID:      {0,46016404}
       Process ID:      2352
       Primary User Name:      EXSERVER$
       Primary Domain:      DOMAIN
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      jsmith
       Client Domain:      DOMAIN
       Client Logon ID:      (0x0,0x2BCAD90)
       Accesses            Unknown specific access (bit 0)
       Privileges            -


What is it telling me exactly??
LVL 20
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

It looks like jsmith is trying to access jmarino's mailbox and was denied.
DVation191Author Commented:
does it give any more details than that? like how they tried doing that?
Maybe this person tried to open jmarinos calendar and instead they tried to open the inbox by accident and got the deny error.  Inbox is the default when you go to open other users folder.
As per Microsoft: "This behavior occurs if you do not have the Send As or Owner rights for the mailbox that you are trying to open. The failure audit events are logged to notify the administrator that the user who is accessing the mailbox does not have Send As or Owner rights to the mailbox itself even though the user has delegate access to the mailbox. These failure audit events are logged in the Security log of the Event Viewer so that the administrator of the Exchange 2000 organization can verify that security permissions are set correctly". See Q813229 for more details.
Also, this event will be generated when there are missing DNS PTR records, incorrect PTR records (mismatch between FQDNs in A records and PTR records) or missing reverse lookup zones.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.