MS EchangeDSAccess Event ID 2114

Posted on 2008-11-13
Last Modified: 2012-05-05
Help !

My Exchange 2003 server stop running this morning. I can't start the services.

The Envent ID 2114 MSExchangeDSAccess showed up in the Event Viewer.

All the help are appriaciated.
Question by:ptruong08
    1 Comment
    LVL 12

    Accepted Solution


    Here is what I have found on another site:

    Ray Andrade (Last update 7/30/2008):
    I have Exchange 2007 running on a Windows 2008 domain controller. I disabled IPv6 in the network settings, which caused this problem to appear. Re-enabling it fixed the problem.

    Anonymous (Last update 7/10/2008):
    I ran into this problem when applying a "All in one" security lock down update our company had developed. In the package, they decided to change the startup of the "NetLogon" service to "Manual". In this configuration, the Netlogon service will not be started and cause this event. Simply starting the NetLogon service (and setting to startup type of Automatic) fixed this issue for me. I was then able to start our Exchange Services.

    J. LoSpinoso (Last update 12/4/2006):
    A possible root cause is an additional DNS A record for a DC in the Exchange Servers Site, record that happens to be for an interface for which the Exchange Server has no connectivity.
    In our case, all of our servers have a secondary NIC that is used for tape backup traffic. This interface has no routing to the real network that AD and Exchange live on. So here's what, even though DNS registration is disabled on this secondary NIC, it still registers itself. If a system has DNS installed, each time the DNS Server starts or a zone is reloaded, it registers all interfaces that are configured to answer DNS queries. To determine if the Exchange server (or any member server or client) has resolved an IP for a DC, use nltest /dsgetdc:"domain". See M275554 for additional information.

    David Page (Last update 8/29/2006):
    This error, combined with other numerous MU, SA and IS errors may be due to incorrect permissions in the default domain controllers policy either by miss-configuration or use of the dcgpofix command. The Exchange Enterprise Servers group must be defined in the default domain controllers policy under Manage Auditing and Security Log. This can be found in the User Rights Assignment area of the GPO. Once rights are established, restart SA and IS.

    Mihai Andrei (Last update 6/13/2006):
    - Error code: 0x80040a02 - This problem can occur because the Exchange security groups do no have the appropriate user rights to enable the Directory Service Access (DSAccess) component to communicate with Active Directory. See M919089 to solve this problem.

    Anonymous (Last update 5/6/2006):
    In our case, an older version of GFI Mail Essentials caused the problem. After we uninstalled it, the Exchange Server worked again.

    Ionut Marin (Last update 6/10/2005):
    - Error code: 0x80040a02 - This event can be caused by the evaluation version of SharePoint Portal Server. After this evaluation period has expired this event along with others are logged in your event log. See M823722 for more details.

    As per Microsoft: "This event indicates that new topology could not be generated. If this is NOT the first topology discovery since system startup, the previously discovered topology will be used. However, topology discovery failure is usually a sign of a serious problem and needs to be investigated immediately". See MSEX2K3DB for more details on this event.

    Marty (Last update 6/10/2005):
    Check that the "Exchange servers" group has the rights to "manage audit and security logs". On a working DC, go to Start -> Programs -> Admin tools -> Domain controller security -> Local settings -> User Rights and find the manage audit and security logs option. Add the group if necessary.

    Joe Richards (Last update 6/10/2005):
    - Error code: 0x8007077F - This means that no site/subnet has been defined for the Exchange server. Check the IP address of the Exchange server, define a subnet in Active Directory, and assign that subnet to the proper site.

    Anonymous (Last update 3/4/2005):
    We found this event popping up in a system with Windows 2003 Standard Server and Exchange Server 2003 Service Pack 1. It was followed by event 2102 stating that the Exchange server is not able to discover the topology of our AD.
    To solve it we activated the MSExchangeDSAccess diagnostic logging. We set the Topology section to maximum logging. The next topology discovery cycle revealed that it was trying to get AD information from a public DNS instead of our internal AD DNS servers.
    This problem appeared because our TCP/IP local configuration included two internal DNS servers and two public DNS and the exchange topology discovery engine took the list and used it in the reverse order, therefore it was searching the Internet for private information.

    Mauro Patrucco (Last update 9/13/2004):
    This problem can appear because the service principal name for ldap is not registered for the Exchange virtual server. You can verify this with the setspn utility (Windows 2003 resource Kit). Enter the following command:

    setspn -l [exchange_virtual_server_name].

    If you do not see:


    then add it manually

    setspn -a ldap/[exchange_virtual_server_name]
    setspn -a ldap/[exchange_virtual_server_FQDN].

    Elliott Fields Jr (Last update 5/6/2003):
    No Domain Controllers could be located for Directory Access.  

    here are the links from the above article:;en-us;275554;en-us;823722;en-us;919089

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
    Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now