Re: MSExchangeSA errors
- From: "Nagendra Sitharamaiah [MSFT]" <nagsi@xxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 21 Apr 2005 00:03:52 +0530
Hello,
Please check if there are some Logon Failure auditing events in the security
log. The event you are looking for would be as shown below:
=============================================
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 534
User: NT AUTHORITY\SYSTEM
Description:
Logon Failure:
Reason: The user has not been granted the requested logon type at this
machine
Domain: <Domain name>
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: <Workstation name>
=============================================
If Logon/Logoff auditing is not turned on, do so by following the procedure
mentioned in the following KB Article:
257225 IPsec troubleshooting in Microsoft Windows 2000 Server :
http://support.microsoft.com/?id=257225
If you see many 534 events like the one above, it means the "Access this
computer from teh network" rights has been restricted to a few users/groups
in the Local Computer Policy or the Default Domain Policy. This right is one
among the rights listed under "Local policies" \ "User Rights Assignment".
Ensure that this right is assigned to Authenticated Users.
Regards
--
Nagendra Sitharamaiah
MCSE, CCNA, MCT, CISSP
Microsoft
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
This posting is provided "AS IS" with no warranties, and confers no rights.
Please do not send email to this address, post a reply to this newsgroup.
"dm" <dmihalko@xxxxxxxxxxx> wrote in message
news:OQxfTPcRFHA.252@xxxxxxxxxxxxxxxxxxxxxxx
> Hi everyone. Im kinda getting frustrated with this. I am running exchange
> 2003 sp1 and getting the following errors:
>
> -Microsoft Exchange System Attendant failed to add the local computer as a
> member of the DS group object 'cn=Exchange Domain
> Servers,cn=Users,dc=componentone,dc=com'.
>
> Please stop all the Microsoft Exchange services, add the local computer
> into the group manually and restart all the services.
>
> -Microsoft Exchange System Attendant has detected that the local computer
> is not a member of group 'cn=Exchange Domain
> Servers,cn=Users,dc=componentone,dc=com'. System Attendant is going to add
> the local computer into the group.
>
> so after researching into it i have followed this article:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;271335
>
>
> weird thing is... the error still comes back, no matter what i do.
> - I removed and re-added to the Exchange Domain Servers security group.
> - I restarted all exchange services.
> - I rebooted
> - I put it back into the original OU, restarted services.
> - I removed and re-added to the Exchange Domain Servers security group.
> - I rebooted
>
> did this many times, and i just cant get rid of the error. everything
> works fine, i just hate errors in my event logs.
>
> anyone have any ideas?
.
- Follow-Ups:
- Re: MSExchangeSA errors
- From: dm
- Re: MSExchangeSA errors
- References:
- MSExchangeSA errors
- From: dm
- MSExchangeSA errors
- Prev by Date: Cannot Delete A Public Folder
- Next by Date: Re: Public Folder gone missing... hmm
- Previous by thread: MSExchangeSA errors
- Next by thread: Re: MSExchangeSA errors
- Index(es):
Relevant Pages
|
Loading
