Re: MSExchangeSA errors
- From: "dm" <dmihalko@xxxxxxxxxxx>
- Date: Thu, 21 Apr 2005 11:20:52 -0400
Hi,
Well of course there are logon failures on the exchange server, but the only
one that is somewhat interesting is this:
===============================================
Logon Failure:
Reason: An unexpected error occurred during logon
User Name:
Domain:
Logon Type: 3
Logon Process: Kerberos
Authentication Package: Kerberos
Workstation Name: -
===============================================
These dont occur quite often at all... like 3 a day.
all the other ones are users trying to log into OWA or POP and just cant
type i guess.
The default domain policy for user rights was not defined, so i figured it
would be a good thing to do that. As for the local policy, the following
users are in there...
==========================
servername\aspnet
servername\iuser_servername
servername\iwam_servername
everyone
users
power users
backup operators
administrators
==========================
but this doesnt really matter, because domain policies override local
policies.
ill refresh the policy, remove from the Domain Exchange Servers, and restart
the services later this evening and will keep you posted.
Thanks,
-Dustin
"Nagendra Sitharamaiah [MSFT]" <nagsi@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:u%23EZBedRFHA.1528@xxxxxxxxxxxxxxxxxxxxxxx
> Hello,
>
> Please check if there are some Logon Failure auditing events in the
security
> log. The event you are looking for would be as shown below:
> =============================================
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 534
> User: NT AUTHORITY\SYSTEM
> Description:
> Logon Failure:
> Reason: The user has not been granted the requested logon type at this
> machine
> Domain: <Domain name>
> Logon Type: 3
> Logon Process: NtLmSsp
> Authentication Package: NTLM
> Workstation Name: <Workstation name>
> =============================================
>
> If Logon/Logoff auditing is not turned on, do so by following the
procedure
> mentioned in the following KB Article:
>
> 257225 IPsec troubleshooting in Microsoft Windows 2000 Server :
> http://support.microsoft.com/?id=257225
>
> If you see many 534 events like the one above, it means the "Access this
> computer from teh network" rights has been restricted to a few
users/groups
> in the Local Computer Policy or the Default Domain Policy. This right is
one
> among the rights listed under "Local policies" \ "User Rights Assignment".
> Ensure that this right is assigned to Authenticated Users.
>
> Regards
> --
> Nagendra Sitharamaiah
> MCSE, CCNA, MCT, CISSP
> Microsoft
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Please do not send email to this address, post a reply to this newsgroup.
>
> "dm" <dmihalko@xxxxxxxxxxx> wrote in message
> news:OQxfTPcRFHA.252@xxxxxxxxxxxxxxxxxxxxxxx
> > Hi everyone. Im kinda getting frustrated with this. I am running
exchange
> > 2003 sp1 and getting the following errors:
> >
> > -Microsoft Exchange System Attendant failed to add the local computer as
a
> > member of the DS group object 'cn=Exchange Domain
> > Servers,cn=Users,dc=componentone,dc=com'.
> >
> > Please stop all the Microsoft Exchange services, add the local computer
> > into the group manually and restart all the services.
> >
> > -Microsoft Exchange System Attendant has detected that the local
computer
> > is not a member of group 'cn=Exchange Domain
> > Servers,cn=Users,dc=componentone,dc=com'. System Attendant is going to
add
> > the local computer into the group.
> >
> > so after researching into it i have followed this article:
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;271335
> >
> >
> > weird thing is... the error still comes back, no matter what i do.
> > - I removed and re-added to the Exchange Domain Servers security group.
> > - I restarted all exchange services.
> > - I rebooted
> > - I put it back into the original OU, restarted services.
> > - I removed and re-added to the Exchange Domain Servers security group.
> > - I rebooted
> >
> > did this many times, and i just cant get rid of the error. everything
> > works fine, i just hate errors in my event logs.
> >
> > anyone have any ideas?
>
>
.
- Follow-Ups:
- Re: MSExchangeSA errors
- From: dm
- Re: MSExchangeSA errors
- References:
- MSExchangeSA errors
- From: dm
- Re: MSExchangeSA errors
- From: Nagendra Sitharamaiah [MSFT]
- MSExchangeSA errors
- Prev by Date: Re: maximum email size to be sent
- Next by Date: Re: MSExchangeSA errors
- Previous by thread: Re: MSExchangeSA errors
- Next by thread: Re: MSExchangeSA errors
- Index(es):
Relevant Pages
|
