RE: reset administrator password - strange problems
- From: "Rob Pettrey" <RobPettrey@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 5 Aug 2005 07:43:08 -0700
Hi Brandy,
Thanks for the response!
Before I saw your response to this post, I was continually doing research,
and not coming up with much. I did notice related problems centered around
privileges and reinstalling exchange with /domainprep. I had exchange
problems when upgrading to sbs 2003 initially, and had reinstalled exchange
once already. I figured that reinstalling exchange from setupsbs would
probably do a domainprep and hopefully re-synch passwords and privs, so I
reinstalled exchange, and the two errors (9153 and 8213) previously mentioned
are resolved.
However, I still am having a two problems with exchange. One is with public
folders. (The client is not at this time using public folders, so there is no
impact, but I still would like to get rid of the errors.) I am also having a
SMTP transport problem that looks either open relay- or virus-related.
Here is the public folder error, which I am receiving with multiple users:
________________________________________________________________________
event viewer | application | MSExchangeIS Public Store | Access Control | 1030
user@xxxxxxxxxx failed an operation on folder /O=DOMAIN/OU=FIRST
ADMINISTRATIVE
GROUP/CN=RECIPIENTS/CN=_O=DOMAIN_CN=ADDRLISTS_42B1252A4460EAAD25C7B89DA56D88B0000008
on database "First Storage Group\Public Folder Store (SERVER)" because the
user did not have the following access rights:
'Delete' 'Read Property' 'Write Property' 'Create Message' 'View Item'
'Create Subfolder' 'Write Security Descriptor' 'Write Owner' 'Read Security
Descriptor' 'Contact'
The entry ID of the folder is in the data section of this event.
________________________________________________________________________
I found Q313866 - would this be your recommendation?
Also the transport error:
________________________________________________________________________
event viewer | application | MSExchangeTransport | SMTP Protocol | 7004
This is an SMTP protocol error log for virtual server ID 1, connection #3.
The remote host "68.76.135.3", responded to the SMTP command "rcpt" with "550
5.7.1 <user@xxxxxxxxxxxxxxxxxxx>... Relaying denied. Proper authentication
required. ". The full command sent was "RCPT TO:<user@xxxxxxxxxxxxxxxxxxx>
". This will probably cause the connection to fail.
________________________________________________________________________
I followed 895853, and it appears it is not an open relay, nor does it
appear on any spam lists.
Thanks for your help! Please advise.
""Brandy Nee [MSFT]"" wrote:
> Hello Rob,
>
> Thank you for posting to the SBS Newsgroup.
>
> I understand that you have manually changed the Directory Services Password
> on the SBS 2K3 server and you got errors 9153 and 8213 in the Event Viewer.
> If I have misunderstood your concern, please let me know.
>
> Please understand, we do not support changing the Directory Services
> Restore Mode Password on the SBS 2K3 server.
>
> Because only on the SBS 2K3 server, the Directory Services Restore Mode
> password is synchronized with the built-in Administrator account password
> so that you do not need to manage two passwords. If the Administrator
> account password is modified, the Directory Services Restore Mode password
> is updated with the change. But if you modify the Directory Services
> Restore Mode password, it will not synchronize with the Administrator
> account password.
>
> Please understand that if the problem persists and the server is not able
> to work normally, we have to reinstall the server and perform a restore
> from a backup media.
>
> Please see the following troubleshooting steps:
>
> Based on my research, 0x80072030 means ERROR_DS_NO_SUCH_OBJECT, which means
> there is no such object on the server. There are many different possible
> problems that may lead to this event, such as AD database permission,
> server settings or even the corrupted files. Please take your time to see
> the following information:
>
> 1> Make sure that you have applied Exchange Server 2003 SP1 on your server.
>
> Exchange Server 2003 Service Pack 1
> http://www.microsoft.com/downloads/details.aspx?familyid=42656083-784D-4E7E-
> B032-2CB6433BEC00&displaylang=en
>
> After applying Exchange Server 2003 Service Pack 1, please also apply the
> hotfix in the following KB article:
>
> 843539 You cannot use Outlook Web Access with forms-based authentication and
> http://support.microsoft.com/?id=843539
>
> 2> Check ADSIedit. To do so, please see:
>
> If you have not installed ADSIedit yet, please install the support tools
> for SBS 2003 on CD2. (x:\support\tools\suptools.msi). After that,
>
> a. Go to Start -> Run, type "adsiedit.msc" (without quotation marks), press
> OK.
>
> b. Check whether you can view any information or perform any changes
> inside. If you failed to do so, please reply me the exact folders or files
> you failed to.
>
> c. If you can browse any information in the ADSI Edit. Please see step 3>.
>
> 3> Check the permission:
>
> a. Expand to Configuration [xx.xx.local]\CN=Configuration,
> DC=XX,DC=XX\CN=Services\CN=Microsoft Exchange\CN=Yourdomain.
>
> b. Right click CN=Yourdomain, go to Properties, Security tab. Click
> Advanced.
>
> c. Check the box of "Allow inheritable permissions from the parent to
> propagate to this object and all child objects. Include there with entries
> explicitly defined here". (If it has been already checked, clear the box,
> click Apply and then check the box).
>
> d. Click OK.
>
> e. Open a command window, run "adprep /domainprep". The adprep command is
> in the I386 folder in the SBS 2003 CD #1.
>
> I am appreciated your time and cooperation, and am looking forward to
> hearing from you!
>
> Best regards,
>
> Brandy Nee
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
> --------------------
> >Thread-Topic: reset administrator password - strange problems
> >thread-index: AcWZEIHRO2mi7i+qTsamXfVxZs7tGg==
> >X-WBNR-Posting-Host: 205.244.26.189
> >From: "=?Utf-8?B?Um9iIFBldHRyZXk=?=" <RobPettrey@xxxxxxxxxxxxxxxxxxxxxxxxx>
> >Subject: reset administrator password - strange problems
> >Date: Thu, 4 Aug 2005 09:21:02 -0700
> >Lines: 29
> >Message-ID: <8B1C1B7B-C80A-44E8-8BB2-146F28D5EF5B@xxxxxxxxxxxxx>
> >MIME-Version: 1.0
> >Content-Type: text/plain;
> > charset="Utf-8"
> >Content-Transfer-Encoding: 7bit
> >X-Newsreader: Microsoft CDO for Windows 2000
> >Content-Class: urn:content-classes:message
> >Importance: normal
> >Priority: normal
> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> >Newsgroups: microsoft.public.windows.server.sbs
> >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
> >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:141540
> >X-Tomcat-NG: microsoft.public.windows.server.sbs
> >
> >SBS 2003 premium upgrade, 15 users, 2 nics, recently taken over from
> another
> >consultant
> >
> >A former employee logged into the console as the administrator and messed
> >things up. I was asked to change the administrator password, which I did.
> I
> >was seeing DS-related errors in the event log, so after some research I
> >decided to reset the DS recovery password (a mistake, with perfect 20/20
> >hindsight...).
> >
> >ntdsutil
> >set dsrm password
> >reset password on server null
> >
> >Now I have more DS-related errors.
> >
> >Event ID 9153 MSExchangeSA - every 13 minutes
> >Microsoft Exchange System Attendant reported an error '0x80072030' when
> >setting DS notification.
> >
> >Event ID 8213 MSExchangeFBPublish - every 25 minutes
> >System Attendant Service failed to create session for virtual machine
> >SERVER. The error number is 0x80072030.
> >
> >Clients can send and receive mail, surf, /remote and /exchange. Then all
> of
> >a sudden, no surf, quirky mail, I reboot, and things are ok again for a
> while.
> >
> >Any ideas, anyone?
> >
> >
> >
>
>
.
- Follow-Ups:
- RE: reset administrator password - strange problems
- From: "Brandy Nee [MSFT]"
- RE: reset administrator password - strange problems
- References:
- reset administrator password - strange problems
- From: Rob Pettrey
- RE: reset administrator password - strange problems
- From: "Brandy Nee [MSFT]"
- reset administrator password - strange problems
- Prev by Date: Re: Locking workstations
- Next by Date: Re: Port 21 disallowed on SBS 2003
- Previous by thread: RE: reset administrator password - strange problems
- Next by thread: RE: reset administrator password - strange problems
- Index(es):
Relevant Pages
|
