Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: MSExchangeIS Private|
|Type: Success Audit|
NT User EFFH\backupexec logged on to Administrator mailbox, and is not the primary Windows NT account on this mailbox.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of the Microsoft Exchange Information Store service?
This problem may occur if you use another user's mailbox in Outlook 2002. See ME812007 for more information about this issue.
Some antivirus software requires that you use an Exchange Service Admin account, so it can open and scan all mailboxes. This causes Event ID 1016 to be logged for each mailbox. See "JSI Tip 1789" for details.
As per Microsoft: "This event is logged even if you have been granted permission to access the mailbox, and even when you successfully access the mailbox. However, this event is not logged if a primary Windows NT account is not assigned to the user's mailbox". There are several Microsoft articles with information about this event: ME147362, ME173692, ME239081, ME244305, ME274317, ME280527 and ME301328.
This is a normal event and it will be logged in the Event Log regardless of the level that the diagnostics logging is set to on the Information Store. For example a backup software performing backup at the mailbox level will cause Exchange to generate such events.
|Private comment: Subscribers only. See example of private comment|
|Links: ME147362, ME173692, ME239081, ME244305, ME274317, ME280527, ME301328, ME812007, ME867640, EventID 1016 from source MSExchangeIS Mailbox Store, JSI Tip 1789|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated