Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 2112 Source: MSExchangeDSAccess

Level
Description
Process <process name> (PID=<process id>). Exchange Server <server name> does not have Audit Security Privilege on Domain Controller <server name>. This Domain Controller will not be used by DSAccess.
Comments
 
This problem can occur because the Exchange security groups do no have the appropriate user rights to enable the Directory Service Access (DSAccess) component to communicate with Active Directory. See ME919089 for information on fixing this problem.
As per Microsoft: "The Exchange server specified in the event text does not have the Audit Security Privilege on the domain controller specified in the event. DSAccess will not use that domain controller until this is remedied. Possible causes include:
- Exchange setup has not completed the "domain prep" stage for this domain, or the Recipient Update Service is not configured in this domain.
- A permissions modification was made that caused the Exchange server to lose its permissions in Active Directory.
- The Audit Security Privilege was lost". See MSEX2K3DB for more details.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...