Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Process <process> (PID=<PID>). DSAccess needs to close a connection to the Domain Controller [<DC>] due to error <error code>.
|English: Request a translation of the event description in plain English.|
As per MSEX2K3DB, DSAccess terminated the existing Lightweight Directory Access Protocol (LDAP) connection because of the specified error. The user operation will be retried, and the domain controller will still be used by DSAccess. Lookup the LDAP error code for the actual description of the problem.
From a newsgroup post: "First, please verify if there are other DSAccess related events logged and if the event only appears when you turn on the Diagnostic Logging on the MSExchangeDSAccess. If so, we can safely ignore it as the Exchange server is properly working.
Otherwise, if there are other MSExchangeDSAccess events logged without diagnostic logging, there are problems on MSExchangeDSAccess. We can try the following steps to troubleshoot it:
Step 1: Checking Service Principal Names (SPN) for LDAP.
1. Download the Setspn utility from the Microsoft web site.
Note: The Setspn Utility is for both Windows 2000 and Windows 2003.
2. Run the setspn utility to list the registered Services Principal Names on the Exchange Virtual Server:
setspn -l <Exchange Virtual Server name>
3. Verity if you can see entries about Service Principal Names (SPN) for LDAP. If no, please continue with the following steps to register them manually:
setspn -a ldap/<Exchange Virtual Server name> <Exchange Virtual Server name>
setspn -a ldap/<Exchange Virtual Server name>.xxxxxx.local <Exchange Virtual Server name>
The format is much similar to the entries below which you can see by the "setspn -l <Exchange Virtual Server name>" command.
exchangeMDB/<Exchange Virtual Server name>
exchangeMDB/<Exchange Virtual Server name>.xxxxxx.local.
Step 2: Verifying DSAccess detection setting.
1. Start ESM.
2. Navigate to the Exchange 2003 server object, and open its Properties.
3. On the Directory Access tab, check if all the DCs/GCs are listed properly. Make sure the option "Automatically discover servers" is checked.
Step 3: Checking if there are static configurations.
Starting the Microsoft System Attendant will initialize DSAccess and start the topology detection. DSAccess checks registry keys for any static configuration, it checks the profiles\default key and its subkeys for the operational paramateres and list of DCs and GCs and then the MSExchangeDSAccess\Instance0 key for the configDC. More information is available in ME246228".
Error: 0x80040920 = LDAP_NO_SUCH_OBJECT (Object does not exist).
Error: 0x80040951 = LDAP_SERVER_DOWN (Cannot contact the LDAP server) - May indicate a problem with the connectivity to a domain controller.
Error: 0x80040952 = LDAP_LOCAL_ERROR (Local error occurred)
|Private comment: Subscribers only. See example of private comment|
|Links: ME246228, Windows 2000 Resource Kit Tool - Setspn, MSEX2K3DB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (1) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated