|Component:||Microsoft Exchange Directory Access Service|
|Message:||Process <process name> (PID=<process id>). Exchange Server <server name> does not have Audit Security Privilege on Domain Controller <server name>. This Domain Controller will not be used by DSAccess.|
The Exchange server specified in the event text does not have the Audit Security Privilege on the domain controller specified in the event. DSAccess will not use that domain controller until this is remedied. Possible causes include:
If you have not run “domain prep” or RUS is not configured in the domain, do so. Otherwise run the utility “policytest.exe” that is located in the “Support” folder on the Microsoft Exchange CD. It will produce a list of domain controllers and will report the presence or absence of the required privilege.
If the privilege is lost, repeat the “”domain prep” step. If the privilege is found on all domain controllers, try to find out what happened to the permissions. Make sure that the Microsoft Exchange server is still a member of the “Exchange Domain Servers” group, and that group is a member of “Exchange Enterprise Servers” group. Also make sure that the group permissions are inherited by the Microsoft Exchange computer account.
A successful remedy can be confirmed by turning up DSAccess logging to at least level 1 and looking for the DSAccess 2113 event.
For more information on Security Privilege issues and the policytest.exe tool, see Microsoft Knowledge Base article 314294, XADM: Exchange 2000 Error Messages Are Generated Because of SeSecurityPrivilege Right and Policytest Issues.