() Database requires logfiles – in order to recover successfully. Recovery could only locate logfiles up to .

Details
Product: Exchange
Event ID: 453
Source: ESE
Version: 6.5.6940.0
Component: Microsoft Exchange Extensible Storage Engine
Message: <process name> (<process id>) <storage group name>Database <name> requires logfiles <number><number> in order to recover successfully. Recovery could only locate logfiles up to <number>.
   
Explanation

The database requires log files in order to continue.

You will receive the following phrase in the event Description:

Information Store (number) [guid] Database [path\filename] requires logfiles

[e.g.] 154-158 in order to recover successfully. Recovery could only locate logfiles up to [e.g.] 157.

  • Cause 1 – An online restore fails due to log files missing from the temporary folder that is specified in the Microsoft Windows 2000 Backup program under the temporary location for log files.
  • Cause 2 – A hardware failure causes loss of log files in the log file sequence needed for the restore.
  • Cause 3 – Antivirus software has quarantined the current log file, E0n.log.
   
User Action

Generally, verify whether or not the log files have been moved or deleted. If the log files have been deleted, restore them from backup media. If they have been moved, move them to the appropriate location. The event text will specify the required files. Check for related events and their description to determine specific causes and resolutions. Following are some specific resolutions for the common causes indicated in the Explanation.

  • Resolution 1 – Attempt to locate the missing log files and place them in the appropriate folder and run Eseutil /cc (hard recovery) or run Eseutil /cc /t (using the /t switch) to specify another location for all the necessary logs together in one folder and mount the database. If the log files cannot be located, restore from an earlier backup or as a last resort, repair the database, run Isinteg -fix, and ExMerge the results to a blank database.
  • Resolution 2 – Restore from an earlier backup or as a last resort, repair the database, run Isinteg -fix, and ExMerge the results to a blank database.
  • Resolution 3 – Stop the antivirus software scanning the information store files directory and the M: drive and check the registry settings for the antivirus software. Place the current log file back in the appropriate directory.

Related:

%1 (%2) %3Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error %4.

Details
Product: Exchange
Event ID: 413
Source: ESE
Version: 08.01.0106.000
Symbolic Name: NEW_LOG_ERROR_ID
Message: %1 (%2) %3Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error %4.
   
Explanation

This Warning event indicates that a new log file could not be created because the database cannot write to the log file drive.

The event may be logged if the drive is read-only, out of disk space, configured incorrectly, or corrupted. The cause depends on the error number in the Description section of the event. The most common error codes for event 413 are listed below.

  • Error -1032 = 0xfffffbf8 = 4294966264 = Jet_errFileAccessDenied = Cannot access file – the file is locked or in use. Another process has locked the file. A virus checker may mistakenly quarantine a file, or a backup process may temporarily deny access.

  • Error -1811 = 0xfffff8ed = Jet_errFileNotFound = File not found. The following are possible causes for this error:

    • The current log file (such as E00.log) may have a mismatching signature between the log and the database.

    • The checkpoint file may be corrupted, or the log drive itself may have failed.

    • The current log file may have been deleted by antivirus software running on the server.

    • There may have been problems creating the temp log file for the storage group (such as e00tmp.log ). For example, the temp log file itself may become corrupted.

  • Error -1022 = 0xfffffc02 = 4294966274 = Jet_errDiskIO = disk I/O error. The -1022 error is a generic error that appears whenever a disk I/O problem prevents Exchange from gaining access to a requested page in the database or to a check file. A disk or controller failure may have occurred, and access to the entire drive has been lost, sometimes temporarily. The controller software or firmware may be out of date. This issue may also occur because the path for the check file (such as E00.chk) is not correct, which may be caused by a drive failure.

   
User Action

To resolve this warning, do one or more of the following:

  • Check the integrity of the file system.

  • Check the System log for related entries.

  • Review and change the access permissions properties, and then note the disk space available.

  • Review the disk and log file to which you are trying to write.

  • For error -1811, ensure that the antivirus software is not running against the Exchange store, the Site Replication Service (SRS) database directories. Ensure that the log file drive has not run out of space.

  • For error -1032, change the permissions on the folders that contain the information store files to the default permissions. Configure the flat file backup and antivirus software to not scan the Exchange store subdirectories. Use Exchange-aware online backup and antivirus software.

  • For error -1022, ensure that the drive for the Exchange store files is accessible and that the path for the Exchange store files is specified correctly. If it is, run chkdsk /f /r. If the Chkdsk tool does not resolve the issue, examine the permissions on the Exchange Server folder structure. Ensure that System has full control of Exchange Server (install path for Exchange) and all subfolders on each partition that contains Exchange data. If you still cannot mount the databases, troubleshoot any file-level antivirus software running on the Exchange server.  Check the System log for I/O or drive errors near the time of the 413 event. Check and correct the path for the check file (such as E00.chk).

After correcting the root cause, if the database is inconsistent, restore from online backup. If there is no valid backup, you can restore the database to consistency using the hard repair (/p) functionality of the Eseutil utility. Run isinteg -fix until all fixes are removed. Mount the database and use Move Mailbox to move to a new, blank database. Before doing this, you should always back up all Exchange store files in a storage group (*.log files, *.edb files and *.stm files).

For information about ESE error -1022, see Microsoft Knowledge Base article 314917

Understanding and analyzing -1018, -1019, and -1022 Exchange database errors.

For information about ESE error codes other than the ones explained in this topic, see the following Microsoft Knowledge Base articles:

For information about properly configuring your antivirus software, see Microsoft Knowledge Base article 328841 Exchange and antivirus software.

Related:

%1 (%2) %3The logfile sequence in “%4” has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup.

Details
Product: Exchange
Event ID: 492
Source: ESE
Version: 8.0
Symbolic Name: LOG_DOWN_ID
Message: %1 (%2) %3The logfile sequence in “%4” has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup.
   
Explanation

This Error event indicates that the database engine is unable to replay the log file sequence. Because this is a generic error, there are no specific errors associated with this event in the Description section of the event. Look for errors mentioned in the Description section of related events that refer to problems related to opening, creating, deleting, and writing log files. The cause of the error depends on the specific error. The most common errors in the Description section of events related to event 492 are as follows:

  • Error 1811 = 0xfffff8ed = Jet_errFileNotFound = File not found. The log file may be missing or there may be other causes for this error. For example, the current log file (such as E00.log) may have a mismatching signature between the log and the database. Error 1811 might also be generated when the Exchange databases and log files are stored on network storage. This is unsupported. In addition, the checkpoint file may be corrupted, or the log drive may have failed. The current log file may have been seized and deleted or quarantined by antivirus software running on the server. There have also been problems creating the temp log file for the storage group (such as e00tmp.log ). The temp log file may be corrupted.

  • Error 510 = 0xfffffe02 = 4294966786 = Jet_errLogWriteFail = Failure when writing to log file. Error 510 can be caused by permissions issues, space issues, SAN issues, and other issues affecting reads and writes to the disks.

  • Error 1032 = 0xfffffbf8 = 4294966264 = Jet_errFileAccessDenied = Cannot access file – the file is locked or in use. Another process has locked the file. Antivirus software may mistakenly quarantine a file, or a backup process may temporarily deny access. A flat file backup system or antivirus software may be running against the database or checking file directories. This error can also occur if the permissions on the folder that contain the files for the Exchange stores are not sufficient for the stores to function properly.

   
User Action

To resolve this error, you must correct the problem and restart the Microsoft Exchange Information Store service. Alternatively, you may need to restore from backup. Do the following to resolve this error:

  • Review the Application log for related events. For error 1811, ensure that the antivirus software is not running against the Exchange store and the SRS database directories. Ensure that the database drive has not run out of space. Ensure that the database file is present where it is supposed to be. For more information about properly configuring your antivirus software, see the Microsoft Knowledge Base article 328841, Exchange and Antivirus Software.

  • For error 510, investigate the root cause of permissions issues, space issues, and other issues affecting reads and writes to the disks.

  • For error 1032, change the permissions on the folders that contain the Exchange store files to the default permissions. Configure the flat file backup and antivirus software to not scan the Exchange Server Information Store subdirectories. Use Exchange-aware online backup and antivirus software.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

() An attempt to open the file “” for read only access failed with system error : “”. The open file operation will fail with error .

Details
Product: Exchange
Event ID: 489
Source: ESE
Version: 6.5.6940.0
Component: Microsoft Exchange Extensible Storage Engine
Message: <process name> (<process id>) <storage group name>An attempt to open the file “<file name>” for read only access failed with system error <error code>: “<error message>“. The open file operation will fail with error <error code>.
   
Explanation

An unexpected error was encountered while trying to open a file.

You will receive the following phrase in the event Description:

An attempt to open the file [path\file name] for read-only access failed with [Error Code and Explanation]. The open file operation will fail with error [Error Code].

The cause depends on the Error listed at the end of the Description section of the event. The most frequent causes are as follows:

  • Error -1032 = 0xfffffbf8 = 4294966264 = JET_errFileAccessDenied = Cannot access file – the file is locked or in use. Another process has “stolen” the file. A virus checker may mistakenly quarantine a file, or a backup process may temporarily deny access. A flat file backup system or antivirus software may be running against the database, the check file directories, or drive M. This error can also occur if the permissions on the folder (such as MDBDATA) that contain the files for the information stores are not sufficient for the stores to function properly.
  • Error -1022 = 0xfffffc02 = 4294966274 = JET_errDiskIO = Disk IO error. The -1022 error is a generic error that appears whenever a disk input/output (I/O) problem prevents Exchange from gaining access to a requested page in the database or to a check file. A disk or controller failure may have occurred, and access to the entire drive has been lost, sometimes temporarily. Check the system log for I/O or drive errors near the time of the 490 Event. This issue may occur because the path for the check file (such as E00.chk) is not correct, which may be caused by a drive failure.
  • Error -1023 = 0xfffffc01= 4294966273 = JET_errInvalidPath = Invalid file path. This error can be caused by changing the path for the log files or the check file prior to a restore. This error can also indicate a corrupt check file (such as E00.chk) or a temporary file built during a defragmentation or a repair. In the case of the corrupt files, this error may occur even if the path to the file is correct.
   
User Action
  • For Error -1032, change the permissions on the folders that contain the Exchange database files to the default permissions. Configure the flat file backup and antivirus software to not scan the Exchange database subdirectories, or drive M. Use Exchange-aware online backup and antivirus software.
  • For Error -1022, run “chkdsk /f /r” (without the quotation marks). If chkdsk does not resolve the issue, examine the permissions on the Exchsrvr folder structure. Make sure that SYSTEM has full control of Exchsrvr and all subfolders on each partition that contains Exchange data. If you still cannot mount the databases, troubleshoot any Windows NT file-level antivirus software running on the Exchange server. Check the System Log for I/O or drive errors near the time of the 490 Event. Check and correct the path for the check file (such as E00.chk). Correct the root cause and then restore from online backup if there is a recent backup or as a last resort, perform a repair, Isinteg -fix, and ExMerge to a new Information Store.
  • For Error -1023, place the Exchange database files back in their original locations before performing the restore. Alternatively, if the .chk is corrupt, you may be able to remove it and read all the transactions into the database. If the database remains inconsistent, then restore from online backup if there is a recent backup or as a last resort, perform a repair, Isinteg -fix, and ExMerge to a new Exchange database.

Related:

() Unable to rollback operation # on database . Error: . All future database updates will be rejected.

Details
Product: Exchange
Event ID: 471
Source: ESE
Version: 6.5.6940.0
Component: Microsoft Exchange Extensible Storage Engine
Message: <process name> (<process id>) <storage group name>Unable to rollback operation #<number> on database <name>. Error: <error code>. All future database updates will be rejected.
   
Explanation

Unable to roll back operation on database [database name]: all future database updates will be rejected.

Nothing in this database can be updated until this situation is resolved.

The cause depends on the Error number in the Description section of the event. The most common error codes for Event 471 are listed below.

  • Error -510 = 0xfffffe02 = 4294966786 = JET_errLogWriteFail = Failure when writing to log file. This error has both been seen in the Description of Event 104 and has been more commonly seen with an associated event. Error -510 can be caused by permissions issues, space issues, SAN issues, and other issues affecting reads/writes to the disks.
  • Error -1022 = 0xfffffc02 = 4294966274 = JET_errDiskIO = Disk IO error. The -1022 error is a generic error that appears whenever a disk input/output (I/O) problem prevents Exchange from gaining access to a requested page in the database or to a check file. A disk or controller failure may have occurred, and access to the entire drive has been lost, sometimes temporarily. The controller software or firmware may be out of date. Check the System Log for I/O or drive errors near the time of the 471 Event.
  • Error -614 = 0xfffffd9a = JET_errCheckpointDepthTooDeep = Checkpoint depth is approaching 1024 generations. Before Exchange 2000 SP3, the checkpoint had a maximum depth of 256 log files. In other words, there was a maximum of 256 logs that could not be outstanding and uncommitted to the store at any one time. When the checkpoint became greater than 256 generations, the Jet engine got confused and advanced the checkpoint erroneously. What this meant was that if the database subsequently crashed, ESE would end up starting recovery from the wrong log generation and miss replaying operations (unless you deleted the checkpoint file). Beginning with Exchange 200 SP3, the maximum depth of the checkpoint has been increased from 256 generations to 1024 generations. When the checkpoint approaches 1024, ESE Event ID 471 is reported and ESE generates Error -614 = JET_errCheckpointDepthTooDeep and the database dismounts.
   
User Action

For Error – 510, investigate the root cause of permissions issues, space issues, and other issues affecting reads/writes to the disks.

For Error -1022, check to make sure the drive for the information store files is accessible and that the path for the information store files is specified correctly. If it is, run chkdsk /f /r. If chkdsk does not resolve the issue, examine the permissions on the Exchsrvr folder structure. Make sure that SYSTEM has full control of Exchsrvr and all subfolders on each partition that contains Exchange data. If you still cannot mount the databases, troubleshoot any Windows NT file-level antivirus software running on the Exchange server. Check the System Log for I/O or drive errors near the time of the 471 Event.

For Error -614, erroring out before you actually reach 1024 generations means that you can safely run recovery starting from the checkpoint, since it has not erroneously advanced. However, you should also ensure that you have identified the cause of the error in the first place. It is typically a hung backup, which should be easy to diagnose, or a long-running transaction, which may be less obvious.

Related:

Microsoft Exchange OLEDB was unable to initialize the event binding for name. BindingID = id, HRESULT = value.

Details
Product: Exchange
Event ID: 103
Source: EXOLEDB
Version: 6.5.6940.0
Component: Microsoft Exchange OLE DB Provider
Message: Microsoft Exchange OLEDB was unable to initialize the event binding for name. BindingID = id, HRESULT = value.
   
Explanation

Microsoft Exchange supports store event sinks as a way to perform server-side processing of message items. Exchange store event sinks perform actions based on messages being saved, modified, or deleted in the Exchange store. This Error event indicates that a registered store event sink could not be initialized. There could be several reasons for a failure to register a store event. For example, if the primary SMTP address of a mailbox is changed, events in that mailbox are not loaded by EXOLEDB and stop occurring.

   
User Action

Check event registration. If it is necessary, re-create the event registration. The event sink binding that could not be initialized will be listed in the event together with an error code that indicates the reason for the binding failure. Sometimes, this error can be caused by antivirus software that uses the Virus Scanning API (VSAPI).

If Exchange-aware antivirus software is installed on this Exchange server, verify that it is compatible with Exchange Server 2003. For details, see the following Microsoft Knowledge Base article:

823166 Overview of Exchange Server 2003 and antivirus software

Related:

() The database engine stopped the instance ().

Details
Product: Exchange
Event ID: 103
Source: ESE
Version: 6.5.7638.0
Component: Microsoft Exchange Extensible Storage Engine
Message: <process name> (<process id>) <instance> The database engine stopped the instance (<number>).
   
Explanation
ESE Event ID 102 is as follows: The database engine started a new instance (Instance #).
ESE Event ID 103 is as follows: The database engine stopped the instance (Instance #).
ESE Event ID 104 is as follows: The database engine stopped an instance (Instance #) with error (Error #).
There is only one Jet database engine, ESE.dll, per server. But there can be one instance of Jet running per storage group. Event 102 signifies that an instance of Jet has started and indicates which instance has started. Event 103 indicates which instance has stopped. These events can occur in the normal scheme of Exchange operations, or they may be associated with errors. Event 103 never has an error mentioned in the Description section of the Event.
Event 104 definitely indicates that there is a problem and the named instance of Jet has stopped with a error associated with it that is named in the Description section of Event ID 104.
Event ID 103 has many potential causes – check events in the application log before and after Event 103 to determine which errors are mentioned in the Description section of other events. Known causes for the database instance stopping with Event 103 are as follows:
Failing to apply an Exchange service pack for a reinstall or an Exchange-aware restore.
Running out of disk space.
Attempting to restore multiple storage groups simultaneously.
Applying an Exchange service pack, which resulted in the databases becoming inconsistent.
Event ID 104 has a definite set of potential causes. The most probable causes are indicated in the Description section of Event 104:
Error -1090 = 0xfffffbbe = JET_errInstanceUnavailable = This instance cannot be used because it encountered a fatal error. If ESE encounters this error, ESE will not be able to roll back any transactions and it will dismount the databases in the Storage Group for that instance of Jet.
Error -1022 = 0xfffffc02 = 4294966274 = JET_errDiskIO = Disk IO error. A disk or controller failure has occurred, and access to the entire drive has been lost, sometimes temporarily. Check the System Log for I/O or drive errors near the time of the 439 Event. In this case, you may see Error -1022 in the description of Event ID 104. The -1022 error is a generic error that appears whenever a disk input/output (I/O) problem prevents Exchange from gaining access to a requested page in the database or to a transaction log. Permissions have been removed from the folder where the file resides. The file has been marked read-only. The folder containing the file has been renamed or deleted. Error -1022 can occur when Exchange cannot write to the hard disk, and generates an error message: Either software that has been installed has prevented the write operation or the hard disk itself is corrupted. The event message, which accompanies the error message, refers to an error 1022. This type of error occurs when there is a disk input/output (I/O) error: It may mean that the hard disk has been corrupted. An error 1022 is generated by Exchange whenever Exchange cannot write to the hard disk. Even though you may have a problem with the hard disk (for example, it has been corrupted), this type of error may also be a result of other software that is not compatible with Exchange, which prevents Exchange from writing to the hard disk. This issue can also occur because of incorrect permissions on the Exchsrvr folder structure.
Error -510 = 0xfffffe02 = 4294966786 = JET_errLogWriteFail = Failure when writing to log file. This error has both been seen in the Description of Event 104 and has been more commonly with an associated event. Error -510 can be caused by permissions issues, space issues, and other issues affecting reads/writes to the disks.
   
User Action
For ESE Event ID 103, the resolution depends on the error code in the Description of the associated events in the application log. In many cases, no user intervention will be necessary.
For ESE Event ID 104, run “chkdsk /f /r” (without the quotation marks). If chkdsk does not resolve the issue, examine the permissions on the Exchsrvr folder structure. Make sure that SYSTEM has full control of Exchsrvr and all subfolders on each partition that contains Exchange data. If you still cannot mount the databases, troubleshoot any Windows NT file-level antivirus software running on the Exchange server.

Related:

%1 (%2) %3The database engine stopped.

Details
Product: Windows Operating System
Event ID: 101
Source: ESENT
Version: 5.2
Symbolic Name: STOP_ID
Message: %1 (%2) %3The database engine stopped.
   
Explanation

The extensible storage engine database engine stopped.

Possible causes include:

  • An online restoration failed. There may be missing log files on the computer or in an online restoration, or there may be old log files that are out of sequence with the log that is mentioned in the Restore.env file.
  • A database could not be loaded. The directory where the database or logs exist might not have the correct permissions assigned to it in order to load the store.
  • An information store was unloaded.
  • There might be file-level virus-scanning software running against the log file directory.
   
User Action

To troubleshoot the problem, check the Application log and the System log to determine the exact sequence of related events leading up to this event.

For more information about this event, see article Q274321 in the Microsoft Knowledge Base.

Related:

%1 (%2) %3A bad page link (error %4) has been detected in a B-Tree (ObjectId: %5, PgnoRoot: %6) of database %7 (%8 => %9, %10).

Details
Product: Exchange
Event ID: 447
Source: ESE
Version: 8.0
Symbolic Name: BAD_PAGE_LINKS_ID
Message: %1 (%2) %3A bad page link (error %4) has been detected in a B-Tree (ObjectId: %5, PgnoRoot: %6) of database %7 (%8 => %9, %10).
   
Explanation

This Error event indicates that a corrupt page link was detected in a B-Tree. Available space in the Exchange store database is in the form of a list of pages that can be used to store new data. The available space is called a space tree. The space tree is held as a binary tree that is searched whenever a block of new data needs to be added to the database.

During an online defragmentation, a problem was discovered in this tree.

This event is often caused by a hardware failure or antivirus software scanning of the database file directory.

To resolve this error, do one or more of the following:

  • Restore the database from backup. A bad page link error signifies logical corruption at the ESE level in the database, and it is not safe to continue using the database. The restore must be performed using a backup that was taken before this error occurred.

  • If you do not have a backup that was taken before the error occurred, try to repair the database. For example, you can perform a hard repair, run isinteg -fix, and then use ExMerge on the database. If you need help repairing a database, or if the problems persist, contact Microsoft Product Support. For more information, visit the Contact Us page of the Microsoft Help and Support Web site.

  • Make sure that you have properly configured your antivirus software. For more information, see the Microsoft Knowledge Base article 328841, Exchange and antivirus software.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

A corrupted calendar configuration was detected for user %1. Microsoft Exchange is resetting the configuration.

Details
Product: Exchange
Event ID: 59
Source: MSExchange OWA
Version: 8.0
Symbolic Name: CorruptCalendarConfiguration
Message: A corrupted calendar configuration was detected for user %1. Microsoft Exchange is resetting the configuration.
   
Explanation

This Error event indicates that the user’s calendar is corrupted or has been infected by a virus.

   
User Action

To resolve this error, contact Microsoft Customer Support. For information about how to contact support, visit Microsoft Help and Support.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related: