Event ID 100 — Active Directory Domain Services Availability

Event ID 100 — Active Directory Domain Services Availability

Updated: November 10, 2008

Applies To: Windows Server 2008

Active Directory Rights Management Services (AD RMS) uses Active Directory Domain Services (AD DS) to regulate access to rights-protected content for all AD RMS users in the AD DS forest. If AD DS is not available, AD RMS cannot grant licenses to publish and consume rights-protected content.

Event Details

Product: Windows Operating System
ID: 100
Source: Active Directory Rights Management Services
Version: 6.0
Symbolic Name: DirectoryServicesInitializationEvent
Message: The Active Directory Domain Services (AD DS) component failed to initialize for Active Directory Rights Management Services (AD RMS).Parameter ReferenceContext: %1RequestId: %2%3%4

Resolve
Fix Active Directory Domain Services issues

AD RMS uses Active Directory Domain Services (AD DS) to look up users that are publishing and consuming rights-protected content. If AD DS is not available, users will not be able to use AD RMS.

Use the following to fix Active Directory Domain Services issues:

  • Ensure that the AD RMS service account has read access to AD DS
  • Check network connectivity to the AD DS global catalog servers
  • Open TCP port 3268 on global catalog servers
  • Check if Lightweight Directory Address Protocol (LDAP) connection pool registry overrides are correct
  • Restart the AD RMS server

Ensure that the AD RMS service account has read access to AD DS

To perform this procedure, you must be a member of the Domain Admins group, or you must have been delegated the appropriate authority.

To ensure that the AD RMS service account has read access to AD DS:

  1. Log on to a domain controller in the AD RMS forest.
  2. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
  3. Click Users.
  4. Right-click Domain Users, and then click Properties.
  5. Click the Members tab and verify that the AD RMS service account is a member of the Domain Users group.
  6. If the AD RMS service account is not a member of the Domain Users group, you should add it.

Note: If you had to add the AD RMS service account to the Domain Users group, you must restart IIS on each AD RMS server in the cluster by running iisreset at a command prompt.

Check network connectivity to AD DS global catalog servers

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To check network connectivity from AD RMS server to AD DS global catalog server:

  1. Type ipconfig /all at a command prompt on the AD RMS server. Make sure that the AD RMS server has an IP address in the correct IP address range, and does not have an Automatic Private IP Addressing (APIPA) address (an IP address in the 169.254.x.x range).
  2. Type ping localhost to verify that TCP/IP is installed and correctly configured on the local computer. If the ping is unsuccessful, this may indicate a corrupt TCP/IP stack or a problem with the network adapter.
  3. Type ping ip_address, where ip_address is the IP address assigned to the computer. If you can ping the localhost address but not the local IP address, there may be an issue with the routing table or with the network adapter driver.
  4. Ping the AD DS global catalog server. If you cannot ping the AD DS global catalog server, this indicates a potential problem with the AD DS global catalog server, or the network in between the AD DS global catalog server and the AD RMS server in the cluster.

Open TCP port 3268 on AD DS global catalog servers

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To open TCP port 3268 on AD DS global catalog servers:

  1. Log on to the AD DS global catalog server.
  2. Click Start, and then click Control Panel.
  3. Click Allow a program through Windows Firewall.
  4. Click the Exceptions tab.
  5. Click Add Port.
  6. In the Name box, type AD DS Global Catalog.
  7. In the Port number box, type 3268.
  8. Click OK two times.

Check if Lightweight Directory Address Protocol (LDAP) connection pool registry overrides are correct

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To check if Lightweight Directory Address Protocol (LDAP) connection pool registry overrides are correct:

Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.

  1. Log on to a AD RMS server in the cluster.
  2. Click Start. In the Start Search box, type regedit, and then press ENTER.
  3. Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\DRMS\2.0.
  4. If a MinGC entry exists, make sure you have enough global catalog servers to fulfill this request and that the value in the registry is not NULL.
  5. If a ThreshHoldAlive entry exists, make sure that the value in the registry is greater than or equal to 1.
  6. If you change either of these registry settings, run iisreset from a command prompt.

Note: The value 1 for the MinGC registry entry is the default AD RMS installation value.

Restart the AD RMS server

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To restart the AD RMS server:

  1. Log on to the AD RMS server.
  2. Click Start, point to the right arrow, and then click Restart.
  3. On the Shutdown Event Tracker, in the Comment box, type Restarting AD RMS server to restore AD DS connectivity, and then click OK.

Note: Restarting the AD RMS server should only be done if the previous sections do not resolve the issue.

Verify

To perform this procedure, you must be a member of the local Users group, or you must have been delegated the appropriate authority.

Note: Microsoft Office Word 2007 is used as an example in this section. Any AD RMS-enabled application can be used in place of Word 2007.

To verify that AD RMS can access the Active Directory Domain Services forest:

  1. Log on to an AD RMS-enabled client computer.
  2. Click Start, point to All Programs, point to Microsoft Office, and then click Microsoft Office Word 2007.
  3. In the new document type This is a test document.
  4. Click the Microsoft Office Start Button, point to Prepare, point to Restrict Permissions, and then click Restricted Access.
  5. Select the Restrict permissions to this document check box.
  6. Type another AD RMS user’s e-mail address in the Read box, and then click OK.
  7. Send this file to the person who was granted access in step 6.
  8. Have this person open the document and verify that he or she cannot do anything else other than read the document, such as print it.

Related Management Information

Active Directory Domain Services Availability

Active Directory Rights Management Services

Related:

Clustered mailbox server %1 was moved from %2 to %3 with a move comment of “%4”. The move operation took %5 milliseconds for verification, %6 milliseconds to take the databases and Information Store resources offline, %7 milliseconds to take the System Attendant resource offline and to move the clustered mailbox server, %8 milliseconds for verifying that replication direction was reversed for the storage groups, and %9 milliseconds to bring the Information Store and databases resources online.

Details
Product: Exchange
Event ID: 100
Source: MSExchangeRepl
Version: 8.0
Symbolic Name: MoveSuccess
Message: Clustered mailbox server %1 was moved from %2 to %3 with a move comment of “%4”. The move operation took %5 milliseconds for verification, %6 milliseconds to take the databases and Information Store resources offline, %7 milliseconds to take the System Attendant resource offline and to move the clustered mailbox server, %8 milliseconds for verifying that replication direction was reversed for the storage groups, and %9 milliseconds to bring the Information Store and databases resources online.
   
Explanation

This Information event indicates that clustered mailbox server %1 was moved from %2 to %3 with a move comment of “%4”. The move operation took %5 milliseconds for verification, %6 milliseconds to take the databases and Information Store resources offline, %7 milliseconds to take the System Attendant resource offline and to move the clustered mailbox server, %8 milliseconds for verifying that replication direction was reversed for the databases, and %9 milliseconds to bring the Information Store and database resources online.

   
User Action

This event is a success notification and requires no user action.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

Example: Generate Alert if tmp*.log size is more than 100 MB.

Details
Product: Windows Operating System
Event ID: 100
Source: FileSize
Version: 5.2.3790.1830
Message: Example: Generate Alert if tmp*.log size is more than 100 MB.
   
Explanation

This rule is provided as an example of a file size monitoring rule. Copy this rule and configure it to create rules you can use to monitor the size of log files, or other files that can inadvertently become too large.

   
User Action

To copy this rule and configure it:

  1. Right-click the rule and click Copy.
  2. Right-click the Event Rules node and click Paste.
  3. If you are working in authoring mode and the Copy Knowledge Authoring Entry window opens, click Copy the knowledge authoring entry for the new rule, and then click OK.
  4. A new rule named Copy of Example: Generate Alert tmp*.log size is more than 100 MB will be created. Double-click the new rule and type a new, descriptive name for it.
  5. To configure the size thresholds and the file name pattern that you want to monitor, in the Criteria tab, click Advanced.

Related:

%1 (%2) %3The database engine %4.%5.%6.%7 started.

Details
Product: Windows Operating System
Event ID: 100
Source: ESENT
Version: 5.2
Symbolic Name: START_ID
Message: %1 (%2) %3The database engine %4.%5.%6.%7 started.
   
Explanation

The extensible storage engine database engine started.

   
User Action

No user action is required.

For more information about this event, see articles Q225346 and Q318116 in the Microsoft Knowledge Base.

Related:

process name (process id) valueThe database engine value.value.value.%7 started.

Details
Product: Exchange
Event ID: 100
Source: ESE
Version: 6.5.0000.0
Message: process name (process id) valueThe database engine value.value.value.%7 started.
   
Explanation

ESE Event ID 100 indicates that the database engine started.

ESE Event ID 101 indicates that the database engine stopped.

ESE Event ID 100 is usually followed by a series of other ESE Events

describing an online restore, or mounting of information store databases.

If an online restore fails to complete, or a database fails to mount, you may

receive an Event ID 101, indicating that the database engine has stopped.

You may also receive this event when an information store dismounts for any

reason.  If you try to mount the store again and the store fails to mount,

you may receive Event ID 100 indicating the database engine started, and then

again receive Event ID 101, indicating the database engine failed to start.

In Exchange System Manager, if the arrow points down and is red, which displays

on the Exchange System Manager icon, this indicates that the stores are

dismounted.

In summary, receiving ESE Event ID 100 simply means that the database engine

started.  It does not mean the information store will mount, since it may be

followed by an ESE Event ID 101, which means the database engine stopped.

In this case, the store failed to mount. The reasons for ESE Event ID 101

are many and varied.  These events by themselves are generic for restoring

and for mounting of the information store databases.

For examples of causes, there may not be enough permissions on the
directory where the database or logs exist to mount the store. There may

be missing log files on the production, or in an online restore, there may be

old log files that are out of sequence with the log that is mentioned in

Restore.env file. There may be file level virus scanning software running

against the log file directory.

   
User Action

In normal operations, if you receive ESE Event ID 100 or ESE Event 101, and

Exchange is functioning normally, no user action is required.

However, if an online aware restore of Exchange fails, or an information

store database fails to mount as expected, then ESE Event ID 101 indicates that

a problem with the database or its logs may exist. Check the Application

log and the System log for related events to determine the exact sequence of

events that lead up to ESE Event ID 101.

Related:

() The database engine … started.

Details
Product: Exchange
Event ID: 100
Source: ESE
Version: 6.5.6940.0
Component: Microsoft Exchange Extensible Storage Engine
Message: <process name> (<process id>) <instance>The database engine <value>.<value>.<value>.<value> started.
   
Explanation

ESE Event ID 100 indicates that the database engine started.

ESE Event ID 101 indicates that the database engine stopped.

ESE Event ID 100 is usually followed by a series of other ESE events describing an online restore, or mounting of Exchange store databases. If an online restore fails to complete, or a database fails to mount, you could receive an Event ID 101, indicating that the database engine has stopped. You could also receive this event when an Exchange store dismounts for any reason. If you try to mount the store again and the store fails to mount, you may receive Event ID 100 indicating the database engine started, and then again receive Event ID 101, indicating the database engine failed to start. In Exchange System Manager, if the arrow points down and is red, which displays on the Exchange System Manager icon, this indicates that the stores are dismounted.

In summary, receiving ESE Event ID 100 simply means that the database engine started. It does not mean the Exchange store will mount, because it may be followed by an ESE Event ID 101, which means the database engine stopped. In this case, the store failed to mount. The reasons for ESE Event ID 101 are many and varied. These events by themselves are generic for restoring and for mounting of the information store databases.

For examples of causes, there may not be enough permissions on the directory where the database or logs exist to mount the store. There may be missing log files on the production, or in an online restore, there may be old log files that are out of sequence with the log that is mentioned in Restore.env file. There may be file-level virus scanning software running against the log file directory.

   
User Action

In normal operations, if you receive ESE Event ID 100 or ESE Event 101, and Exchange is functioning normally, no user action is required. However, if an online-aware restore of Exchange fails, or an Exchange database fails to mount as expected, then ESE Event ID 101 indicates that a problem with the database or its logs may exist. Check the application log and the system log for related events to determine the exact sequence of events that lead up to ESE Event ID 101.

Related:

Protocol Analysis Background agent warning. The queue this agent uses is full. This does not affect SRL calculations. Open proxy, reverse DNS, and sender blocking are affected.

Details
Product: Exchange
Event ID: 100
Source: MSExchange Antispam
Version: 8.0
Symbolic Name: AgentQueueFull
Message: Protocol Analysis Background agent warning. The queue this agent uses is full. This does not affect SRL calculations. Open proxy, reverse DNS, and sender blocking are affected.
   
Explanation

This Warning event indicates that the work queue that the Protocol Analysis agent uses is full. As stated in the event description, sender reputation level (SRL) calculations are not affected. Open proxy, reverse DNS, and sender blocking are affected. Specifically, each connection is processed on a first-in first-out basis. If the queue is full, no new connection data is submitted for processing. Therefore, new connections are delayed until the queue falls below the maximum value. This warning may appear during times when the server is functioning at peak design load.

For information about sender reputation anti-spam functionality on servers that run Microsoft Exchange Server 2007, see Sender Reputation.

   
User Action

No user action is required if this event rarely occurs. However, if the warning persists, follow one or more of these steps:

  • Review the Application event log for related events. For example, events that occur immediately before and after this event may provide more information about the root cause of this error.

  • If this event seems to be causing mail flow interruptions or other problems in your Exchange environment, contact Microsoft Product Support. For information about how to contact support, visit Microsoft Help and Support.

    Note   The maximum queue length is controlled by the msExchSenderReputationMaxWorkQueueSize attribute of the Sender Reputation object in the Message Hygiene options of the Transport Settings in the Active Directory directory service.

    The default value for msExchSenderReputationMaxWorkQueueSize attribute is 1,000.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related: