|Message:||Process %1 (PID=%2). An LDAP search call returned a referral – Server=%3 Error code=%4. Base DN=%5, Filter=%6, Scope=%7.|
This Error event indicates that the Exchange server is unable to process Light-weight Directory Access Protocol (LDAP) requests through Directory Service Access (DSAccess) to query Active Directory information on domain controllers or global catalog servers.
This event may be caused because internal Domain Name System (DNS) servers are also configured as external servers on the domain controllers or global catalog servers. Since internal DNS servers are also configured as external DNS servers, LDAP response time may be slow and queries may return null data.
Note Active Directory uses DNS as its domain controller location mechanism and leverages the namespace design of DNS in the design of Active Directory domain names.
This error could mean that LDAP read time and overall access to domain controllers from back-end and front-end Exchange servers is slow. Clients could therefore have slow e-mail access.
Note Directory Service Access (DSAccess) is a shared API that is used by multiple components in Exchange Server 2003 to query Active Directory and obtain both configuration and recipient information. In addition, DSAccess maintains a cache that is used to minimize the load on Active Directory by reducing the number of Lightweight Directory Access Protocol (LDAP) requests that individual components send to Active Directory servers.
To resolve this error, do one or more of the following:
Note The SRV record is used to map the name of a service (in this case, the LDAP service) to the DNS computer name of a server that offers that service. In a Windows Server 2003 network, an LDAP resource record locates a domain controller.
For more information about verifying SRV records on DNS servers running Windows Server 2003, see Microsoft Knowledge Base article 816587, How to verify that SRV DNS records have been created for a domain controller.