| Event Id | 2112 |
| Source | MSExchangeDSAccess |
| Description | Process <process name> (PID=<process id>). Exchange Server <server name> does not have Audit Security Privilege on Domain Controller <server name>. This Domain Controller will not be used by DSAccess. |
| Event Information | According to Microsoft: The Exchange server specified in the event text does not have the Audit Security Privilege on the domain controller specified in the event. DSAccess will not use that domain controller until this is remedied. Possible causes include: * Exchange setup has not completed the "domain prep" stage for this domain, or the Recipient Update Service is not configured in this domain. * A permissions modification was made that caused the Exchange server to lose its permissions in Active Directory. * The Audit Security Privilege was lost.. User Action: If you have not run "domain prep" or RUS is not configured in the domain, do so. Otherwise run the utility "policytest.exe" that is located in the "Support" folder on the Microsoft Exchange CD. It will produce a list of domain controllers and will report the presence or absence of the required privilege. If the privilege is lost, repeat the ""domain prep" step. If the privilege is found on all domain controllers, try to find out what happened to the permissions. Make sure that the Microsoft Exchange server is still a member of the "Exchange Domain Servers" group, and that group is a member of "Exchange Enterprise Servers" group. Also make sure that the group permissions are inherited by the Microsoft Exchange computer account. |
| Reference Links | Exchange Networking Performance Is Very Slow |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.