Event Id | 9074 |
Source | MSExchangeSA |
Description | The Directory Service Referral interface failed to service a client request. RFRI is returning the error code:[0x3f0]. |
Event Information | "According To Microsoft" CAUSE: This issue may occur if the Manage Auditing and Security Log right (SeSecurityPrivilege) was removed for the Exchange Enterprise Servers domain local group on some or all of the domain controllers. When the first Exchange computer is installed in a domain, or when Exchange Setup is run with the /domainprep switch, the Exchange Enterprise Servers group is given the SeSecurityPrivilege right. If the SeSecurityPrivilege right is later removed, Exchange computers that use domain controllers in the domain stop working, but not immediately. When Kerberos security refresh intervals expire or Exchange services are restarted on particular servers, the issues become evident. RESOLUTION: To resolve this issue, use the Policytest.exe utility to check the status of the SeSecurityPrivilege right on all of the domain controllers in a single domain. The Policytest.exe utility is included on the Exchange 2000 installation CD-ROM. To determine whether or not Exchange 2000 Enterprise server has the SeSecurityPrivilege right on a domain controller: 1. Log on to the domain controller as a domain administrator, and then start the Domain Controller Security Policy console. (By default, the Domain Controller Security Policy console is located on the Start menu in the Administrative Tools group.) 2. Expand Security Settings, and then expand Local Policies. Expand User Rights Assignment, and then open the properties of Manage Auditing and Security Log. You can grant the SeSecurityPrivilege right directly to Exchange 2000 Enterprise servers, or you can run Exchange 2000 Setup again with the /domainprep switch to grant the SeSecurityPrivilege right automatically. If you run Setup.exe with the /domainprep switch, you do not interrupt service on existing Exchange computers. Another advantage of this method is that it checks and resets other default rights and group memberships that may als |
Reference Links | XADM: Exchange 2000 Error Messages Are Generated Because of SeSecurityPrivilege Right and Policytest Issues |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.