As many of you know, Exchange is very sensitive when it comes to domain controllers and Active Directory Sites and Services.

The above set of errors/warnings were happening on 1 server and the error does throw you off a bit, where it says that the Audit Security Privilege on the domain controller……error below:

You think something is wrong with Group Policy especially the Domain Controller policy. The next set of errors present themselves like clockwork and you can fill the event viewer application logs with a couple of thousand logs in 10 min.

Is there something wrong in Active Directory? Is is broken? Do I need to recover?

While in some cases Group Policy has been the culprit, in this scenario, it was because the Computer Object was missing from the following Exchange Security Groups:

  • Exchange Servers
  • Exchange Trusted Subsystem

Once the server was added back to these groups and the server was rebooted, everything started working again like it should. The Topology events were showing the domain controllers and no more errors were being logged.

Hope it helps.

Categories: Exchange 2016