Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Introduction
As many of you know, Exchange is very sensitive when it comes to ___domain controllers and Active Directory Sites and Services.
Issue
The above set of errors/warnings were happening on 1 server and the error does throw you off a bit, where it says that the Audit Security Privilege on the ___domain controller......error below:
The Exchange computer does not have Audit Security Privilege on the ___domain controller.
This ___domain controller will not be used by Exchange Active Directory Provider
EventID 2112
https://www.collaborationpro.com/wp-content/uploads/2020/08/image.png
You think something is wrong with Group Policy especially the Domain Controller policy. The next set of errors present themselves like clockwork and you can fill the event viewer application logs with a couple of thousand logs in 10 min.
EventID 2077
Active Directory Provider could not find minimal required number of suitable ___domain controller sdervers in either local site ...the following sites
https://www.collaborationpro.com/wp-content/uploads/2020/08/image-1.png
EventID 2069
Active Directory Provider could not find minimal required number of suitable ___domain controller servers in either local site ...the following sites
https://www.collaborationpro.com/wp-content/uploads/2020/08/image-2.png
EventID 2142
https://www.collaborationpro.com/wp-content/uploads/2020/08/image-3.png
Troubleshooting
Is there something wrong in Active Directory? Is is broken? Do I need to recover?
While in some cases Group Policy has been the culprit, in this scenario, it was because the Computer Object was missing from the following Exchange Security Groups:
- Exchange Servers
- Exchange Trusted Subsystem
Solution
Once the server was added back to these groups and the server was rebooted, everything started working again like it should. The Topology events were showing the ___domain controllers and no more errors were being logged.