MSExchangeIS 9519 (0x89a): Well Known Security Identifier Included in the Store ACL

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at]  

Topic Last Modified: 2008-02-20

The Microsoft Exchange Database Troubleshooter Tool detected one or more MSExchangeIS 9519 events with error code 0x89a in the Application log. The event indicates that the database specified could not be mounted because the Exchange organization has more than one domain and one or more well known security identifiers is included in the access control list (ACL) for the database.

This problem occurs if the following conditions are true:

  • The security descriptor of a database object is modified to include a well-known user or a well-known group.

  • More than one domain exists in the forest.

This problem may also occur if a security identifier (SID) in the database object has conflicting values with another object in the Active Directory directory service for one of the following attributes:

  • objectSID

  • msExchMasterAccountSid

  • SIDHistory

These attributes must be unique in the forest.

To resolve the issue for Exchange Server 2003, follow the guidance in the following Microsoft Knowledge Base articles:

To resolve the issue for Exchange Server 2007, install Exchange Server 2007 Service Pack 1 (SP1) from the Exchange Server 2007 Downloads page (