The Exchange Active Directory Provider couldn't read an attribute from the root DSE of the Active Directory server.
Applies to: Operations Manager Management Pack for Exchange 2010
Topic Last Modified: 2011-08-02
The Microsoft Exchange Server 2010 Management Pack for System Center Operations Manager monitors the Windows Application log on computers running Exchange 2010 and generates this alert when the events specified in the following Details table are logged.
To learn more about this alert, in Operations Manager, do one or more of the following:
From the Operations Console, double-click this alert, and then click the General tab. Review the description of the alert that includes the variables specific to your environment.
From the Operations Console, double-click this alert, and then click the Alert Context tab. Review the logged events that meet the criteria of this Operations Manager alert.
Details
Product Name |
Exchange |
Product Version |
14.0 (Exchange 2010) |
Event ID |
2137 |
Event Source |
MSExchange ADAccess |
Alert Type |
Error |
Rule Path |
Microsoft Exchange Server/Exchange 2010/Common Components/Active Directory Access |
Rule Name |
The Exchange Active Directory Provider couldn't read an attribute from the root DSE of the Active Directory server. |
Explanation
This Error event may indicate that the attribute specified in the event description does not contain any value. It may also indicate that the value could not be read. Root Directory Service Entry, also known as RootDSE, is the root of the Active Directory data tree on an Active Directory server. RootDSE attributes are used to retrieve distinguished names of the domain, schema, and configuration containers of the directory server . This event is caused by a missing or an invalid value in the RootDSE attribute specified in the event description.
For more information about RootDSE attributes, see RootDSE at the MSDN Web site.
User Action
To resolve this error, use LDP.exe to make sure that the Exchange server that logged this event can read defaultNamingContext, schemaNamingContext, configurationNamingContext, and rootDomainNamingContext naming contexts from the Active Directory server. Perform the following procedure:
Click Start, click Run, type ldp.exe, and then click OK.
On the Connections menu in the LDP window, click Connect.
In the Connect box, type the name of the Active Directory server specified in the event description, and then click OK.
Details about the Exchange server that connects to the Active Directory server are displayed in the results pane. The output is also known as RootDSE information.
Make sure that the naming context attributes defaultNamingContext, schemaNamingContext, configurationNamingContext, and rootDomainNamingContext display correct information. For a sample RootDSE information, see Microsoft Knowledge Base article 837964, Security issues with LDAP NULL base connections.
If the naming context attributes defaultnamingContext, schemaNamingContext, configurationNamingContext, and rootDomainNamingContext display incorrect or invalid information, review the Application log and System log on the Active Directory and the Exchange server for any corresponding Warning or Error events.
For More Information
If you are not already doing so, consider running the Exchange tools, which have been created to help you analyze and troubleshoot your Exchange environment. These tools can help make sure that your configuration aligns with Microsoft best practices. They can also help you identify and resolve performance issues and improve mail flow. To run these tools, go to the Toolbox node of the Exchange Management Console. To learn more about these tools, see Managing Tools in the Toolbox.