MSExchange ADAccess 2394

  • Article

 

This article provides an explanation and possible resolutions for a specific Exchange event. If you don't find what you’re looking for here, try searching Exchange 2010 Help.

Details

Product Name

Exchange

Product Version

14.0

Event ID

2394

Category

LDAP

Symbolic Name

DSC_EVENT_REFERRAL

Message Text

Process %1 (PID=%2). An LDAP search call returned a referral - Server=%3 Error code=%4 (%8). Base DN=%5, Filter=%6, Scope=%7.

Explanation

This Error event indicates that the Microsoft Exchange server cannot process Light-weight Directory Access Protocol (LDAP) requests through Directory Service Access (DSAccess) to query Active Directory information on domain controllers or on global catalog servers. This event may occur if internal Domain Name System (DNS) servers are also configured as external servers on the domain controllers or on global catalog servers. Because internal DNS servers are also configured as external DNS servers, LDAP response time may be slow, and queries may return null data.

Note exADNoMk uses DNS as its domain controller location mechanism, and leverages the namespace design of DNS in the design of exADNoMk domain names.

This error could mean that LDAP read time and overall access to domain controllers from back-end and front-end Exchange servers is slow. Clients could, therefore, have slow e-mail access.

Note   Directory Service Access (DSAccess) is a shared API that is used by multiple components in Microsoft Exchange Server 2003 to query Active Directory and to obtain both configuration and recipient information. In addition, DSAccess maintains a cache that is used to minimize the load on Active Directory by reducing the number of Lightweight Directory Access Protocol (LDAP) requests that individual components send to Active Directory servers.

User Action

To resolve this error, do one or more of the following:

  • Set up an internal DNS server to which Exchange can send LDAP requests.

  • Check that DNS servers on domain controllers or on global catalog servers have proper Service Location (SRV) locator resource records and are responding to SRV location requests.
    Note The SRV record is used to map the name of a service (in this case, the LDAP service) to the DNS computer name of a server that offers that service.