MSExchangeTransport 16019

  • Article

 

This article provides an explanation and possible resolutions for a specific Exchange event. If you don't find what you’re looking for here, try searching Exchange 2010 Help.

Details

Product Name

Exchange

Product Version

14.0

Event ID

16019

Event Source

MSExchangeTransport

Category

Configuration

Symbolic Name

ConfigurationLoaderException

Message Text

Active Directory directory service encountered an error for %1. Microsoft Exchange will retain the existing configuration, if available. Exception details: %2

Explanation

This Error event indicates that the Microsoft Exchange Transport service could not contact the Active Directory directory service to update its configuration data.

Microsoft Exchange Server 2010 uses an ESE database to store queued messages and configuration information, such as IP allow lists, IP block lists, and sender repudiation information. When changes are made to the transport configuration, the Active Directory directory service notifies the transport server to update its configuration cache. When the transport server receives this type of notification, it reloads the configuration from Active Directory into the cache, and then uses the new information for subsequent message transfer operations.

If the Microsoft Exchange Transport service cannot contact Active Directory, configuration changes that have been made to the Transport pipeline may not take effect.

This issue may occur because of a permissions issue or a connectivity issue. This issue may also occur if the appropriate security access control list has not been set during the domain preparation part of Exchange Setup.

For more information about the transport architecture in Exchange 2010, see Understanding Transport Pipeline and also see the Exchange Server Team Blog article Exchange 2010 Transport Architecture Diagrams Available for Download.

The content of each blog and its URL are subject to change without notice. The content within each blog is provided "AS IS" with no warranties, and confers no rights. Use of included script samples or code is subject to the terms specified in the Microsoft Terms of Use.

User Action

To troubleshoot this issue, do one or more of the following:

  • Review the Application log and System log on your Exchange 2010 servers for related events. For example, events that occur immediately before and after this event may provide more information about the root cause of this error.

  • Verify the group membership for the Exchange Trusted Subsystem object. To do this, follow these steps:

    1. Start the Active Directory Users and Computers MMC snap-in.

    2. Under the domain name (for example, contoso.com), click the Microsoft Exchange Security Groups container.

    3. In the details pane, right-click the Exchange Windows Permissions group, and then click Properties.

    4. Click the Members tab, and then add the Exchange Trusted Subsystem object, if this object is not already present.

    5. Click OK two times.

    6. On the Exchange server, click Start, click Run, type lusrmgr.msc, and then click OK.

    7. In the Local Users and Groups snap-in, click Groups.

    8. In the details pane, right-click Administrators, and then click Properties.

    9. If EXAMPLE\Exchange Trusted Subsystem is not listed in the Members list, add the Exchange Trusted Subsystem object.

    10. Click OK two times, and restart the Exchange server.

    11. Re-run the Exchange Setup program to run the PrepareDomain component. For more information, see Prepare Active Directory and Domains.

  • Examine the Windows Firewall settings to verify that exemptions are listed for all the Exchange services. To do this, follow these steps:

    1. Start the Windows Firewall Control Panel item.

    2. Click Allow a program through Windows Firewall.

    3. Click the Exceptions tab, and then verify that the following exception check boxes are selected:

    • Microsoft Exchange Server

    • MSExchangeIS

    • MSExchangeSA

    1. Click OK, and then, restart the Active Directory topology service.

  • Verify network connectivity with the domain controller. Specifically, verify that you can use the Ping.exe command to reach the global catalog servers that are in the same site as the Exchange server. Use the Ping.exe command to verify connectivity by using the IP addresses and FQDNs of the global catalog servers.

  • If the Exchange Setup/PrepareDomain step generated any errors, rerun the command to prepare the domain for Exchange.

  • Verify that the Exchange server is a member of the Exchange Servers group in Active Directory.

  • Verify that the Exchange Servers group is listed in the Manage auditing and security log policy setting. If the group is not listed in this policy, add it. To view this policy, follow these steps:

    1. Start the Group Policy Management tool. To do this, click Start, point to Administrative Tools, and then click Group Policy Management.

    2. Expand the forest object, expand the domain object, expand the Domain Controllers object, right-click the Default Domain Controllers Policy object, and then click Edit.

    3. Expand Computer Configuration, expand Policies, expand Windows Settings, expand Security Settings, expand Local Policies, and then click User Rights Assignment.

    4. In the list of policies, double-click the Manage auditing and security log policy.

    5. If EXAMPLE\Exchange Servers is not listed, add the Exchange Servers group.

    6. Click OK, exit the Group Policy Management Editor, and then run gpupdate /force on the Exchange server.

  • Resolve your issue by using self-support options, assisted support options, and other resources. You can access these resources from the Exchange Server Solutions Center. From this page, click Self-Support Options in the navigation pane to use self-help options. Self-help options include searching the Microsoft Knowledge Base, posting a question at the Exchange Server forums, and other methods. Alternatively, in the navigation pane, you can click Assisted Support Options to contact a Microsoft support professional. Because your organization may have a specific procedure for directly contacting Microsoft Product Support Services, be sure to review your organization's guidelines first.

For more information about the transport pipeline in Exchange 2010, see Understanding Transport Pipeline and also the Exchange Server Team blog article,

Exchange 2010 Transport Architecture Diagrams Available for Download.

The content of each blog and its URL are subject to change without notice. The content within each blog is provided "AS IS" with no warranties, and confers no rights. Use of included script samples or code is subject to the terms specified in the Microsoft Terms of Use.