1016 Security Audit Logged for Every Exchange 2000 Push Message Sent by Mobile Information Server (278000)


The information in this article applies to:

  • Microsoft Mobile Information 2001 Server
This article was previously published under Q278000

SYMPTOMS

When you are using Mobile Information Server to send "Push" notifications to Exchange 2000 users, the following event is logged in the Application log of the Exchange 2000 server for each Push message:
Event ID: 1016
Category: Logons
Source: MSExchangeIS Mailbox
Description: Windows 2000 User DOMAIN\ENTEVENTSOURCE logged on to User@domain.com mailbox, and is not the primary Windows 2000 account on this mailbox.

CAUSE

This behavior is by design. This behavior occurs as a result of the security auditing features of Exchange 2000. When a user who is not the primary account associated with a particular mailbox logs on to that mailbox, this event is logged to prevent unauthorized users from accessing private mailbox data.
Modification Type:MinorLast Reviewed:4/25/2005
Keywords:kbprb KB278000
©2004 Microsoft Corporation. All rights reserved.