Information store does not start with event ID 9530 and 5000 messages in Exchange 2000 Server and in Exchange Server 2003 (281850)
The information in this article applies to:
- Microsoft Exchange Server 2003 Enterprise Edition
- Microsoft Exchange Server 2003 Standard Edition
- Microsoft Exchange 2000 Server
- Microsoft Windows Small Business Server 2003, Premium Edition
- Microsoft Windows Small Business Server 2003, Standard Edition
This article was previously published under Q281850 SYMPTOMS The Microsoft Exchange 2000 Server or Microsoft Exchange
Server 2003 information store fails to start, and the following event ID
messages may be logged in the Application event log:
Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 9530
Description:
Error 0x514 occurred while attempting to enable the "Generate Security Audits" privilege.
To grant the Generate Security Audits privilege to the Microsoft Exchange service account, open the Windows 2000 Group Policy editor.
If the machine is not domain controller, select the Local Computer policy object.
If it is a domain controller,... ... ...
Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 5000
Description:
Unable to initialize the Microsoft Exchange Information Store service. Error 0x3f5.
CAUSE This issue can occur if either of the following conditions
is true:
- The Exchange 2000 or Exchange 2003 Microsoft Exchange
Information Store service (Store.exe) is using an account other than the system
account.
- The domain controller, the domain, or the Local Machine
Security Policy does not include the Local Service account in
the Generate security audits policy.
RESOLUTION By default, the Exchange Information Store service uses the
Local System account to start the Information Store service (MACHINENAME$). Use
the Services.msc snap-in to check
which
account
is being used
to start the Information Store service.
If the account is the Local System account, you must regrant the Local
System account the Generate
security audits right.
To do this, use one of the following methods:
- Rerun the Exchange Setup /domainprep
command from this computer.
- Manually grant the Local System account the Generate
security
audits
right on one of the following policies:
- The domain controller's policy
- The domain policy
- The Local Machine Security Policy
To regrant this right to the Local Machine Security Policy of a
member server, follow these steps. Note If this issue is only
occurring on one server, this is the recommended solution.
- Click Start, click
Administrative Tools, and
then click Local Security
Policy.
- Expand Security Settings, click
Local Policies, and
then click User Rights
Assignment.
- In the right pane, double-click Generate security
audits, click Add, enter the MACHINENAME$, and then
click OK two times.
- Exit the Group Policy snap-in.
If you start the Information Store service by using an account
that is not the Local System
account, you should change it back to the Local System account
(MACHINENAME$). Then, try to start the Information Store service.
For more
information about why Exchange 2000 Server and Exchange Server 2003 use the
Local System account to start Exchange services, click the following article
number to view the article in the Microsoft Knowledge Base: 239762
Exchange services run under LocalSystem
| Modification Type: | Major | Last Reviewed: | 10/11/2006 |
|---|
| Keywords: | kberrmsg kbprb KB281850 |
|---|
|