SYMPTOMS
If Microsoft Exchange is installed in multiple domains that
contain global catalog servers, and those global catalog servers are used to
resolve Exchange queries, the following error messages may be logged in the
Exchange server Application event log and Directory Service log.
The
following error message may be logged in the Application event log:
Event: 8270
Source: MSExchangeAL
Type:
Error
Description:
LDAP returned error [34] Unavailable when
importing transaction
dn:(GUID=877389AE-4DC5-4D81-9237-1170498CC2AA)
changetype: Modify
member:add:(GUID=4F35077F-E872-4E55-943B-07A53E05CFD6)
-
DC=domain,DC=com
The following error message may be logged in the
Directory Service log:
Event: 1126
Source: NTDS
General
Type: Error
Description:
Unable to establish connection
with catalog
Note On domain controllers, you may also see event error messages that are similar to
the following:
Event ID: 1126
Source: NTDS General
Type: Error
Description: Unable to establish connection with global catalog.
Event ID: 1188
Source: NTDS General
Type: Error
Description: A thread in the directory is waiting in a remote procedure call (RPC) to directory <directory> performing a(n) <operation name> operation. The directory has attempted to cancel the call and recover thread id <thread id>. If this condition persists, stop and restart that Windows Domain Controller.
WORKAROUND
If event 8270 references a GUID in the
Description field, the group membership of the Exchange
Enterprise Servers group has not been modified.
To work around this
behavior, use the Active Directory Users and Computers Microsoft Management
Console (MMC) snap-in to manually modify the group membership of the Exchange
Enterprise Servers group:
- Start the Active Directory Users and Computers MMC
snap-in.
- In the Users container, locate and then
open the properties of the Exchange Enterprise Servers group.
- Click the Members tab, and then click
Add.
- In the Look in list, click the remote
domain.
- In the remote domain, locate the Exchange Domain Servers
group, click Add, and then click
OK.
- If the membership of the Exchange Enterprise Servers group
displays the Exchange Domain Servers group from the remote domain, click
OK to close the dialog box.
If event 8270 references
<SID=0102000000000005200000002A020000> in the
Description field, the group membership of the Pre-Windows
2000 Compatible Access Builtin group has not been modified.
To work
around this behavior, use the Active Directory Users and Computers Microsoft
Management Console (MMC) snap-in to manually modify the group membership of the
Pre-Windows 2000 Compatible Access Builtin group:
- Start the Active Directory Users and Computers MMC snap-in.
- In the Builtin container, locate and then
open the properties of the Pre-Windows 2000 Compatible Access group.
- Click the Members tab, and then click
Add.
- In the Look in list, click the remote
domain.
- In the remote domain, locate the Exchange Domain Servers
group, click Add, and then click
OK.
- If the membership of the Pre-Windows 2000 Compatible Access
Builtin group displays the Exchange Domain Servers group from the remote
domain, click OK to close the dialog box.