If you found an 8011 that shows a search for a range of USNs including your test user, the next question is did the search return any results. Just after the 8011 you should find an 8012:
Event Type: Information
Event Source: MSExchangeAL
Event Category: LDAP Operations
Event ID: 8012
Description:
Search of directory bilongexch1.bilong.test at base 'DC=bilong,DC=test' returned 16 objects.
If you do not find an 8012 event corresponding to the 8011, then Exchange did not see a response to that search. Typically this would indicate a network problem and cause the RUS to hang at that point. After that you usually do not see any more 8011 queries against the root of the domain, because the RUS continues to wait for a response to this search. If you are seeing this behavior repeatedly, it's best to get a Netmon trace capturing the behavior so the network problem can be identified.
If the search returned 0 objects, then the Exchange server computer account did not have permissions to see that user object. These permissions come from the Exchange Enterprise Servers group, which is granted permissions at the root of the domain when setup /domainprep is run. If these permissions are changed, or if inheritance on a subcontainer is removed, this can prevent Exchange from seeing the user. Also, the Exchange Enterprise Servers group for that domain should contain the Exchange Domain Servers groups for all the other domains, and one of the Exchange Domain Servers groups should contain the Exchange server responsible for this RUS. If this chain of membership has been broken, that can also keep the Exchange server from seeing the user.
If the search returns more than 20 objects, you will see more than one 8012 event. The RUS uses a page size of 20 for this search, so the results are returned in batches of 20. Expect to see an 8012 for every 20 objects returned.
If the search did return some objects, the events following the 8012 should list the objects that are being queued for processing:
Event Type: Information
Event Source: MSExchangeAL
Event Category: Address List Synchronization
Event ID: 8175
Description:
Processing change to 'CN=e2kuser7,CN=Users,DC=bilong,DC=test'.
Event Type: Information
Event Source: MSExchangeAL
Event Category: Address List Synchronization
Event ID: 8134
Description:
Queuing request to process 'CN=e2kuser7,CN=Users,DC=bilong,DC=test'.
By examining the 8175 and 8134 events following the 8012, you can determine if the user you're interested in was returned in the search. If the user in question was not returned, this would indicate a permissions problem as noted above. When the RUS is done queuing changes to process, you'll see:
Event Type: Information
Event Source: MSExchangeAL
Event Category: Address List Synchronization
Event ID: 8169
Description:
Retrieved all directory changes under: 'DC=bilong,DC=test'.
No comments:
Post a Comment