MSExchange ADAccess Event 2080 - Error SACL Right

Hi all,

This is a quick post to show how to fix the error on Exchange servers Event ID 2080 SACL right.

Issue

In the case your Exchange servers lost, or for any reason, don´t have the proper Audit Security Privilege set up on Domain Controllers, you will face the below issue:



As you can see above, some of the servers In-site have the correct permission (value =1 ), and others do not, including the Out-of-site DCs, which is more critical as in the case all In-site DCs lost communication as well, the Exchange services will go down.

Resolution

To fix the above issue, you need to assign the proper rights to your Exchange servers on the Domain Controllers policy, as shown below:


Edit the above setting, and add the group domain\Exchange Servers:


Force the new setting on your DCs with gpupdate /force

Wait a few minutes and your Exchange servers will now be able to retrieve the proper information from your DCs:


And now the correct values are shown on the Event ID 2080 again:


I hope this post has been informed for you.

Comments