XADM: Migrated Exchange Server 5.5 Mailboxes Generate Event ID 9551 Warning Messages for the ACL
Event Source: MSExchangeIS Mailbox Store
Event Category: (6)
Event ID: 9551
Time: 1:00:00 AM
Description: An error occurred while upgrading the ACL on folder [MBX:User1]/Calendar located on database "Server1\Mailbox Store 1 (server)". The Information Store was unable to convert the security for /O=ORGANIZATION/OU=SITE/CN=RECIPIENTS/CN=123456 into an NT Security Identifier. It is possible that this is caused by latency in the Active Directory Service, if so, wait until the user record is replicated to the Active Directory and attempt to access the folder (it will be upgraded in place). If the specified object does NOT get replicated to the Active Directory, use the Microsoft Exchange System Manager or the Exchange Client to update the ACL on the folder manually. The access rights in the ACE for this DN were 0x401.
The recommended resolution is to run the DS/IS consistency checker against the information store before migration. All information store migrations (both private and public) should run the DS/IS consistency checker to prevent this problem. The following workaround of applying the new build and installing the registry settings and the Deadlist.txt file are supported for situations where the migration has occurred and the server cannot be restored to a pre-migration state, and therefore, performing the DS/IS consistency check is not a possibility. The creation of the Deadlist.txt file can be a tedious and time-consuming activity. This workaround is not meant to be a replacement for running the DS/IS consistency checker before the migration.
To resolve this problem, obtain the latest service pack for Microsoft Exchange 2000 Server. For additional information, click the following article number to view the article in theMicrosoft Knowledge Base:
Component: Information store
After you apply this fix, to implement it, you must create a text file that includes the distinguished names that you are getting warning messages for. To implement the fix, you must also use Registry Editor.
To implement the fix:
- Create a text file in a text editor, such as Microsoft Notepad.
- Insert the address distinguished names from the 9551 event ID warning messages, for example:/O=ORGANIZATION/OU=SITE/CN=RECIPIENTS/CN=123456
- Place each distinguished name on a separate line, separated by a carriage return/line feed (CR/LF).
- Save the text file in a subfolder on the Exchange 2000 server. (note the location of the file because you will need it later), for example:C:\DeadDir\DeadList.TXT
- Start Registry Editor (Regedt32.exe).
- Locate the following key in the registry:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
- On the Edit menu, click Add Value, and then add the following registry value:Value name: DNDeadListFor example, this value might be:
Data type: REG_SZ
Value: drive_letter:\subfolder>..\file_name.extValue: C:\DeadDir\DeadList.TXTNOTE: This file must reside locally on the server that this is being performed on and the file size cannot exceed 128 kilobytes (KB).
- Quit Registry Editor.
- Stop and then restart the Microsoft Exchange Information Store service so that changes can occur.
Article ID: 318549 - Last Review: 10/26/2013 10:53:00 - Revision: 5.0
- kbnosurvey kbarchive kbbug kbexchange2000presp3fix kbexchange2000sp3fix kbfix KB318549