Microsoft KB Archive/818190

= An LDAP filter error causes the Exchange Recipient Update Service not to stamp newly created users =

Article ID: 818190

Article Last Modified on 10/25/2007

-

APPLIES TO


 * Microsoft Exchange 2000 Server Standard Edition
 * Microsoft Exchange 2000 Enterprise Server
 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition

-



This article is a consolidation of the following previously available articles: 818190 and 888827



SYMPTOMS
A Lightweight Directory Access Protocol (LDAP) filter error causes the Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003 Recipient Update Service not to stamp newly created users with e-mail addresses. Therefore, new users cannot access their Exchange mailboxes. Additionally, they cannot send and receive e-mail messages. One or more of the events that are listed in the &quot;More Information&quot; section may appear in the event logs.



CAUSE
LDAP queries are used in filter rules to specify the recipient membership of address lists and recipient policies. A malformed filter can cause the Recipient Update Service not to process the recipient membership policy. This causes new user account attributes to not update as expected. New users also cannot access their Exchange mailboxes nor send and receive e-mail messages.



RESOLUTION
To resolve this problem, correct or remove the LDAP query that is failing. The &quot;More Information&quot; section contains lists of events to help you locate the incorrect filter.

For additional information about how to manage address lists in Exchange 2000, see the Exchange 2000 Recipient Management guide. To obtain this guide, visit the following Microsoft Web site:

http://www.microsoft.com/technet/prodtechnol/exchange/2000/library/recimgmt.mspx



MORE INFORMATION
The event logs can help you locate the problem filter. When the filter error occurs, the following events may be logged in the Application event log on the Exchange computer:

MSExchangeAL Event ID 8011 Event Type: Information

Event Source: MSExchangeAL

Event Category: LDAP Operations

Event ID: 8011

Computer:

Description: Searching directory  at base '' using filter '(|(objectCategory=user)(objectCategory=group))(|(extensionAttribute8=* *)(mailNickname=* *)))' and requesting attributes ObjectClass; ReplPropertyMetaData.

Note The following LDAP query that appears in the event description that was discussed earlier is not valid:

(|(extensionAttribute8=* *)((mailNickname=* )))

In this particular case, the correct filter is:

(|(extensionAttribute8=* *)(mailNickname=* ))

The incorrect filter incorrectly contains an extra pair of parentheses around &quot;(mailNickname=* )&quot;.

The following two events indicate that the filter in the previous MSExchangeAL 8011 event contains the incorrect filter:

MSExchangeAL Event ID 8018 Event Type: Information

Event Source: MSExchangeAL

Event Category: LDAP Operations

Event ID: 8018

Computer:

Description: Abandoning request '54415' on directory. DC= ,DC= ,DC=.

MSExchangeAL Event ID 8007 Event Type: Information

Event Source: MSExchangeAL

Event Category: LDAP Operations

Event ID: 8007

Computer:

Description: Closing LDAP session to directory. DC= ,DC= ,DC=.

The following events may also appear in the Application Event Log of the Exchange computer:

MSExchangeAL Event ID 8020 Event Type: Information

Event Source: MSExchangeAL

Event Category: LDAP Operations

Event ID: 8020

Computer:

Description: LDAP Search of directory. . at base ' ' using filter '(& (mailnickname=*) (| (objectCategory=publicFolder) ))' was unsuccessful. Directory returned the LDAP error:[0x51] Server Down.

MSExchangeAL Event ID 8025 Event Type: Warning

Event Source: MSExchangeAL

Event Category: LDAP Operations

Event ID: 8025

Description: LDAP Get Next Page call on directory  for pagesize 20, was unsuccessful with error:[0x57] Filter error.

Note The hexadecimal error 0x57 maps to the LDAP error 87. The LDAP error 87 corresponds to the LDAP_FILTER_ERROR error.

If LDAP Interface Events diagnostics logging is set to at least &quot;2&quot; for the NTDS service on the Domain Controller used to process the Recipient Update Service requests, either of the following events may appear in its Directory Service Event Log.

NTDS LDAP Event ID 1216 Event Type: Warning

Event Source: NTDS LDAP

Event Category: LDAP Interface

Event ID: 1216

Computer:

Description: Internal event: An LDAP client connection was closed because of an error.

Client ID: 22857

Additional Data

Error value: 87

NTDS LDAP Event ID 1216 Event Type: Warning

Event Source: NTDS LDAP

Event Category: LDAP Interface

Event ID: 1216

Computer:

Description: The LDAP server closed a socket to a client because of an error condition, 87. (Internal ID c0603b2::30549).

Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

The LDAP Interface Events diagnostics logging is specified at the following registry location:

For additional information on Windows Server diagnostics logging, click the following article number to view the article in the Microsoft Knowledge Base:

314980 How to configure Active Directory diagnostic event logging in Windows Server

Additional query words: XADM, RUS

Keywords: kbenv kbnofix kbbug KB818190

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.