Article ID: 324114
Article Last Modified on 2/20/2007
APPLIES TO
- Microsoft Exchange 2000 Server Standard Edition
This article was previously published under Q324114
SYMPTOMS
If you use an administrator account to run Exmerge.exe to identify user accounts that are not represented in Active Directory, the event ID 9551 warning messages that identify those objects and users may not be logged.
RESOLUTION
To resolve this problem, obtain the latest service pack for Microsoft Exchange 2000 Server. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
301378 XGEN: How to Obtain the Latest Exchange 2000 Server Service Pack
Component: Information store
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Time Version Size File name ---------------------------------------------------------- 12-JUL-2002 17:08 6.0.5771.28 4,547,136 Store.exe
NOTE: Because of file dependencies, this update requires Microsoft Exchange 2000 Server Service Pack 2.
STATUS
Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server. This problem was first corrected in Microsoft Exchange 2000 Server Service Pack 3.
MORE INFORMATION
In an environment that is mixed (contains Microsoft Exchange Server 5.5 and Exchange 2000) or an environment that was previously mixed, the access control list (ACL) of mailboxes and public folders may contain user accounts that are not represented in Active Directory. Such users are "zombie" users.
Zombie users may cause a problem if the ACL from Exchange Server 5.5 is upgraded to match the NTDS format that is used in Exchange 2000. Exchange 2000 tries to upgrade the ACL each time that the ACL has to be evaluated. If Exchange 2000 encounters a zombie user during the upgrade, the upgrade does not work. Exchange 2000 tries to upgrade the ACL again the next time that Exchange 2000 accesses the ACL. Zombie users can lead to a range of issues, depending upon how prevalent they are in the environment.
If Exchange 2000 encounters a zombie user during the ACL upgrade, the following warning message is logged. Administrators can use this warning message to identify the object and user account that are in a zombie state:
This warning message is logged only if Exchange 2000 accesses the object and cannot upgrade the ACL. If you are an Exchange administrator, you may want to be proactive and use a utility such as Exmerge.exe to identify all of the zombie users in your environment. Exmerge.exe accesses each folder, which forces an upgrade of ACLs. You typically use an Exchange administrator account to run Exmerge.exe, but if you do so, the event ID 9551 warning message is not logged. The fix that this article describes permits administrators to run a utility such as Exmerge.exe to access each folder and identify zombie users with the event ID 9551 error messages. For additional information about how to use the information store to automatically remove identified zombie users, click the article number below to view the article in the Microsoft Knowledge Base:
318549 XADM: Migrated Exchange Server 5.5 Mailboxes Generate Event ID 9551 Warning Messages for the ACL
Keywords: kbhotfixserver kbqfe kbbug kbexchange2000presp3fix kbexchange2000sp3fix kbfix KB324114