Error: Event ID 17 MSExchangeRBAC is logged every 24 hours after installing Symantec Mail Security for Microsoft Exchange (SMSMSE) on an Exchange server without the mailbox role installed

book

Article ID: 158249

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange

Issue/Introduction

After install of SMSMSE on a non-mailbox role Exchange server, Error Event ID 17 from source MSExchangeRBAC is logged every 24 hours.

 

Application event log
Source: MSExchangeRBAC
Event ID: 17

Description:
(Process w3wp.exe, PID 7604) "RBAC authorization returns Access Denied for user xxxxx/Servers/<server>. Reason: No role assignments associated with the specified user were found on Domain Controller xxxxx"
 

Cause

SMSMSE runs as the Local System account on non-mailbox role Exchange servers. When SMSMSE attempts to query Exchange for a list of mailboxes, RBAC denies access to the query because the Local System account does not normally have RBAC permissions to query Exchange.

Resolution

This is expected on non-mailbox role servers.

Workaround

To avoid these errors, Mailbox enumeration can be disabled on non-mailbox role servers.

To disable mailbox enumeration:

1. Open the registry editor (Start -> Run, regedit).

2. Create the following DWORD if not present: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\SMSMSE\<version>\Server\RefreshListTimeInMinutes.

3. Click on the Decimal radio option, then set the value to 100000000.

4. Create a new DWORD Value called “RefreshListOnStartupEnabled” and set the value to 0

5. Exit the registry editor.

6. Restart the SMSMSE service for the changes to take effect.