Microsoft Exchange and Blackberry Server Specialists

Error Log Entries 1022 and 9548 With Disabled Accounts

A user leaves the company and you disable the account.
Your event log then starts filling up with errors like this:

Event Type: Error
Event Source: MSExchangeIS Mailbox Store
Event Category: Logons
Event ID: 1022
Date: 04/11/2004
Time: 05:15:50
User: N/A
Computer: MAIL-SERVER
Description:
Logon Failure on database "First Storage Group\Mailbox Store
(MAIL-SERVER)" - Windows 2000 account NT AUTHORITY\SYSTEM; mailbox
/O=Company plc/OU=COMPANY/cn=Recipients/cn=usera.
Error: -2147221231

For more information, click
http://www.microsoft.com/contentredirect.asp.

Event Type: Warning
Event Source: MSExchangeIS
Event Category: General
Event ID: 9548
Date: 04/11/2004
Time: 05:15:50
User: N/A
Computer: MAIL-SERVER
Description:
Disabled user /O=Company plc/OU=COMPANY/cn=Recipients/cn=usera does not
have a master account SID. Please use Active Directory MMC to set an
active account as this user's master account.

For more information, click
http://www.microsoft.com/contentredirect.asp.
 

You want to remove the error message from the system, yet still retain the account.
There is a simple fix.

  1. Go in to the Mailbox Rights of the user account. You will find this in ADUC, Right click on the user account and choose Properties. Select the "Exchange Advanced" tab and then "Mailbox Rights". If you don't see the Exchange Advanced tab, close the user properties, and then choose View, Advanced Features.
  2. Listed in the users will be one called "Self", which should already have "Full Mailbox Access" rights. Enable "Associated External Account" as well.
  3. Apply/OK out.

Note: You can only have one "Associated External Account" per user, so if another account has already been given that setting, it will need to be removed.

Another option would be to not disable the account, but change the password, hide the user account and remove the permissions. You can stop the account being used by enabling the option to require a password change and the use of a "Access Denied" group.


Related Articles

Options When a Staff Member Leaves