Anyone noticed this on their Exchange 2007 server(s)? Active Directory operation failed for <DC FQDN>. This error have been caused by user input or by the Active Directory server being unavailable. Please retry at a later time. Additional information: The directory service encountered an unknown failure. Active Directory response: 000020EF: SvcErr: DSID-020A0EA3, problem 5005 (UNALBE_TO_PROCEED), data 87. It was running command 'get-recipient -ResultSize '10000' -SortBy 'DisplayName' -RecipientType 'Usermailbox".
If so, check your DC's for the February MS08-003 security patch KB943484. This patch limits the LDAP query capability to prevent DoS attacks. Apparently MS forgot to test Exchange 2007 against this patch. The patch is gone back in for some re-work and will be made available again sometime in March with the ability to change a reg value for the number of objects returned. I'm in no way advocating removing KB943484, just sharing information to keep fellow admins from pulling out their hair like I did today. ------------------------------------------------- Thank you, Pete Kretche MCP, A+ Network Systems Administrator UW - Green Bay Voice: 920.465.5014 Fax: 920.465.2864 [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
