Introduction

As many of you know, Exchange is very sensitive when it comes to domain controllers and Active Directory Sites and Services.

Issue

The above set of errors/warnings were happening on 1 server and the error does throw you off a bit, where it says that the Audit Security Privilege on the domain controller......error below:

The Exchange computer does not have Audit Security Privilege on the domain controller.
This domain controller will not be used by Exchange Active Directory Provider

EventID 2112

You think something is wrong with Group Policy especially the Domain Controller policy. The next set of errors present themselves like clockwork and you can fill the event viewer application logs with a couple of thousand logs in 10 min.

EventID 2077

Active Directory Provider could not find minimal required number of suitable domain controller sdervers in either local site ...the following sites

EventID 2069

Active Directory Provider could not find minimal required number of suitable domain controller servers in either local site ...the following sites

 

EventID 2142

Troubleshooting

Is there something wrong in Active Directory? Is is broken? Do I need to recover?

While in some cases Group Policy has been the culprit, in this scenario, it was because the Computer Object was missing from the following Exchange Security Groups:

  • Exchange Servers
  • Exchange Trusted Subsystem

Solution

Once the server was added back to these groups and the server was rebooted, everything started working again like it should. The Topology events were showing the domain controllers and no more errors were being logged.