Windows Server – DHCP Service Starts then Stops again

KB ID 0000617 

Problem

Saw this last week on an SBS 2011 Server. When attempting to get the DHCP service running it span up then stopped straight away.

Solution

A quick look in Event Viewer showed me what the problem was,

Event ID 1054

The DHCP/BINL service on this computer is shutting down. See the previous event log messages for reasons

Fair enough lets see the previous error on the same server;

Event ID 1053

The DHCP/BINL service has encountered another server on this network with IP Address, (IPv4 or IPv6 address), belonging to the domain

In this example the offending IP (192.168.87.254) Was a Cisco PIX 501 firewall that was running a DHCP server. Thankfully My main job that day was to replace the firewall so when I put in a new ASA I didn’t have the DHCPD service running.

If you see this elsewhere you will need to locate the offending IP and disable DHCP on it.

 

Related Articles, References, Credits, or External Links

NA

Exchange ActiveSync Not Working for Some Users “Post Migration”

KB ID 0000695

Problem

Error seen on some users on both Exchange 2007 and 2010, (post migration) form earlier versions of Exchange. When it fails you will also see this error.

Event ID 1053 MSExchange ActiveSync

Exchange ActiveSync doesn’t have sufficient permissions to create the “CN={User Name},OU=<OU Name>,DC={Domain Name},DC=com” container under Active Directory user “Active Directory operation failed on servername.domain-name.com This error is not retriable. Additional information: Access is denied.

Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Make sure the user has inherited permission granted to domainExchange Servers to allow List, Create child, Delete child of object type “msExchangeActiveSyncDevices” and doesn’t have any deny permissions that block such operations.

Solution

Note: This can happen if the user is a member of any of these groups.

Account Operators
Administrators
Backup Operators
Domain Admins
Domain Controllers
Enterprise Admins
Print Operators
Read-only Domain Controllers
Replicator
Schema Admins
Server Operators

If your user IS a member of any of these groups, then have their ActiveSync device ready to be configured, as this fix will “revert” back every hour. If you get it connected and working before it reverts you will be fine.

Note: Users and mailbox’s created post migration are NOT affected.

1. On your Exchange Server > Launch the Exchange Management Console > Server Configuration > Select your CAS Server > Properties > Security Settings > Locate the DC that it is using.

2. Go the that Domain Controller, and press Windows Key+R > dsa.msc {enter} > Active Directory Users and Computers should open.

3. View > Ensure Advanced Features is enabled > Locate the problem user > Properties > Security > Advanced > Ensure Exchange Servers is present > Tick the box to “Allow inheritable permissions from this objects parent” > Apply.

4. Now attempt to connect your ActiveSync client.

Related Articles, References, Credits, or External Links

NA