ITExperience.NET

After some troubleshooting in Exchange 2007, my eventlog was flooded by the following event:

Event Type: Warning
Event Source: MSExchangeIS Mailbox Store
Event Category: Access Control
Event ID: 1029
Date:  7/25/2008
Time:  10:57:21 AM
User:  N/A
Computer: %servername%
Description:
%emailaddress% failed an operation because the user did not have the following access rights:

‘Delete’ ‘Read Property’ ‘Write Property’ ‘Create Message’ ‘View Item’ ‘Create Subfolder’ ‘Write Security Descriptor’ ‘Write Owner’ ‘Read Security Descriptor’ ‘Contact’

The distinguished name of the owning mailbox is %AD path to a user%. The folder ID is in the data section of this event.

In the first place I suspected a change in the security settings. A quick search on Google learned me that the error was a false warning, as described in http://support.microsoft.com/kb/325885.

The errors may be ignored, but if you want to avoid the error, you have to set the Logging level on the Exchange 2007 server to low.

To view your logging levels, type the following in your Exchange Management Shell:

Get-EventLogLevel

Scroll through the output to view the levels. You should expecially focus on ‘MSExchangeIS\9000 Private\Access Control’ and ‘MSExchangeIS\9001 Public\Access Control’ and the associated level.

Now, to adjust the level to Lowest, execute the following command

Set-EventLogLevel -Identity ‘MSExchangeIS\9000 Private\Access Control’ -Level Lowest

Of course, if ‘Public’ was set to High, you should execute

Set-EventLogLevel -Identity ‘MSExchangeIS\9001 Public\Access Control’ -Level Lowest