Article ID: 309175 - View products that this article applies to.
This article was previously published under Q309175
This article has been archived. It is offered "as is" and will no longer be updated.
If an Exchange 2000 server is using a domain controller that is in a child domain, the following error message may be logged in the Application event log:
Event Type: Error
Event Source: MSExchangeDSAccess
Event Category: None
Event ID: 2061
Time: 10:26:56 AM
Process STORE.EXE (PID=904). An LDAP search call failed - Error code=8004090a. Base DN=CN=MILLENNIUM ROLLOUT 4/14-B, OU=EXCHANGE DLS,OU=ADCMANAGED,DC=REDMOND,DC=CORP,DC=MICROSOFT,DC=COM, Filter=(objectclass=*), Scope=0.
To resolve this problem, obtain the latest service pack for Microsoft Exchange 2000 Server. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/301378/EN-US/ )XGEN: How to Obtain the Latest Exchange 2000 Server Service Pack
Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server.
This problem was first corrected in Microsoft Exchange 2000 Server Service Pack 2.
When DSaccess is initialized by the system attendant, DSaccess determines which domain DSaccess exists in. When a DN-based read is made through DSaccess, DSaccess checks to determine whether the object that is being read is in the "local domain." If the object is in the local domain, DSaccess sends the request to the Lightweight Directory Access Protocol (LDAP) port (389) of a domain controller in the local domain.
If the server is using a domain controller that is in a child domain (so that the domain controller does not have information about the local domain), that domain controller returns a referral. However, DSaccess cannot support referrals.
In versions of Exchange 2000 that are earlier than Exchange 2000 Server Service Pack 2 (SP2), DSAccess reads all of the domain controllers as though they are in the local domain; therefore, there is no check to determine whether the domain controller is appropriate for the request. In versions of Exchange 2000 that are earlier than Exchange 2000 Server SP2, there is no failover to the global catalog server.
In Exchange 2000 Server SP2 and later, DSAccess uses the global catalog server in this situation, which eliminates the problem entirely.