Message Queueing service unable to check sender access.
The Message Queuing service rejects incoming messages when it is unable to check whether the sender is allowed access to the queue for sending messages. Note that an event might not be issued every time this problem occurs.
This event usually occurs because the MSMQ Service does not have access to the group memberships of the sending user.
Modify permissions
Add only the computer accounts that need access to the Windows Authorization Access Group. The domain administrator will repeat this operation for other Message Queuing computers that require the permission, manually adding the relevant accounts to the Windows Authorization Access Group.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To add the MSMQ Service account:
Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
In Active Directory Users and Computers, click Builtin, and then double-click Windows Authorization Access Group.
Click the Members tab, and then add the MSMQ Service account to the members list.
For more information, see Event ID 2177 ( http://technet.microsoft.com/en-us/library/dd337504(WS.10).aspx)
Target | MSMQ.Queue | ||
Category | ConfigurationHealth | ||
Enabled | False | ||
Alert Generate | True | ||
Alert Severity | Warning | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | Application |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.Windows.EventProvider | Default |
GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="MSMQ.Rule.Alert.Event2177" Enabled="false" Target="MSMQ.Queue" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>ConfigurationHealth</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>$Target/Host/Property[Type="MSMQ.Server"]/ServiceName$</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>2177</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">Params/Param[1]</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">$Target/Property[Type="MSMQ.Queue"]/PathName$</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="Health!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>1</Severity>
<AlertOwner/>
<AlertMessageId>$MPElement[Name="MSMQ.Rule.Alert.Event2177.AlertName"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>
<SuppressionValue>$Data/LoggingComputer$</SuppressionValue>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>