MSMQ - MQ service unable to check sender access Rule - MSMQ.Rule.Alert.Event2177 (Rule)

MSMQ.Rule.Alert.Event2177 (Rule)

Message Queueing service unable to check sender access.

Knowledge Base article:

Summary

The Message Queuing service rejects incoming messages when it is unable to check whether the sender is allowed access to the queue for sending messages. Note that an event might not be issued every time this problem occurs.

Causes

This event usually occurs because the MSMQ Service does not have access to the group memberships of the sending user.

Resolutions

Modify permissions

Add only the computer accounts that need access to the Windows Authorization Access Group. The domain administrator will repeat this operation for other Message Queuing computers that require the permission, manually adding the relevant accounts to the Windows Authorization Access Group.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To add the MSMQ Service account:

Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
In Active Directory Users and Computers, click Builtin, and then double-click Windows Authorization Access Group.
Click the Members tab, and then add the MSMQ Service account to the members list.

Additional

For more information, see Event ID 2177 ( http://technet.microsoft.com/en-us/library/dd337504(WS.10).aspx)

Element properties:

Target

MSMQ.Queue

Category

ConfigurationHealth

Enabled

False

Alert Generate

True

Alert Severity

Warning

Alert Priority

Normal

Remotable

True

Alert Message

Message Queueing service unable to check sender access.

{0}

Event Log

Application

Member Modules:

ID	Module Type	TypeId	RunAs
DS	DataSource	Microsoft.Windows.EventProvider	Default
GenerateAlert	WriteAction	System.Health.GenerateAlert	Default

Module Type

TypeId

RunAs

DataSource

Microsoft.Windows.EventProvider

Default

GenerateAlert

WriteAction

System.Health.GenerateAlert

Default

Source Code:

<Rule ID="MSMQ.Rule.Alert.Event2177" Enabled="false" Target="MSMQ.Queue" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100"> <Category>ConfigurationHealth</Category> <DataSources> <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider"> <ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <LogName>Application</LogName> <Expression> <And> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery>PublisherName</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value>$Target/Host/Property[Type="MSMQ.Server"]/ServiceName$</Value> </ValueExpression> </SimpleExpression> </Expression> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery>EventDisplayNumber</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value>2177</Value> </ValueExpression> </SimpleExpression> </Expression> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="String">Params/Param[1]</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value Type="String">$Target/Property[Type="MSMQ.Queue"]/PathName$</Value> </ValueExpression> </SimpleExpression> </Expression> </And> </Expression> </DataSource> </DataSources> <WriteActions> <WriteAction ID="GenerateAlert" TypeID="Health!System.Health.GenerateAlert"> <Priority>1</Priority> <Severity>1</Severity> <AlertOwner/> <AlertMessageId>$MPElement[Name="MSMQ.Rule.Alert.Event2177.AlertName"]$</AlertMessageId> <AlertParameters> <AlertParameter1>$Data/EventDescription$</AlertParameter1> </AlertParameters> <Suppression> <SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue> <SuppressionValue>$Data/LoggingComputer$</SuppressionValue> </Suppression> </WriteAction> </WriteActions> </Rule>