The Message Queuing server cannot determine if the local domain controller is trusted for delegation. This may indicate a serious problem.
The Message Queuing server cannot determine if the local domain controller is trusted for delegation.
Enable domain controller delegation
The domain controller must have the Active Directory option Trust computer for delegation enabled.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
Note: Make sure that this computer really should be trusted for delegation before performing this procedure, as trusting for delegation could be a security risk.
To enable delegation for the local domain controller:
Click Start, point to Administrative Tools, right-click Active Directory Users and Computers, and then click Run as administrator.
In the console tree, click Domain Controllers.
Right-click the computer that you want to configure (that is, the local domain controller), and then click Properties.
Click Trust this computer for delegation to any service (Kerberos only), and then click OK.
Accept any confirmation dialog boxes.
For more information, see Event ID 2123 ( http://technet.microsoft.com/en-us/library/dd337409(WS.10).aspx)
| Target | Microsoft.MSMQ.2008R2.Servers | ||
| Category | ConfigurationHealth | ||
| Enabled | False | ||
| Event_ID | 2123 | ||
| Event Source | $Target/Property[Type="Microsoft.MSMQ.2008R2.ServerRole"]/ServiceName$ | ||
| Alert Generate | True | ||
| Alert Severity | Error | ||
| Alert Priority | Normal | ||
| Remotable | True | ||
| Alert Message |
| ||
| Event Log | Application |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| DS | DataSource | Microsoft.Windows.EventProvider | Default |
| GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
Home
<Rule ID="Microsoft.MSMQ.2008R2.Rule.Alert.Event2123" Enabled="false" Target="Microsoft.MSMQ.2008R2.Servers" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>ConfigurationHealth</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>$Target/Property[Type="Microsoft.MSMQ.2008R2.ServerRole"]/ServiceName$</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>2123</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertOwner/>
<AlertMessageId>$MPElement[Name="Microsoft.MSMQ.2008R2.Rule.Alert.Event2123.AlertName"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>
<SuppressionValue>$Data/LoggingComputer$</SuppressionValue>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>