MSExchange SACL Watcher Error

Question

_{Thursday, November 7, 2019 8:04 PM}

I am looking at a 2016 Exchange server that is getting this error in Application log event viewer every 5 minutes.  The DC noted was gracefully decommissioned and does not seem to appear anywhere in AD.  I have looked using ADSIedit and the DC is not listed.  I even tried adfind using command "adfind -b dc=domain,dc=com -f "objectcategory=computer" cn".  It shows all the existing servers but does not show the decommissioned DC.

Log Name:      Application
Source:        MSExchange SACL Watcher
Date:          11/7/2019 1:50:53 PM
Event ID:      6003
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      Exchagne2016.domain.com
Description:
SACL Watcher servicelet encountered an error while monitoring SACL change.
Got error 1722 opening group policy on system DC1.domain.com in domain domain.com.

Thank you

All replies (2)

_{Friday, November 8, 2019 2:12 AM ✅Answered}

Hi David-Mac,

Accroding to your error information above, try restarting the Microsoft Exchange Active Directory Topology service.

In addition, I find the following similar cases:

msexchange sacl watcher looking for old server?

Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

Error in exchange log after uninstall old DC server

The solution provided in the cases above is rebooting the server.

Take a reference at this case as well: SACL Watcher servlet error pointing to active DC

Regards, 

Joyce Shen

Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].

_{Tuesday, November 12, 2019 7:27 PM | 1 vote}

thanks.  Your links led me to the answer.  I ended up running: Get-ExchangeServer | Set-ExchangeServer -StaticExcludedDomainControllers old-DC.domain.com and restarting Exchange services.

Thanks again