Exchange 2013 – Event ID 17, 23 and 258 HealthMailbox: No role Assignments


The following 3 errors are filling up the application log

Event ID 17, 23 and 258

(Process w3wp.exe, PID 6828) “RBAC authorization returns Access Denied for user domain.local/Microsoft Exchange System Objects/Monitoring Mailboxes/HealthMailbox6abb348c643845acaee87941bd609e63. Reason: No role assignments associated with the specified user were found on Domain Controller dc.domain.local”


There are no roles assigned to the Default Role Assignment Policy


You can use the following command to see the roles included in the default role assignment policy:

Get-ManagementRoleAssignment -RoleAssignee ‘Default Role Assignment Policy’


As you can see – no roles are returned


Add one or more roles to the Default Role Assignment Policy.

EAC > Permissions > User Roles > Default Role Assignment Policy

Select one or more roles


You can then verify this from the shell


Leave a Reply

Your email address will not be published. Required fields are marked *