When SMSMSE scans the Exchange Databases, SMSMSE impersonates each user to gain access to their mailbox contents.These events are written to the Security event log when SMSMSE attempts to impersonate a user account that is currently disabled to scan the mailbox associated with that disabled user account.
These events can be safely ignored, they will not impact functionality of the server. To prevent these events from being written to the Security event log, edit the scan in question and select "Specific Mailboxes" in the Scan Location dialog window. Uncheck any mailboxes associated with disabled user accounts and these events will no longer be written.
Subscribing will provide email updates when this Article is updated. Login is required.