Eventid 16 RBAC authorization returns Access Denied for user. Reason: User was not found on Domain Controller
We have 2 separate AD Forests with 2 way trust Relationship between them. On the first domain (abc.com) we have an Exchange 2019 Server and we get Event id 16 error all the time. The error details are:
(Process w3wp.exe, PID 12272) "RBAC authorization returns Access Denied for user S-1-5-21-1234567890 -2355112122-2581322307-16572 (SID=S-1-5-21-1234567890 -2355112122-2581322307-16572). Reason: User was not found on Domain Controller dc.abc.com".
If I translate the SID to user it returns a username on the 2nd Forest (xyz.com) susch as xyz\user.
I have searched the entire abc.com domain and the above user is nowhere present (of course). Also on the Exchange admin roles no such user is present, actually only AD groups are members of the roles.
How can I find where this error is generated to stop it?'
How the SID of the other domain is appeared when it is nowhere in the domain in scope?