Re: SBS 2k3 and Windows 2k3 Server aren't replicating passwords.
- From: "kj" <kj@xxxxxxxxxxx>
- Date: Mon, 18 Jun 2007 16:14:56 -0700
mtrayne@xxxxxxxxx wrote:
This morning at about 11am everyone who tried to go to our Intranet
site or the W2K3 share was prompted for a username and password. The
only thing that would get them through was resetting their passwords
on the W2K3 box.
As an experiment, if I changed a password on the W2K3 box (a different
pass from the SBS box), that account was completely locked out from
logging into the domain. If I changed it on SBS to the same thing they
were fine.
I used Replmon and replicated with Active Directory Sites and Services
and there doesn't seem to be any issues.
The events that seem related appear on the SBS box:
Event Type: Information
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1955
Date: 6/18/2007
Time: 11:01:04 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: SBS1
Description:
Active Directory encountered a write conflict when applying replicated
changes to the following object.
Object:
CN=Marge Thomas (TRU),CN=Users,DC=truvo,DC=local
Time in seconds:
0
Event log entries preceding this entry will indicate whether or not
the update was accepted.
A write conflict can be caused by simultaneous changes to the same
object or simultaneous changes to other objects that have attributes
referencing this object. This commonly occurs when the object
represents a large group with many members, and the functional level
of the forest is set to Windows 2000. This conflict triggered
additional retries of the update. If the system appears slow, it could
be because replication of these changes is occurring.
User Action
Use smaller groups for this operation or raise the functional level to
Windows Server 2003.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
and
Event Type: Warning
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1083
Date: 6/18/2007
Time: 11:24:43 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: SBS1
Description:
Active Directory could not update the following object with changes
received from the domain controller at the following network address
because Active Directory was busy processing information.
Object:
CN=Jessica Kim
(TRU),OU=SBSUsers,OU=Users,OU=MyBusiness,DC=truvo,DC=local
Network address:
21064b07-d8c1-46d6-a023-10199370447e._msdcs.truvo.local
This operation will be tried again later.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
These errors happen everytime I change a password on the W2K3 server
(but are logged on the SBS server). I looked up these errors and
followed the trail, but got nowhere.
I have a group policy for my users so that they need to change their
passwords every 60 days. Recently some people who had been getting the
"nag message" to change suddenly stopped getting it.
A month ago, the W2K2 server was completely passive to the SBS box. If
you tried to log into the network when the SBS box was down, you
couldn't. There was a JRNL_WRAP_ERROR on the SBS box, which I
corrected and then everything was happy -- until recently.
Any ideas? I don't want to have to manually change the W2K3 passwords
everytime the sbs passwords expire.
Run DCdiag /c on each DC and repadmin /replsummary
(may need to install the support tools first)
--
/kj
.
- Follow-Ups:
- References:
- Prev by Date: Re: AutoEnrollment
- Next by Date: Re: partially received or failed fax
- Previous by thread: SBS 2k3 and Windows 2k3 Server aren't replicating passwords.
- Next by thread: Re: SBS 2k3 and Windows 2k3 Server aren't replicating passwords.
- Index(es):
Relevant Pages
|
