Windows 2000 Advanced Server with SP3 installed (German version). Event 1083 was logged like described at ME296714
. The cause of this was that we had some orphan DCs in the Domain Controler OU and the event mentioned above was logged after switching the AD to native mode.
We removed the orphan entries but the event was still logged every three hours. We checked ME285858
but they did not help. We also tried ME296714
. At this stage we could not see any duplicated entry.
We then asked the customer to run the Microsoft Product Support's Customer Configuration Capture Tool report for the directory services. We reviewed the log file and we created this action plan for then customer:
There is a problem with the "Admin" user account. Please find this account in your Domain and reset the password. Find out if some services are using this account and make sure they get changed to the new passsword. Check to see if you still have the issue. If the above does not work, the continue with:
Move the account to another OU and run repadmin synall from command prompt. For example:
c:\>repadmin /syncall <name of the DC partner>
If it corrected the problem then move the user back to the original OU. If it doesn't correct the problem continue with:
1. Start the LDP from a Run command on the DC that generated the event ID.
2. From the connection menu select "Connect" then click ok to accept default setting.
3. Again from the connection menu select "Bind" then click ok on the bind screen to accept default setting.
4. From the View menu select "Tree" option to expand the view.
5. From the left hand pane highlight the domain DN name. For example you will see dc=domainname, dc=com. Highlight dc=domainname, dc=com by clicking on it.
6. From the Browse menu select Search option. In the search Base DN enter your domain dn name. For example: Base Dn: DC=domainname, DC=common the Filter option enter the object name to search. For example I am searching for an object name McVaugh that might be duplicate and as seen in the decription of
the event log.
Make sure to put the ( ) as seen below. Filter: (CN=McVaugh)
7. On the Scope select "Subtree" option and click Run to start the search.
8. Once the objects found and if there are duplicate objects with the same name decide on a good object then delete the other. An example of an object found: ***Searching...ldap_search_s(ld, "DC=domainname, DC=com", 2, "(CN=something)", attrList, 0, &msg)Result <0>: (null)Matched DNs: Getting 1 entries:>> Dn: CN=McVaugh, CN=Users, DC=domainname, DC=com1> canonicalName: domainname.com/Users/Something; 1> cn: McVaugh; 1> distinguishedName: CN=McVaugh, CN=Users, DC=domainame, DC=com; 4> objectClass: top; person; organizationalPerson; user; 1> name: something;
9. To delete the bad object do the following:
From the main menu click on Browse then select "Delete".
Enter the DN name of the object to be deleted.
For example I am deleting object name something. DN: CN=something, CN=Users, DC=domainname, DC=com
An example of object deleted message:ldap_delete_s(ld, "CN=something, CN=Users, DC=domainname, DC=com");Deleted "CN=something, CN=Users, DC=domainname, DC=com"-----------
10. Close the LDP session.
11. From the CMD prompt sync the active directory database with all the other domain controllers by runing the following command and make sure you are
getting a message indicating that was successful.
For example: c:\>repadmin /syncall <name of the DC partner>. You might want to check ME244344