Event ID/Source search
Keyword search
Example: Windows cannot unload your registry file
EvLog 3.0 – Monitor an unlimited number of servers with $49/year
With the current low prices for servers and the need for processing power, even a small company may end up with quite a few of them. If ten years ago it was still common to see an entire company using just one server, these days that's no longer the case.New computers are added to the network with the understanding that they will be taken care of by the admins. Keeping an eye on these servers is a tedious, time-consuming process. Even with 5 minutes per server (to check the logs and other parameters), it may take an hour to make sure that everything is ok and no "red lights" are blinking on any of the servers.
read more...
Event ID: 13515 Source: NtFrs
| Source: NtFrs |
| Type: Warning |
| Description: The File Replication Service may be preventing the computer NEMESIS from becoming a domain controller while the system volume is being initialized and then shared as SYSVOL. Type net share to check for the SYSVOL share. The File Replication Service has stopped preventing the computer from becoming a domain controller once the SYSVOL share appears. The initialization of the system volume can take some time. The time is dependent on the amount of data in the system volume. The initialization of the system volume can be bypassed by first typing regedt32 and setting the value of SysvolReady to 1 and then restarting the Netlogon service. WARNING - BYPASSING THE SYSTEM VOLUME INITIALIZATION IS NOT RECOMMENDED. Applications may fail in unexpected ways. The value SysvolReady is located by clicking on HKEY_LOCAL_MACHINE and then clicking on System, CurrentControlSet, Services, Netlogon, and Parameters. T2001-03-27,22:47:18,127.0.0.1,5,4,EvntSLog:214520: [AUF] Tue Mar 27 22:47:17 2001: KANT/Security (578) - Privileged object operation: Object Server: Security Object Handle: 4294967295 Process ID: 1656 Primary User Name: DOMPDC$ Primary Domain:CORPDOM Primary Logon ID: (0x0,0x3E7) Client User Name: adrian Client Domain: CORPDOM Client Logon ID: (0x0,0x5ECEE65) Privileges: SeIncreaseBasePriorityPrivilege |
| English: Request a translation of the event description in plain English. |
| Concepts to understand: What is the role of File Replication Service? What is the role of the Netlogon share? |
| Comments: EventID.Net Windows 2000 does not support the SYSVOL folder on a mounted volume. The File Replication service takes the full path of the SYSVOL folder and opens a journal on that volume to track changes. Also, a number of functions internal to the File Replication service use the volume handle as an argument. With a mounted volume, the SYSVOL folder and the data it contains actually resides on another volume entirely; the journal cannot track changes and the internal File Replication service functions mentioned earlier do not work. 
|
| Private comment: Subscribers only. See example of private comment |
| Links: ME255759 |
| Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links... |
| Feedback:
Send comments or solutions
- Notify me when updated
|
| Printer friendly |
Subscribe to EventID.Net now!