Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: NTDS KCC|
Internal event: The following connection may or may not be considered active at present. However, it is a viable connection for replication from the following site.
Connection object: CN=acf97e92-69e1-4e11-a053-339c97867433,CN=NTDS Settings,CN=DomainController,CN=Servers,CN=SiteName,CN=Sites,CN=Configuration,DC=DomainName,DC
Directory partition: DC=SiteName2,DC=DomainController,DC=com
Transport: CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=DomainName,DC=com
Connection reason code: 0x96
Global catalog topology flag: 1
This existing connection will be preserved.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is NTDS and what are the roles of its components?
What is KCC?
What is the role of ESENT?
No information available. If you have additional details about this event, please, send them to us!
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated