Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: NTDS KCC|
Explicit bridgeheads to support inter-site replication to and from site CN=<cn name>,CN=Sites,CN=Configuration,DC=<dc name>,DC=<dc name>,DC=<dc name>, over transport CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=<dc name>,DC=<dc name>,DC=<dc name>, have been selected, but none of these servers can replicate the partition DC=<dc name>,DC=<dc name>,DC=<dc name>.
Please use the Active Directory Sites and Services snap-in to do the following:
1. Configure servers that can support replication of the given partition as preferred bridgeheads for this transport. You can do this by modifying the corresponding server objects.
2. Ensure the server objects have an address for this transport. For example, servers performing replication over the SMTP transport must have a mailAddress attribute. This attribute is normally configured automatically after the IIS/SMTP service is installed.
In the meantime the KCC will consider all servers in this site as possible bridgeheads for this partition.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is NTDS and what are the roles of its components?
What is KCC?
See "EventID 1567 from source Active Directory" for more information on this problem.
I found out that it is not enough just to configure one of the DCs as a bridgehead server, you must also evaluate what kind of transport the DCs are using for the site links. In my specific scenario SMTP was not in use. After leaving only TCPIP as the protocol for the bridgehead to use, the errors were gone.
Another possible solution is to apply the ME898060 hotfix on all the DCs. Just make sure you download the latest version of this patch (currently v2).
As per Microsoft: "To resolve this issue, configure a Windows Server 2003-based domain controller as the preferred bridgehead server. The Windows Server 2003-based domain controller can successfully replicate this new partition information". See ME813484 for more details.
The issue is mentioned in ME271997. One possible solution appears to make sure your bridgeheads are also Global Catalog servers.
|Private comment: Subscribers only. See example of private comment|
|Links: ME271997, ME813484, ME898060, EventID 1567 from source Active Directory|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated