Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: NTDS ISAM|
<NTDS> (<process id>) Online defragmentation of database '<name>' terminated prematurely after encountering unexpected error <error code>. The next time online defragmentation is started on this database, it will resume from the point of interruption.
|English: Request a translation of the event description in plain English.|
The solution is to restart the DC in Active Directory recovery mode, backup your c:\winnt\ntds folders, repair the “offline” database in c:\winnt\ntds\ntds.dic, delete all files except ntds.dic, do a integrity check (should be clean), and finally, run a defragmentation on the ntds.dic.
See the link to "EventID 705 from source ESE" for information on this event.
|Private comment: Subscribers only. See example of private comment|
|Links: EventID 705 from source ESE|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated