Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 8270 Source: MSADC

Source
Level
Description
LDAP returned the error [<error number>] <error description>
dn: cn=<user name>,OU=<ou name>,DC=<domain name>,DC=<domain suffix>
changetype: <operation type>
mailnickname:<alias>
givenname:<first name>
mapirecipient:TRUE
displayname:<user full name>
autoreplymessage:/
whencreated:20021009232947Z
sn:<last name>
proxyAddresses:
:<>
showInAddressBook:CN=Default Global Address List,CN=All
Global Address Lists,CN=Address Lists Cont...
dLMemDefault:1
ReplicationSignature:AE1F9E5BC849154CB0F67E9C9D95F46E
ReplicatedObjectVersion:0
msExchADCGlobalNames:EX5:cn=<alias>,cn=Recipients,ou=<ou name>,o=<organization name>:organizationalperson$person$top00...
: forest:o=ENZA0000000020A61BF67978C201
-
  (Connection Agreement '<site 1 > to <site 2>' #1552)
Comments
 
Error code 10, "No Such Attribute when importing the transaction" - This problem can occur when a specific configuration Connection Agreement exists. See ME306360.

Error code 13, "Constraint Violation when importing the transaction" - This problem can occur if the Exchange Server 5.5 Organization has a dot (.) in the target server name or organization name. See ME291266.

Error code b, "Administration Limit Exceeded when importing the transaction" -
This problem can occur because there is an architectural limit of approximately 800 values (that are not distinguished name-linked) in a multivalued attribute in the Windows 2000 Active Directory. See ME316350 and ME314950.

Error code 35, "Unwilling To Perform when importing the transaction" - See ME313658 - this is still a problem that Microsoft investigates.

Error code 44, "Already Exists when importing the transaction" - This behavior occurs because duplicate attributes exist in Active Directory. See ME291385 for workaround.

Error code 50 , "Other when importing the transaction" - This problem can occur if the Exchange 2000 ADC truncates the portion of the alias after the period leaving the period as the last character of the alias. This should be fixed by Exchange SP2. See ME303908.

See also event id 8270 from source MSExchangeAL.
- Error code: 44, error description: "Already Exists when importing the transaction" - See ME837968 and ME943573 for two hotfixes applicable to Microsoft Exchange Server 2003.
- Error code: 10, error description: "No Such Attribute when importing the transaction" - As per Microsoft: "This behavior may occur if certain users or distribution lists are explicitly granted permissions to create top-level public folders or are explicitly denied permissions to create top-level public folders on the Exchange Server 5.5 computer". See ME827618 to fix this problem.
- Error code: 44, error description: "Already Exists when importing the transaction" - See ME837165 for a hotfix applicable to Microsoft Exchange 2000 Server.
- Error code: 1 - See ME893608.
- Error code: 34 - See ME875543 for a hotfix applicable to Microsoft Exchange Server 2003.


As per Microsoft: "There can be several causes for such an event, ranging from lack of permissions to a non-functional domain controller or global catalog". See MSEX2K3DB for additional information on this event.
- Error code: 20, error description: "No Such Object when importing the transaction" - See ME290419.
- Error code: 35, "Unwilling to perform" - When searching for this error message, it turns out that the "[35] Unwilling to perform" message is related to any password policies enforced at the domain level. If you have configured the recipient agreement to create a new Windows user, and you have a password policy in place, the ADD action will fail, as the password configured on the account is blank. If you disable either the password policy or change the way the agreement is to handle mailboxes without a valid Primary NT account (to create disabled account), then the ADD operation will succeed.


I received this error when the ADC tried to import a mailbox named "Service".  The word "service" is reserved in Windows 2000 for system use. I have also had problems with a security group named "service" as well. When I migrated an NT 4.0 Server to 2000 the SID was all messed up because of the reserved word.
See ME329047 link below.
Error code 50, "Other when importing the transaction", change type "Modify" - My Exchange 2K server was filling up with 8720 errors with a category of "LDAP Operations" at the rate of about 1 per minute. On further inspection the domain controller with the lower USNVector was having replication errors if I used AD Sites and Services to force an outbound replication, claiming there was a database error (there were no relevent events on that server). A reboot of this domain controller solved the entire issue and stopped the errors.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...