Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
LDAP returned the error [<error number>] <error description>
dn: cn=<user name>,OU=<ou name>,DC=<domain name>,DC=<domain suffix>
changetype: <operation type>
displayname:<user full name>
showInAddressBook:CN=Default Global Address List,CN=All
Global Address Lists,CN=Address Lists Cont...
msExchADCGlobalNames:EX5:cn=<alias>,cn=Recipients,ou=<ou name>,o=<organization name>:organizationalperson$person$top00...
(Connection Agreement '<site 1 > to <site 2>' #1552)
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is LDAP?
What is the role of the Microsoft Active Directory Connector (MSADC) ?
What is MAPI?
Error code 10, "No Such Attribute when importing the transaction" - This problem can occur when a specific configuration Connection Agreement exists. See ME306360.
Error code 13, "Constraint Violation when importing the transaction" - This problem can occur if the Exchange Server 5.5 Organization has a dot (.) in the target server name or organization name. See ME291266.
Error code b, "Administration Limit Exceeded when importing the transaction" -
This problem can occur because there is an architectural limit of approximately 800 values (that are not distinguished name-linked) in a multivalued attribute in the Windows 2000 Active Directory. See ME316350 and ME314950.
Error code 35, "Unwilling To Perform when importing the transaction" - See ME313658 - this is still a problem that Microsoft investigates.
Error code 44, "Already Exists when importing the transaction" - This behavior occurs because duplicate attributes exist in Active Directory. See ME291385 for workaround.
Error code 50 , "Other when importing the transaction" - This problem can occur if the Exchange 2000 ADC truncates the portion of the alias after the period leaving the period as the last character of the alias. This should be fixed by Exchange SP2. See ME303908.
See also event id 8270 from source MSExchangeAL.
- Error code: 44, error description: "Already Exists when importing the transaction" - See ME837968 and ME943573 for two hotfixes applicable to Microsoft Exchange Server 2003.
- Error code: 10, error description: "No Such Attribute when importing the transaction" - As per Microsoft: "This behavior may occur if certain users or distribution lists are explicitly granted permissions to create top-level public folders or are explicitly denied permissions to create top-level public folders on the Exchange Server 5.5 computer". See ME827618 to fix this problem.
- Error code: 44, error description: "Already Exists when importing the transaction" - See ME837165 for a hotfix applicable to Microsoft Exchange 2000 Server.
- Error code: 1 - See ME893608.
- Error code: 34 - See ME875543 for a hotfix applicable to Microsoft Exchange Server 2003.
As per Microsoft: "There can be several causes for such an event, ranging from lack of permissions to a non-functional domain controller or global catalog". See MSEX2K3DB for additional information on this event.
Woodrow Wayne Collins
- Error code: 20, error description: "No Such Object when importing the transaction" - See ME290419.
- Error code: 35, "Unwilling to perform" - When searching for this error message, it turns out that the " Unwilling to perform" message is related to any password policies enforced at the domain level. If you have configured the recipient agreement to create a new Windows user, and you have a password policy in place, the ADD action will fail, as the password configured on the account is blank. If you disable either the password policy or change the way the agreement is to handle mailboxes without a valid Primary NT account (to create disabled account), then the ADD operation will succeed.
I received this error when the ADC tried to import a mailbox named "Service". The word "service" is reserved in Windows 2000 for system use. I have also had problems with a security group named "service" as well. When I migrated an NT 4.0 Server to 2000 the SID was all messed up because of the reserved word.
See ME329047 link below.
Error code 50, "Other when importing the transaction", change type "Modify" - My Exchange 2K server was filling up with 8720 errors with a category of "LDAP Operations" at the rate of about 1 per minute. On further inspection the domain controller with the lower USNVector was having replication errors if I used AD Sites and Services to force an outbound replication, claiming there was a database error (there were no relevent events on that server). A reboot of this domain controller solved the entire issue and stopped the errors.
|Private comment: Subscribers only. See example of private comment|
|Links: ME290419, ME291266, ME291385, ME296871, ME303908, ME306360, ME314950, ME316350, ME313658, ME329047, ME827618, ME837165, ME837968, ME875543, ME893608, ME943573, Event ID 8270 from MSExchangeAL, MSEX2K3DB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated