Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: NTDS General|
Unable to Establish Connection with the Global Catalog
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the role of the Global Catalog?
What is NTDS and what are the roles of its components?
I had this problem on one of two DC in a site. In sites and services I unchecked the "This server is Global Catalog" checkbox for both servers in this site. After a while I checked it for the server which had this error again and the error was gone.
This problem occurs if the Net Logon service on the domain controller does not start before the World Wide Web Publishing Service starts. See ME929100 for details on this situation.
This event can occur when promoting a domain controller to a global catalog server. See ME910204 for additional information about this issue.
In one case, this event occurred on a domain controller when the DNS Server Windows component was uninstalled. In another case, this event appeared when an attempt to transfer a FSMO role (the PDC role) by running NTDSUTIL on another domain controller failed. Ensure that the primary network adapter is configured with the IP address of at least one available DNS Server. If using DSN Active Directory integrated zones then resolve any problems with Active Directory replication.
See ME838400 for a hotfix applicable to Microsoft Windows 2000.
See ME842208 and the link to "EventID 1126 from source Active Directory" for more details on this problem.
Woodrow Wayne Collins
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the Nltest utility to diagnose this problem.
After applying MS security bulletin MS04-011 on a DC that is a catalog server, that domain controller after reboot does not register itself as a Global Catalog server in DNS. Hence, other domain controllers that are not global catalog servers may get this error. A hotfix is available from Microsoft see ME841395.
This error will also appear if you have removed the Global Catalog tick in NTDS Settings located under "AD Sites and Services".
I had this problem trying to promote a replicated AD machine to be the "first" DC after my original DC went bye-bye. After switching all the roles and getting the active database to rebuild, I was left with this error. Here is the fix I used:
1. Go to Administrative Tools, Sites and Services.
2. Browse the tree, Sites -> Default first name -> Servers -> your DC -> NTDS settings.
3. Right click NTDS settings and choose properties.
4. Check the box Global Catalog.
Anne Jan Elsinga
I got this kind of errors after I changed the DC with a new one, namely after I promoted the new DC, demoted the old DC (which remained a GC). To fix the problem I modified the Service Location Record (SRV) for _gc in DNS that it would point to the new DC.
As the error says, verify the availability of the server hosting the Global Catalog (network, DNS, etc..) and if the Global Catalog is online. See ME256287 for more information.
Sometimes, certain applications may affect the functionality of the Global Catalog (Citrix, Surf Control, and others).
As per ME318170, this problem may occur if you have a damaged object.
ME313167 points to a connectivity problem between Exchange 2000 and the Global Catalog.
As per Microsoft, this behavior can occur if you lock the system partition and remove the Everyone group from various locations. See ME305837 for more details and how to fix this.
If the error occurs on a Small Business Server, see ME322267.
This event can also occur when the Netlogon service fails.
Ensure that the Netlogon service is running. This service must be running for the GC to "Advertise". Eliminate any errors that cause the Netlogon server to fail to start.
This can be caused by clocks on AD controllers being out of sync.
Check your domain Controllers Local Policy User Rights Assignment to be sure that Exchange Enterprise Servers account is under Manage Auditing and security Log. If not add it or run Domain Prep from the Exchange 2000 CD again to fix all security issues. Then re-install Exchange service pack.
|Private comment: Subscribers only. See example of private comment|
|Links: How to use the Nltest Domain-User tool, Event ID 1126 from source Active Directory|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated