DCDIAG - Error - Replicating Directory Changes in Filtered Set

DCDIAG - Error - Replicating Directory Changes in Filtered Set

dcdiag returns : ENTERPRISE DOMAIN CONTROLLERS doesn’t have Replicating Directory Changes In Filtered Set
 
customer runs dcdiag and get error :

Starting test: NCSecDesc
Error NT AUTHORITYENTERPRISE DOMAIN CONTROLLERS doesn’t have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,dc=example-cloud,dc=com
Error NT AUTHORITYENTERPRISE DOMAIN CONTROLLERS doesn’t have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=its,dc=example-cloud,dc=com
......................... ITS-ADDC-SERV1 failed test NCSecDesc
 
Resolution Microsoft technet url : http://technet2.microsoft.com/windowsserver2008/en/library/6c438941-f9b5-4edb-a9ee-1781526389e51033.mspx?mfr=true

Explains that you may need to run the command : adprep /rodcprep

NCSecDesc in DCDIAG is to check that the security descriptors on the application directory partition heads have appropriate permissions for replication.

It is an expected issue when you promote a Windows Server 2008 domain controller in a Windows Server 2003 domain without preparing RODC (read-only domain controller) in the forest by running ’adprep /rodcprep’. If you do not plan to add an RODC to the forest, it is safe to ignore it. Otherwise, you can run "adprep /rodcprep".

    Can't find the KB

    Unable to find the KB to address your issue ?  

      • Recent Articles

      • Change Reset Password Button Text

        Change the text of the "Reset Password" button on the UW Login Page How to change the text of the Reset Password button on the Login Page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants ...

      • Remove Reset Password Button From Login Page

        Remove the Reset Password Button from the Login Page How to remove the Reset Password button from the Unified Workspace login page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants Expand ...

      • Lenovo Unified Workspace End-of-Life Questions and Answers

        As of January 31st 2024, Lenovo Unified Workspace (formerly Stoneware WebNetwork) is no longer supported. This means that we no longer provide licenses, downloads, updates, patches, or technical assistance for this product. If you have any questions ...

      • How do I determine my Unified Workspace license expiration date?

        The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...

      • Lenovo Unified Workspace 7.0.2.13 Released

        Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...

      • Related Articles

      • DNS Test : NameNotFoundException error

        The customer is using MS AD and is in the stoneware management console and did a DNS Test. The following Errors were given. INFO: Attempting to locate a domain controller in DNS for domain: company.org ERROR: javax.naming.NameNotFoundException: DNS ...

      • LDAP Error Codes

        AcceptSecurityContext error, data 52e means "bad password" AcceptSecurityContext error, data 525 means "bad user name" AcceptSecurityContext error, data 773 means "password expiring" or similar.  Standard error codes Standard LDAP errors Error / data ...

      • CIFS Error Codes

        Question: What do the CIFS / SMB error codes mean ? Solution: For a large table of NT codes, see https://customer.lenovosoftware.com/support/techdocs/v6/cifs-nt-codes.txt    jcifs code        nt code 1 0x00000000 0x00000000 NT_STATUS_OK 0 0xc0000001 ...

      • List of Active Directory Error Codes

        The error codes for Active Directory can be found at this Microsoft URL. http://msdn.microsoft.com/en-us/library/ms681381%28VS.85%29.aspx

      • Verify Active Directory SSL

        How can I check if my Microsoft Active Directory Domain controller / LDAP Server has SSL ?   The following URL has a nice write up about the Microsoft Tool called LDP.exe http://www.computerperformance.co.uk/w2k3/utilities/ldp.htm You can download ...