This is for all the AD guru’s out there. I guess I have a number of questions regarding this issue. Let me first start by giving the scenario. I have 16 DC’s of these 16, 10 of them are remote locations. I am getting the following error:
Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1388
Date: 3/6/2005
Time: 4:50:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: MYDC
Description:
Another domain controller (DC) has attempted to replicate into this DC an object which is not present in the local Active Directory database. The object may have been deleted and already garbage collected (a tombstone lifetime or more has past since the object was deleted) on this DC. The attribute set included in the update request is not sufficient to create the object. The object will be re-requested with a full attribute set and re-created on this DC.
Source DC (Transport-specific network address):
f984c4f8-134b-4c44-987a-d7081799bac8._msdcs.mycompany.com
Object:
DC=..SerialNo-ADCNAME.mycompany.com\0ADEL:d731c10a-4ff4-4210-a513-fafb94635a23,CN=Deleted Objects,DC=Mycompany,DC=com
Object GUID:
d731c10a-4ff4-4210-a513-fafb94635a23
Directory partition:
DC=Mycompany,DC=com
Destination highest property USN:
1532858
User Action:
Verify the continued desire for the existence of this object. To discontinue re-creation of future similar objects, the following registry key should be created.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Strict Replication Consistency
For more information, see Help and Support Center at
Now, do I need to enable Strict Replication on all of my DC’s or just the Source DC that is trying to replicate the deleted objects back into AD? Also, by enabling Strict AD replication, what are the possible draw backs if any? What is the best way to Clean or Flush the CN=Deleted Objects if one is sure they do not need to recover anything out of that container. Any enlightenment would be MUCH appreciated regarding this issue. Thank you in advance.
/R,
JKO4
Event Type: Error
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1388
Date: 3/6/2005
Time: 4:50:30 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: MYDC
Description:
Another domain controller (DC) has attempted to replicate into this DC an object which is not present in the local Active Directory database. The object may have been deleted and already garbage collected (a tombstone lifetime or more has past since the object was deleted) on this DC. The attribute set included in the update request is not sufficient to create the object. The object will be re-requested with a full attribute set and re-created on this DC.
Source DC (Transport-specific network address):
f984c4f8-134b-4c44-987a-d7081799bac8._msdcs.mycompany.com
Object:
DC=..SerialNo-ADCNAME.mycompany.com\0ADEL:d731c10a-4ff4-4210-a513-fafb94635a23,CN=Deleted Objects,DC=Mycompany,DC=com
Object GUID:
d731c10a-4ff4-4210-a513-fafb94635a23
Directory partition:
DC=Mycompany,DC=com
Destination highest property USN:
1532858
User Action:
Verify the continued desire for the existence of this object. To discontinue re-creation of future similar objects, the following registry key should be created.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Strict Replication Consistency
For more information, see Help and Support Center at
Now, do I need to enable Strict Replication on all of my DC’s or just the Source DC that is trying to replicate the deleted objects back into AD? Also, by enabling Strict AD replication, what are the possible draw backs if any? What is the best way to Clean or Flush the CN=Deleted Objects if one is sure they do not need to recover anything out of that container. Any enlightenment would be MUCH appreciated regarding this issue. Thank you in advance.
/R,
JKO4
