Error Event Id 1645
Contents |
Microsoft Tech Companion App Microsoft Technical Communities Microsoft Virtual Academy Script Center Server and Tools Blogs TechNet Blogs TechNet Flash Newsletter ntds replication 1645 TechNet Gallery TechNet Library TechNet Magazine TechNet Subscriptions TechNet Video TechNet missing service principal names isilon Wiki Windows Sysinternals Virtual Labs Solutions Networking Cloud and Datacenter Security Virtualization Downloads Updates Service Packs Security missing spn sql server Bulletins Windows Update Trials Windows Server 2012 R2 System Center 2012 R2 Microsoft SQL Server 2014 SP1 Windows 8.1 Enterprise See all trials » Related Sites Microsoft service principal name explained Download Center TechNet Evaluation Center Drivers Windows Sysinternals TechNet Gallery Training Training Expert-led, virtual classes Training Catalog Class Locator Microsoft Virtual Academy Free Windows Server 2012 courses Free Windows 8 courses SQL Server training Microsoft Official Courses On-Demand Certifications Certification overview MCSA: Windows 10 Windows Server Certification (MCSE) Private Cloud Certification (MCSE) SQL Server Certification (MCSE)
Event Id 1645 Ntds Replication Windows 2003
Other resources TechNet Events Second shot for certification Born To Learn blog Find technical communities in your area Support Support options For business For developers For IT professionals For technical support Support offerings More support Microsoft Premier Online TechNet Forums MSDN Forums Security Bulletins & Advisories Not an IT pro? Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Home Windows Server 2012 R2 Windows Server 2008 R2 Library Forums We’re sorry. The content you requested has been removed. You’ll be auto redirected in 1 second. Data (Database, Logs, SYSVOL, Partitions) Partition Replication Replication Changes Replication Changes Event ID 1645 Event ID 1645 Event ID 1645 Event ID 1084 Event ID 1188 Event ID 1567 Event ID 1645 Event ID 1964 Event ID 1977 TOC Collapse the table of content Expand the table of content This documentation is archived and is not being maintained. This documentation is archived and is not being maintained. Event ID 1645 — Replication Changes Updated: Nov
Analyzer Sample report Advanced filtering Direct links to www.eventid.net Email notifications Scheduled reporting Free for subscribers EventReader Event Viewer Sample report Custom views/filters Servers list, organized in groups Integration
Event Id 1645 Ds Rpc Client
with EventID.Net Consolidated view for all logs Free for subscribers Event active directory domain services did not perform an authenticated remote procedure call ID: 1645 Source: NTDS Replication Source: NTDS Replication Type: Error Description:The Directory Service received a failure while trying to 1396 logon failure the target account name is incorrect perform an authenticated RPC call to another Domain Controller. The failure is that the desired Service Principal Name (SPN) is not registered on the target server. The server being contacted is https://technet.microsoft.com/en-us/library/cc756429(v=ws.10).aspx afb720fd-38c7-4505-aa9f-b658ca124773._msdcs.MyDomain.com. The SPN being used is E3514235-4B06-11D1-AB04-00C04FC2DCD2/afb720fd-38c7-4505-aa9f-b658ca124773/mydomain.com@mydomain.com. Please verify that the names of the target server and domain are correct. Please also verify that the SPN is registered on the computer account object for the target server on the KDC servicing the request. If the target server has been recently promoted, it will be necessary for knowledge of this computer's identity to replicate http://www.eventid.net/display-eventid-1645-source-NTDS%20Replication-eventno-351-phase-1.htm to the KDC before this computer can be authenticated. English: Request a translation of the event description in plain English. Concepts to understand: What is the role of the KDC? What is NTDS and what are the roles of its components? What is a directory service? Comments: EventID.Net See ME810089, ME939820 and the link to "EventID 1645 from source Active Directory" for information about this event. x 5 Peter Hayden In one case, this Event ID appeared when an attempt to transfer a FSMO role (the PDC role) by running NTDSUTIL on another domain controller failed. This was fixed by using DCPROMO to demote/promote the domain controller. x 3 EventID.Net See ME830379 and ME838400 for two hotfixes applicable to Microsoft Windows 2000. As per Microsoft: "The servicePrincipalName attribute is a multiple-valued, non-linked attribute. In some Dcpromo.exe update situations, the replication SPN may be lost because of a conflict with another write process on this attribute". See ME308111 and ME305591 for more details. x 1 EventID.Net If this error is being reported for Active Directory replication between two domain controllers of different domains which have a parent/c
Start here for a quick overview of the site Help Center Detailed answers http://serverfault.com/questions/605833/event-id-1645-replication-changes to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business http://www.mickputley.net/2014/12/event-id-1645-activedirectorydomainserv.html Learn more about hiring developers or posting ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and event id answer site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Event ID 1645 Replication Changes up vote -1 down vote favorite I event id 1645 am having problems with Active Directory Domain Services. I have a lot of errors, id 1645: Active Directory Domain Services did not perform an authenticated remote procedure call (RPC) to another directory server because the desired service principal name (SPN) for the destination directory server is not registered on the Key Distribution Center (KDC) domain controller that resolves the SPN. Destination directory server: e73e1bb7-a691-40d0-9978-0a9b73a06d78._msdcs.ucacsa.org SPN: E3514235-4B06-11D1-AB04-00C04FC2DCD2/e73e1bb7-a691-40d0-9978-0a9b73a06d78/ucacsa.org@ucacsa.org User Action Verify that the names of the destination directory server and domain are correct. Also, verify that the SPN is registered on the KDC domain controller. If the destination directory server has been recently promoted, it will be necessary for the local directory server’s account data to replicate to the KDC before this directory server can be authenticated. The results of setspn is the following and I don't know how to resolve the error: Registered ServicePrincipalNames for CN=DCNCG,OU=Domain Controllers,DC=ucacsa,DC=org: TERMSRV/DCNCG TERMSRV/DCNCG.ucacsa.org DNS/DCNCG.ucacsa.org HOST/DCNCG/UCACSA HOST/DCNCG.uca
like SCOM then you will see these alerts anyway. The issue is well described in the text of the event, this is indeed an SPN issue Active Directory Domain Services did not perform an authenticated remote procedure call (RPC) to another directory server because the desired service principal name (SPN) for the destination directory server is not registered on the Key Distribution Center (KDC) domain controller that resolves the SPN. Destination directory server: 13c89be0-ba93-4648-9255-07c2bacfac0a._msdcs.MyDomain.Com SPN: E3514235-4B06-11D1-AB04-00C04EC2DCD2/13c89be0-ba93-4648-9255-07c2bacfac0a/MyServer.MyDomain.Com@MyDomain.Com User Action Verify that the names of the destination directory server and domain are correct. Also, verify that the SPN is registered on the KDC domain controller. If the destination directory server has been recently promoted, it will be necessary for the local directory server's account data to replicate to the KDC before this directory server can be authenticated. Here is what you can do to fix it: First, you need to identify the server that is missing from the SPN records. You can do this by simply pinging the GUID in the message, using the above example: Ping 13c89be0-ba93-4648-9255-07c2bacfac0a._msdcs.MyDomain.Com This should provide you with the IP address that you can use to identify the server. Let's pretend you find ServerOne.Mydomain.Com Then, go to the server that is recording the error and register it's SPN thus (again using our example) setspn -a E3514235-4B06-11D1-AB04-00C04EC2DCD2/13c89be0-ba93-4648-9255-07c2bacfac0a/MyServer.MyDomain.Com@MyDomain.Com This should fix you up, now as to why the DCPROMO process missed the SPN creation - I have no idea, in 15 years I have only seen this once. Perhaps a new bug in Server 2012 R2? Cheers Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest No comments: Post a Comment Newer P