Results 1 to 5 of 5

Thread: NTDS Replication Event ID 1083/1955 and account lockouts

  1. #1
    Vic Guest

    NTDS Replication Event ID 1083/1955 and account lockouts

    Hi,

    We have had problems for some time with user accounts being locked for
    reasons other than users typing in their passwords incorrectly. The issue
    does not descriminate and happens at random to all users reagrdless of
    privilidges and roles, even when the user is logged in and working away.

    The event log of our PDC does show Event 1083 and 1955 for a a user account
    that is locked.
    Not sure if the event is ocurring after the account has been locked or the
    event occurs and then the account is locked.

    Is this event generated because the account is locked ?

    We run a 2003 Environment, where the PDC was upgraded from a Win2000 box. We
    also run Citirx for all users apps.
    We have a single domain, which was created by the merging of two older
    domains.
    The PDC server also tuns DHCP.

    Checks I have performed already include :
    - the are no duplicate objects
    - The domain functional level is Win 2003
    - repadmin shows success
    - dcdiag passes all tests

    We have several doamin controllers in other locations serviced by WAN Links
    serviced by 2-4 Mbps links.

    Any help appreciated. Thanks


  2. #2
    Marcin Guest

    Re: NTDS Replication Event ID 1083/1955 and account lockouts

    Vic,
    have you tried any of the tools/methods described in the
    http://technet.microsoft.com/en-us/l.../cc738772.aspx and
    http://technet.microsoft.com/en-us/l...cc776964.aspx?

    hth
    Marcin

    "Vic" <Vic@discussions.microsoft.com> wrote in message
    news:8CBC9020-5341-4862-B76A-6A305B763741@microsoft.com...
    > Hi,
    >
    > We have had problems for some time with user accounts being locked for
    > reasons other than users typing in their passwords incorrectly. The issue
    > does not descriminate and happens at random to all users reagrdless of
    > privilidges and roles, even when the user is logged in and working away.
    >
    > The event log of our PDC does show Event 1083 and 1955 for a a user
    > account
    > that is locked.
    > Not sure if the event is ocurring after the account has been locked or the
    > event occurs and then the account is locked.
    >
    > Is this event generated because the account is locked ?
    >
    > We run a 2003 Environment, where the PDC was upgraded from a Win2000 box.
    > We
    > also run Citirx for all users apps.
    > We have a single domain, which was created by the merging of two older
    > domains.
    > The PDC server also tuns DHCP.
    >
    > Checks I have performed already include :
    > - the are no duplicate objects
    > - The domain functional level is Win 2003
    > - repadmin shows success
    > - dcdiag passes all tests
    >
    > We have several doamin controllers in other locations serviced by WAN
    > Links
    > serviced by 2-4 Mbps links.
    >
    > Any help appreciated. Thanks
    >




  3. #3
    Vic Guest

    Re: NTDS Replication Event ID 1083/1955 and account lockouts

    Here's a copy of the events

    Event 1083

    Active Directory could not update the following object with changes received
    from the domain controller at the following network address because Active
    Directory was busy processing information.

    Object:
    CN=Victor Gabriel - Adm,OU=Op Accts,OU=Admins,OU=Sydney,DC=avant,DC=local
    Network address:
    82713579-4787-439a-9a8f-185fd1e97325._msdcs.avant.local

    This operation will be tried again later.

    Event 1955

    Active Directory encountered a write conflict when applying replicated
    changes to the following object.

    Object:
    CN=Victor Gabriel - Adm,OU=Op Accts,OU=Admins,OU=Sydney,DC=avant,DC=local
    Time in seconds:
    0

    Event log entries preceding this entry will indicate whether or not the
    update was accepted.

    A write conflict can be caused by simultaneous changes to the same object or
    simultaneous changes to other objects that have attributes referencing this
    object. This commonly occurs when the object represents a large group with
    many members, and the functional level of the forest is set to Windows 2000.
    This conflict triggered additional retries of the update. If the system
    appears slow, it could be because replication of these changes is occurring.

    User Action
    Use smaller groups for this operation or raise the functional level to
    Windows Server 2003.

    For more information, see Help and Support Center at

    "Marcin" wrote:

    > Vic,
    > have you tried any of the tools/methods described in the
    > http://technet.microsoft.com/en-us/l.../cc738772.aspx and
    > http://technet.microsoft.com/en-us/l...cc776964.aspx?
    >
    > hth
    > Marcin
    >
    > "Vic" <Vic@discussions.microsoft.com> wrote in message
    > news:8CBC9020-5341-4862-B76A-6A305B763741@microsoft.com...
    > > Hi,
    > >
    > > We have had problems for some time with user accounts being locked for
    > > reasons other than users typing in their passwords incorrectly. The issue
    > > does not descriminate and happens at random to all users reagrdless of
    > > privilidges and roles, even when the user is logged in and working away.
    > >
    > > The event log of our PDC does show Event 1083 and 1955 for a a user
    > > account
    > > that is locked.
    > > Not sure if the event is ocurring after the account has been locked or the
    > > event occurs and then the account is locked.
    > >
    > > Is this event generated because the account is locked ?
    > >
    > > We run a 2003 Environment, where the PDC was upgraded from a Win2000 box.
    > > We
    > > also run Citirx for all users apps.
    > > We have a single domain, which was created by the merging of two older
    > > domains.
    > > The PDC server also tuns DHCP.
    > >
    > > Checks I have performed already include :
    > > - the are no duplicate objects
    > > - The domain functional level is Win 2003
    > > - repadmin shows success
    > > - dcdiag passes all tests
    > >
    > > We have several doamin controllers in other locations serviced by WAN
    > > Links
    > > serviced by 2-4 Mbps links.
    > >
    > > Any help appreciated. Thanks
    > >

    >
    >
    >


  4. #4
    Vic Guest

    Re: NTDS Replication Event ID 1083/1955 and account lockouts

    I've tried the various account lockout tools but they don't relaly help as I
    can't predict when the account may lock, or if a particular machine is
    causing the lockout.
    My admin account will lock overnight even if my machine is not on. Seems to
    be a common time of around 12 am.

    The LockOutStatus tool does tell me that my account is locked at exactly the
    same time as when the Event 1083 and 1955 appear in the Event Logs. Its the
    same for other users.
    Our bad password count is set to 3. Our Citirx apps do map drives when
    launcing which I suspect may be a culprit



    "Marcin" wrote:

    > Vic,
    > have you tried any of the tools/methods described in the
    > http://technet.microsoft.com/en-us/l.../cc738772.aspx and
    > http://technet.microsoft.com/en-us/l...cc776964.aspx?
    >
    > hth
    > Marcin
    >
    > "Vic" <Vic@discussions.microsoft.com> wrote in message
    > news:8CBC9020-5341-4862-B76A-6A305B763741@microsoft.com...
    > > Hi,
    > >
    > > We have had problems for some time with user accounts being locked for
    > > reasons other than users typing in their passwords incorrectly. The issue
    > > does not descriminate and happens at random to all users reagrdless of
    > > privilidges and roles, even when the user is logged in and working away.
    > >
    > > The event log of our PDC does show Event 1083 and 1955 for a a user
    > > account
    > > that is locked.
    > > Not sure if the event is ocurring after the account has been locked or the
    > > event occurs and then the account is locked.
    > >
    > > Is this event generated because the account is locked ?
    > >
    > > We run a 2003 Environment, where the PDC was upgraded from a Win2000 box.
    > > We
    > > also run Citirx for all users apps.
    > > We have a single domain, which was created by the merging of two older
    > > domains.
    > > The PDC server also tuns DHCP.
    > >
    > > Checks I have performed already include :
    > > - the are no duplicate objects
    > > - The domain functional level is Win 2003
    > > - repadmin shows success
    > > - dcdiag passes all tests
    > >
    > > We have several doamin controllers in other locations serviced by WAN
    > > Links
    > > serviced by 2-4 Mbps links.
    > >
    > > Any help appreciated. Thanks
    > >

    >
    >
    >


  5. #5
    Meinolf Weber [MVP-DS] Guest

    Re: NTDS Replication Event ID 1083/1955 and account lockouts

    Hello Vic,

    Do also raise the forest functional level to 2003, advantage of linked value
    replication. Make sure that no older Domain's or DC's are listed in AD database:
    http://support.microsoft.com/kb/230306

    http://support.microsoft.com/kb/216498

    Additional see this one:
    http://support.microsoft.com/kb/296714/en-us

    http://blogs.dirteam.com/blogs/tomek...his-about.aspx

    Best regards

    Meinolf Weber
    Disclaimer: This posting is provided "AS IS" with no warranties, and confers
    no rights.
    ** Please do NOT email, only reply to Newsgroups
    ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


    > Hi,
    >
    > We have had problems for some time with user accounts being locked for
    > reasons other than users typing in their passwords incorrectly. The
    > issue does not descriminate and happens at random to all users
    > reagrdless of privilidges and roles, even when the user is logged in
    > and working away.
    >
    > The event log of our PDC does show Event 1083 and 1955 for a a user
    > account that is locked. Not sure if the event is ocurring after the
    > account has been locked or the event occurs and then the account is
    > locked.
    >
    > Is this event generated because the account is locked ?
    >
    > We run a 2003 Environment, where the PDC was upgraded from a Win2000
    > box. We
    > also run Citirx for all users apps.
    > We have a single domain, which was created by the merging of two older
    > domains.
    > The PDC server also tuns DHCP.
    > Checks I have performed already include :
    > - the are no duplicate objects
    > - The domain functional level is Win 2003
    > - repadmin shows success
    > - dcdiag passes all tests
    > We have several doamin controllers in other locations serviced by WAN
    > Links serviced by 2-4 Mbps links.
    >
    > Any help appreciated. Thanks
    >




Similar Threads

  1. New DC problem with event log NTDS Replication error 1864
    By Elettra in forum Active Directory
    Replies: 4
    Last Post: 21-01-2010, 02:34 PM
  2. Event ID 1083 & 1955 and account locks
    By jmp13 in forum Active Directory
    Replies: 5
    Last Post: 17-04-2007, 01:24 AM
  3. NTDS Replication event 2023 error 8589
    By Mr Major Thorburn in forum Active Directory
    Replies: 28
    Last Post: 26-05-2006, 02:37 PM
  4. NTDS Replication, Event ID: 1864
    By Edwin Delgado in forum Windows Server Help
    Replies: 0
    Last Post: 04-12-2005, 07:34 AM
  5. event ID: 1083 and 1955 ntds replication
    By pain112 in forum Active Directory
    Replies: 8
    Last Post: 16-09-2005, 02:44 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,710,828,532.12705 seconds with 17 queries