Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Windows 2003 PDC NTDS SDPROP id 2008 errors

Posted on 2005-03-29
9
Medium Priority
?
1,013 Views
Last Modified: 2010-07-07
Hi,
I am getting these two event log errors below.  I had two windows 2000 domain controllers and a windows 2000 member server running windows 2003.
I upgraded the PDC to Windows 2003 first.  Event log errors were ok.  Then I installed a new member server with windows 2003 and exchange 2003, migrated all email and public folders over to the new exchange server.  I turned off the old exchange server (haven't removed it from the site yet, though it is not getting public folders replicated to it).

I am getting these errors every 30 minutes.  Any idea how to get rid of them?  I looked at q318774 but don't see how it applies.

Any ideas?
I was having a w32 time error, but fixed it by synching NTP to an external time source (opening the firewall on UDP 123).

I'm also having a problem emailing to AOL, but that may be a reverse DNS issue as we are an SBC DSL account.  I'm not quite sure of that yet.

This post is for the NTDS replication problem though.  Any help would rock!

____________________________________________
Directory Service Event Log: Event ID: 2008  Source:NTDS SDPROP Category: (9)

Internal error: The security descriptor propagation task encountered an error while processing the following object. The propagation of security descriptors may not be possible until the problem is corrected.
 
Object:
CN=Schema 14989520,CN=Microsoft Exchange System Objects,DC=domain,DC=local
 
Additional Data
Error value:
-1112 []
Internal ID:
2080495

___________________________________________
Event ID: 2008  Source:NTDS SDPROP Category: (9)

Internal error: The security descriptor propagation task encountered an error while processing the following object. The propagation of security descriptors may not be possible until the problem is corrected.
 
Object:
CN=microsoft 14285877,CN=Microsoft Exchange System Objects,DC=vanguardsf,DC=local
 
Additional Data
Error value:
-1112 []
Internal ID:
2080495

0
Comment
Question by:fitzpab
8 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 13651568
Did you run forest prep and domain prep for both Windows 2003 and Exchange 2003? If not, then do so, waiting at least 30 minutes between each stage.

Simon.
0
 
LVL 1

Author Comment

by:fitzpab
ID: 13654386
Running forest prep and domain prep were the first things I did....that was over a month ago too (didn't put that in the original post).   These are production servers, so I don't think I should run these again.... or is that a normal troubleshooting step?

I did have to rebuild the exchange server a few weeks ago after a HD crash...the errors started happening then (also forgot to put in original post).
0
 
LVL 1

Author Comment

by:fitzpab
ID: 13654391
Also, email and file access is working (OWA over SSL, OUTLOOK over RPC) is all working ok.  I have a 10GB message store.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 104

Expert Comment

by:Sembee
ID: 13654842
Forest prep and domain prep can be run again in production hours on production servers. It doesn't change anything, but can correct various errors. I use it as a good first step.

The reason I suggested that was this is a security propagation error. If the Exchange servers aren't members of the correct groups then this error can be generated.

Simon.
0
 
LVL 1

Author Comment

by:fitzpab
ID: 13657134
OK, I'll give it a try and let you know
0
 
LVL 1

Author Comment

by:fitzpab
ID: 14358671
I ended up using ADSI Edit and deleting some bad entries.  Fixed problem.  Also time server fixes.
0
 

Accepted Solution

by:
PAQ_Man earned 0 total points
ID: 14392372
Question Closed, 500 points refunded.
PAQ_Man
Community Support Moderator
0
 

Expert Comment

by:bittyjos
ID: 33151434
I ran Forest Prep and Domain Prep in Exchange server but still error is coming.....


And please advice what to be done in ADSI edit????
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question