12293 Event Log error source SAM (Duplicate SID deleted)
I am having an issue I haven't seen before and can't find information on. I have a two DC network that was fine until we moved it to a different location and changed IP's on the network.
The first weekend we had it up at the new location we got errors similar to the ones below and ended up losing about 6 objects in AD due to the situation. It disapeered after that and didn't come back until this week when we joined a few new computers to the domain. One of them aparently grabbed the same SID as an account that has existed since day one on the domain.
Anyway, all I can find is the following article about it which tells how to check for more duplicates, which there weren't the last time it happend and aren't now. It doesn't tell you how to check for and fix the problem. It mentions that it can happen if the roles are seized, or if one of the master's is down for awhile, but to my knowledge this hasn't happened.
http://support.microsoft.com/default.aspx?scid=kb;en-us;315062
If anyone has any information other than the above article I would appreciate it if you could forward it to me via a reply to this post before I lose an account I can't recover.
Event Type: Error
Event Source: SAM
Event Category: None
Event ID: 12293
Date: 7/20/2006
Time: 4:18:20 PM
User: S-1-5-21-4106901455-202158
Computer: NTWAPP
Description:
There are two or more objects that have the same SID attribute in the SAM database. The Distinguished Name of the account is CONFERENCEROOM\0ADEL:913f7
Objects,DC=nextechwireless
event log for additional duplicates.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: SAM
Event Category: None
Event ID: 12293
Date: 7/20/2006
Time: 4:18:20 PM
User: S-1-5-21-4106901455-202158
Computer: NTWAPP
Description:
There are two or more objects that have the same SID attribute in the SAM database. The
Distinguished Name of the account is CN=Jeff
Kisner\0ADEL:f0b72e97-cbb9
Objects,DC=nextechwireless
event log for additional duplicates.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Thanks,
Ashley Heaton
aheaton*nospam*@nex-tech.c
The first weekend we had it up at the new location we got errors similar to the ones below and ended up losing about 6 objects in AD due to the situation. It disapeered after that and didn't come back until this week when we joined a few new computers to the domain. One of them aparently grabbed the same SID as an account that has existed since day one on the domain.
Anyway, all I can find is the following article about it which tells how to check for more duplicates, which there weren't the last time it happend and aren't now. It doesn't tell you how to check for and fix the problem. It mentions that it can happen if the roles are seized, or if one of the master's is down for awhile, but to my knowledge this hasn't happened.
http://support.microsoft.com/default.aspx?scid=kb;en-us;315062
If anyone has any information other than the above article I would appreciate it if you could forward it to me via a reply to this post before I lose an account I can't recover.
Event Type: Error
Event Source: SAM
Event Category: None
Event ID: 12293
Date: 7/20/2006
Time: 4:18:20 PM
User: S-1-5-21-4106901455-202158
Computer: NTWAPP
Description:
There are two or more objects that have the same SID attribute in the SAM database. The Distinguished Name of the account is CONFERENCEROOM\0ADEL:913f7
Objects,DC=nextechwireless
event log for additional duplicates.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: SAM
Event Category: None
Event ID: 12293
Date: 7/20/2006
Time: 4:18:20 PM
User: S-1-5-21-4106901455-202158
Computer: NTWAPP
Description:
There are two or more objects that have the same SID attribute in the SAM database. The
Distinguished Name of the account is CN=Jeff
Kisner\0ADEL:f0b72e97-cbb9
Objects,DC=nextechwireless
event log for additional duplicates.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Thanks,
Ashley Heaton
aheaton*nospam*@nex-tech.c
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks,
Ashley