Solved

Windows 2003 Event ID 1093: Active Directory could not update object

Posted on 2013-05-11
2
1,281 Views
Last Modified: 2013-05-17
Hello,
I've two DCs, both WIN2003 with SP2 and they are Global Catalog.
They are working fine, except for a warning started two months ago for a particular AD user:

USER1 is an object contained in OU=GLOBAL-USERS,OU=CAT1,OU=GROUP1
Domain is: mydomain.local

The warning that appears (but only on SERVER1, first DC) is the following:

Event Type:      Warning
Event Source:      NTDS Replication
Event Category:      Replication
Event ID:      1093
Date:            5/11/2013
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVER1
Description:
Active Directory could not update the following object with attribute changes because the incoming change
caused the object to exceed the maximum object record size.
The incoming change to the following attribute will be reversed in an attempt to complete the update.
 
Object:
CN=USER1,OU=GROUP1,OU=CAT1,OU=GLOBAL-USERS,DC=mydomain,DC=local
Object GUID:
<GUID>
Attribute:
903b4 (mSMQDigests)
 
The current value (without changes) of the attribute on this domain controller will replicate to all other domain controllers.
This will counteract the change to the rest of the replicated forest. The reversal values may be recognized as follows:
Version:
1023
Time of change:
<datetime>
Update sequence number:
92233311

This happens at least one time per day.

At the same time it is followed by Event ID 1101 which shows:

Active Directory updated the following object with attribute changes after reversing one or more of the failed attribute changes.

I havent any other issues on Directory Services event viewer, nor any problem on AD replication or KCC.

My concerns are:

1. is the user object going to fails something in authentication ?
2. do I need to perform some low level maintenance for this object ?

All user objects inside OU=GLOBAL-USERS are not affected.

Any feedback is really appreciated. Thanks.
0
Comment
Question by:pablito70
2 Comments
 
LVL 29

Accepted Solution

by:
Rich Weissler earned 500 total points
ID: 39159924
It's only the single user object, right?
Does that user have an unusually large number of groups (or nested groups)?  I don't think you'd get THIS message... I think it's a warning about token size if the problem relates to excessive group membership.
Have you looked at that user with ADSIEdit yet?  It might be worth at least looking at this user object to see if anything leaps out at you.... whether someone has attached a lot of data to a particular field, etc.
0
 
LVL 2

Author Comment

by:pablito70
ID: 39161659
Yes only this user is affected.
There is no excessive member groups; it has same membership of similar other users.

I will look inside to ADSIedit.

Thanks
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Synchronize a new Active Directory domain with an existing Office 365 tenant
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now