I've two DCs, both WIN2003 with SP2 and they are Global Catalog.
They are working fine, except for a warning started two months ago for a particular AD user:
USER1 is an object contained in OU=GLOBAL-USERS,OU=CAT1,OU=GROUP1
Domain is: mydomain.local
The warning that appears (but only on SERVER1, first DC) is the following:
Event Type: Warning
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1093
User: NT AUTHORITY\ANONYMOUS LOGON
Active Directory could not update the following object with attribute changes because the incoming change
caused the object to exceed the maximum object record size.
The incoming change to the following attribute will be reversed in an attempt to complete the update.
The current value (without changes) of the attribute on this domain controller will replicate to all other domain controllers.
This will counteract the change to the rest of the replicated forest. The reversal values may be recognized as follows:
Time of change:
Update sequence number:
This happens at least one time per day.
At the same time it is followed by Event ID 1101 which shows:
Active Directory updated the following object with attribute changes after reversing one or more of the failed attribute changes.
I havent any other issues on Directory Services event viewer, nor any problem on AD replication or KCC.
My concerns are:
1. is the user object going to fails something in authentication ?
2. do I need to perform some low level maintenance for this object ?
All user objects inside OU=GLOBAL-USERS are not affected.
Any feedback is really appreciated. Thanks.