| Event Id | 1265 |
| Source | NTDS KCC |
| Description | The attempt to establish a replication link with parameters Partition: DC="CHILD CNF:318498a8-8c57-46e3-b226-3693f7719162",DC=DOM2,DC=com Source DSA DN: CN=NTDS Settings,CN=SRV2,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=CHILD,DC=DOM1,DC=net Source DSA Address: cabc8641-9a94-41d9-bf9a-56f43b67006a._msdcs.child.dom1.net Inter-site Transport (if any): CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=child,DC=dom1,DC=net failed with the following status: Logon Failure: The target account name is incorrect. The record data is the status code. This operation will be retried. Data: 0000: 74 05 00 00 t... |
| Event Information | SYMPTOMS: A Windows Server 2003 domain controller cannot replicate the configuration or the schema partitions with replication partners that belong to another domain of the forest. If the domain controller is a global catalog server, it also cannot replicate the other domain partitions with these replication partners. According to Microsoft: CAUSE 1: This behavior occurs because the Kerberos tickets in the domain controller are not valid on other domain controllers in the domain. RESOLUTION: To resolve this behavior: 1. Set the Startup type for the Kerberos Key Distribution Center service on the affected domain controller to Disabled. 2. Restart the affected domain controller. 3. Log on to the domain controller, and then force the replication with its replication partners by using the Active Directory Sites and Services snap-in. 4. Check the replication status by typing the following command line from a command prompt:repadmin /showreps Repadmin is available in Windows 2000 Support Tools. 5. If replication is now successful, set Startup type for the Kerberos Key Distribution Center service on the affected domain controller back to Automatic. 6. Restart the Kerberos Key Distribution Center service. CAUSE 2: This problem can occur when the password of the inter-domain trust account is not synchronized on both sides of the trust relationship. RESOLUTION: To resolve this problem, reset the trust relationship. |
| Reference Links | Replication Does Not Work When the Error "Replication Access Was Denied" Is Logged
Replication Error 1326 and Event ID 1265 Message "Unknown User Name or Bad Password" Name Collision in Active Directory Causes Replication Errors Cannot Promote New Global Catalog When Conflict Naming Contexts Exist Active Directory does not replicate when DNS lookup is not successful Active Directory Replication and Knowledge Consistency Checker Fail without Trusted Domain Object How to troubleshoot RPC Endpoint Mapper errors in Windows Server 2003 You cannot promote a Windows 2000-based domain controller to a global catalog server |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.