Event Id | 1540 |
Source | NTDS Replication |
Description | Error 1219, DSID 11a0bc1, adding SID to object ?. |
Event Information | According to Microsoft: CAUSE: This issue occurs because the inbound trust relationship on the source Windows NT Server 4.0 domain is a downlevel trust, and trust relationships between Windows NT Server 4.0 domains are not upgraded to Windows 2000 uplevel trusts when you upgrade your domain to Windows 2000. The destination domain performs a version check to see if the source domain is running Windows 2000 so that the Lightweight Directory Access Protocol (LDAP) session may be signed or encrypted, however, the secure LDAP bind between the source and destination domains cannot occur over a downlevel trust, causing the "Inappropriate Authentication" error message to occur. RESOLUTION: To resolve this issue, delete and then rebuild the trust relationship by using either one of the following tools: • The Active Directory Domains and Trusts Microsoft Management Console (MMC) snap-in (Domain.msc) tool. • The Netdom.exe tool. |
Reference Links | ClonePrincipal and ADMT Require Uplevel Trust to Migrate Objects Between Windows 2000 Domains |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.