| Event Information | After you perform an in-place upgrade of a Microsoft Windows NT 4.0 domain and join it to an existing Microsoft Windows 2000 forest as a child domain, replication by the Active Directory directory service of the schema naming context and of the configuration naming context may not be completed successfully. Additionally, this event [ along with some more events ] may be logged on domain controllers in the upgraded domain.
CAUSE
:
This issue may occur if all the following conditions are true:
An external trust for a Windows NT 4.0 domain is created in the Windows 2000 Active Directory forest.
In the Windows 2000 Active Directory forest, security identifier (SID) filtering is enabled for this external trust.
The Windows NT domain is upgraded through an in-place upgrade.
The upgraded domain joins the existing Windows 2000 Active Directory forest as a child domain.
The flag for SID filtering is retained, even though the external trust is changed to internal.
RESOLUTION :
To resolve this issue, use Netdom.exe to disable SID filtering for the child domain on the parent domain. To do this, type the following command at a command prompt:
netdom trust parentDom /D:ChildDom /UD:ChildDom\Administrator /PD: adminpwd /UO:ParentDom\Administrator /PO:adminpwd /filtersids:no
|
