De directoryservice van de Active Directory® kan de standaard security descriptor voor de zojuist gemaakte toepassingsmappartitie niet goed maken.
Voorbeeldgebeurtenis:
Active Directory kan de standaard security descriptor voor de volgende toepassingsmappartitie niet goed maken. Toepassingsmappartitie: %3
Aanvullende gegevens
Foutwaarde: %1 %2
Bekijk de toegangsbeheerlijst (ACL) van de nieuwe toepassingsmappartitie. Zorg ervoor dat de machtiging Replication Get Changes All is toegewezen aan de groep Ondernemingsdomeincontrollers en verwijder de machtiging uit de groep Domeincontrollers voor het domein.
Meer informatie:
Target | Microsoft.Windows.Server.2008.AD.DomainControllerRole | ||
Category | EventCollection | ||
Enabled | True | ||
Event_ID | 1979 | ||
Alert Generate | True | ||
Alert Severity | Warning | ||
Alert Priority | Normal | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | Directory Service | ||
Comment | Mom2005ID='{ED743F17-79E5-4B01-BB46-B4226F0FF883}';MOM2005GroupID= |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.Windows.EventProvider | Default |
CollectEventData | WriteAction | Microsoft.SystemCenter.CollectEvent | Default |
CollectEventDataWarehouse | WriteAction | Microsoft.SystemCenter.DataWarehouse.PublishEventData | Default |
GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
<Rule ID="Active_Directory_cannot_create_the_default_security_descriptor_for_an_application_directory_partition_5_Rule" Comment="Mom2005ID='{ED743F17-79E5-4B01-BB46-B4226F0FF883}';MOM2005GroupID=" Enabled="onEssentialMonitoring" Target="AD2008Core!Microsoft.Windows.Server.2008.AD.DomainControllerRole" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Directory Service</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>1979</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>Channel</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>Directory Service</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>1</Severity>
<AlertOwner/>
<AlertMessageId>$MPElement[Name="Active_Directory_cannot_create_the_default_security_descriptor_for_an_application_directory_partition_5_Rule.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue/>
</Suppression>
</WriteAction>
<WriteAction ID="CollectEventData" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>
<WriteAction ID="CollectEventDataWarehouse" TypeID="SCDW!Microsoft.SystemCenter.DataWarehouse.PublishEventData"/>
</WriteActions>
</Rule>