Home
  •  

Missing X.509 Domain Controller certificate

Missing_X.509_Domain_Controller_certificate_5_Rule (Rule)

Knowledge Base article:

Summary

The local domain controller has no DomainController X.509 certificate. Active Directory® directory service replication between the local domain controller and domain controllers in all other sites will fail until this certificate is added to the local domain controller.

Sample Event:

The local domain controller has no DomainController X.509 certificate.

Until this certificate is added, Active Directory replication between the local domain controller and domain controllers in all other sites will fail.

Resolutions

Add the DomainController X.509 certificate to the local domain controller.

External

For more information, see:

Element properties:

TargetMicrosoft.Windows.Server.2000.AD.DomainControllerRole
CategoryEventCollection
EnabledTrue
Event_ID1383
Event SourceNTDS Replication
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
RemotableTrue
Alert Message
Missing X.509 Domain Controller certificate
{0}
Event LogDirectory Service
CommentMom2005ID='{6FDF0225-8F62-478D-B077-A563720AA171}';MOM2005GroupID=

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.EventProvider Default
GenerateAlert WriteAction System.Health.GenerateAlert Default
WriteToDB WriteAction Microsoft.SystemCenter.CollectEvent Default
WriteToDW WriteAction Microsoft.SystemCenter.DataWarehouse.PublishEventData Default

Source Code:

<Rule ID="Missing_X.509_Domain_Controller_certificate_5_Rule" Comment="Mom2005ID='{6FDF0225-8F62-478D-B077-A563720AA171}';MOM2005GroupID=" Enabled="onEssentialMonitoring" Target="AD2000Core!Microsoft.Windows.Server.2000.AD.DomainControllerRole" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>EventCollection</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>Directory Service</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery>Channel</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value>Directory Service</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery>EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value>1383</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery>PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value>NTDS Replication</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>2</Severity>

      <AlertOwner>$Data/PublisherName$</AlertOwner>

      <AlertMessageId>$MPElement[Name="Missing_X.509_Domain_Controller_certificate_5_Rule.AlertMessage"]$</AlertMessageId>

      <AlertParameters>

        <AlertParameter1>$Data/EventDescription$</AlertParameter1>

      </AlertParameters>

      <Suppression>

        <SuppressionValue/>

      </Suppression>

    </WriteAction>

    <WriteAction ID="WriteToDB" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>

    <WriteAction ID="WriteToDW" TypeID="SCDW!Microsoft.SystemCenter.DataWarehouse.PublishEventData"/>

  </WriteActions>

</Rule>