Microsoft KB Archive/324941

= List of Directory Services fixes in Windows 2000 Service Pack 3 =

Article ID: 324941

Article Last Modified on 10/30/2006

-

APPLIES TO


 * Microsoft Windows 2000 Service Pack 3
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Service Pack 3

-



This article was previously published under Q324941



SUMMARY
Windows 2000 Service Pack 3 (SP3) fixes the following directory services problems:  Active Directory Replication Retries Too Frequently

When Active Directory replication is unsuccessful, it performs repeated replication requests. In some cases, Lsass.exe may consume up to 100 percent of the CPU time. Incorrect Data Is Saved, and Memory Leak Occurs

Incorrect data is saved, and a memory leak occurs when using the IADsPropertyValue2 interface to obtain the dnWithBinary data type. Access Violation in Windows NT Directory Service Settings (NTDS Settings) Using Microsoft Distributed Transaction Coordinator (DTC)

A &quot;race&quot; condition may occur in which multiple threads try to access the same data at the same time. DNS Service Does Not Start After You Change the Boot Method to File

On a domain controller, after you change the DNS service method for loading zone data on startup from the From Active Directory and registry option to the From file option, the server incorrectly saves the changes. Memory Leak During Security Descriptor Propagation

During security descriptor propagation, if an exception occurs--for example, a write conflict--the newly created security descriptor is lost, and the memory allocated to it is not freed. Memory Leak When Security Descriptor Is More Than 2000 Bytes

When a security descriptor exceeds the default 2000 byte buffer, an additional buffer is created for it. However, the original buffer is not deallocated. Cannot Promote an Upgraded PDC to an Active Directory Domain Controller

When you upgrade a Windows NT 4.0 primary domain controller (PDC) to Windows 2000 and then run DCPROMO to configure it as an Active Directory domain controller, you may receive the following error message:

Error

&quot;The Directory Service failed to replicate the partition CN=Schema,CN=Configuration,DC= ,DC= from remote server SERVER. (8437). An invalid parameter was specified&quot;

This error occurs if the DCPROMO locator returns a NETBIOS name instead of a DNS name.</li> Profile Home Folder Properties Do Not Appear to User to Which You Have Delegated Control

When you delegate control of the following permissions by using the Delegation of Control Wizard

Read Home Folder

Write Home Folder

Read Home Drive

Write Home Drive

the destination drive letter and path do not appear in the Connect list and To box of a user's profile settings. This problem occurs after the user to whom you delegate these permissions configures those settings, closes, and then reopens the dialog box. (The Connect list and To box appear on the Profiles tab of the user account Properties dialog box.)</li> Global Catalog Server Advertises Before Being Successfully Replicated

A domain controller that is configured to act as a global catalog server may advertise itself as a global catalog server before successfully replicating all objects of foreign domain naming contexts.</li> Memory Leak in LDAP &quot;Ping&quot;

A Malformed Domain Controller locator (named Locator) Lightweight Directory Access Protocol (LDAP) User Datagram Protocol (UDP) search (Ping) can cause a memory leak.</li> Missing Release of Critical Section in LoadAdvapi32Function

The LoadAdvapi32Function function enters the Critical Section before making changes to global values but does not release the Critical Section after it updates the global flags.</li> Security Increased by Reducing List of Trusted Callers

This update increases security by making all caller types except LSA unsuccessful.</li> ASCII Error Message Is Logged As Unicode

A directory services error message may be logged as Unicode in the Directory Services log, but the error message is ASCII. The unreadable error description may be appear similar to the following event in the Directory Services log in Event Viewer:

<pre class="fixed_text">Date:            Source:   NTDS Replication Time:            Category: Internal Processing Type:    Warning        Event ID: 1481 User:    Everyone Computer: <ServerName>

Description: Internal event: The operation on the object failed with the following internal error string: ?? ????>???>?????????????'???????????? ?

</li> Global Groups That Are Members of Local Groups Are Not Displayed

If a global group does not contain local user accounts, the group does not appear as a member of a local group when the user is logged on by using cached credentials.</li></ul>

Additional query words: kbWin2000sp3fixlist kbDirServices

Keywords: kbinfo kbwin2000sp3fix kbdirservices kbpending KB324941

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.