Article ID: 810089
Article Last Modified on 10/27/2006
APPLIES TO
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Service Pack 3
- Microsoft Windows 2000 Service Pack 2
- Microsoft Windows 2000 Service Pack 1
SYMPTOMS
If a directory partition is removed (the last domain controller for that context is demoted to a member server), and is then re-created before replication is completed, lingering phantoms may be incorrectly referred to by a crossRef object. This condition can cause replication errors, and may prevent you from promoting a new global catalog. See the "More Information" section in this article for definitions of terms and sample Directory Services event log entries.
Note that the Windows 2000 Service Pack 3 hotfixes that are listed in the "References" section of this article do not permit the Ntdsutil.exe tool to fix this problem.
The update that this article describes is a preventative fix; the fix is intended only to prevent the problem from occurring. For additional information about how to correct this problem if it has already occurred, click the following article number to view the article in the Microsoft Knowledge Base:
814202 The Ntdsutil Semantic Checker Cannot Rename Conflict-Mangled Phantom Names
CAUSE
Inbound replication of a new crossRef object is delayed when the nCName value matches an existing object. However, if the nCName value matches an existing phantom, the value may be attached to an old naming context. When later references to the correct (new) naming context are replicated in, the existing name is "mangled" to reflect that it is in conflict.
RESOLUTION
A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Windows 2000 service pack that contains this hotfix.
To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:
NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The typical support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Time Version Size File name -------------------------------------------------------- 16-Feb-2003 14:30 5.0.2195.6613 124,176 Adsldp.dll 16-Feb-2003 14:30 5.0.2195.6601 130,832 Adsldpc.dll 26-Feb-2003 09:40 5.0.2195.6667 62,736 Adsmsext.dll 26-Feb-2003 09:40 5.0.2195.6672 378,640 Advapi32.dll 16-Feb-2003 14:30 5.0.2195.6611 49,936 Browser.dll 16-Feb-2003 14:30 5.0.2195.6663 135,952 Dnsapi.dll 16-Feb-2003 14:30 5.0.2195.6663 96,528 Dnsrslvr.dll 16-Feb-2003 14:30 5.0.2195.6661 46,352 Eventlog.dll 16-Feb-2003 14:30 5.0.2195.6627 148,240 Kdcsvc.dll 20-Feb-2003 14:11 5.0.2195.6666 204,560 Kerberos.dll 02-Dec-2002 17:09 5.0.2195.6621 71,888 Ksecdd.sys 24-Jan-2003 12:40 5.0.2195.6659 509,712 Lsasrv.dll 24-Jan-2003 12:41 5.0.2195.6659 33,552 Lsass.exe 05-Feb-2003 06:59 5.0.2195.6662 109,328 Msv1_0.dll 16-Feb-2003 14:30 5.0.2195.6601 312,592 Netapi32.dll 16-Feb-2003 14:30 5.0.2195.6627 360,720 Netlogon.dll 26-Feb-2003 09:40 5.0.2195.6672 929,552 Ntdsa.dll 26-Feb-2003 09:40 5.0.2195.6666 392,464 Samsrv.dll 26-Feb-2003 09:40 5.0.2195.6672 131,344 Scecli.dll 26-Feb-2003 09:40 5.0.2195.6671 306,448 Scesrv.dll 16-Feb-2003 14:30 5.0.2195.6601 51,472 W32time.dll 16-Aug-2002 03:32 5.0.2195.6601 57,104 W32tm.exe 26-Feb-2003 09:40 5.0.2195.6666 125,200 Wldap32.dll
Note this update is required on only the computer that holds the domain naming master role.
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
MORE INFORMATION
For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:
265173 The Datacenter Program and Windows 2000 Datacenter Server Product
Definitions
Phantom
This is an object that has been deleted, and whose tombstone lifetime has passed. However, references to the object are still present in the directory database. Phantom objects are special kinds of internal database tracking objects that you cannot view through any LDAP or Active Directory Service Interface (ADSI) tool.
CrossRef
These are objects of the crossRef class that identify the existance and location of all directory partitions, and permit domain controllers to be aware of forest-wide directory partitions. These objects are stored in the Configuration container, and are replicated to every domain controller in the forest. Each crossRef object has a "nCName" (naming context, or directory partition) attribute. These must be unique.
Error Message That You Receive When You Try to Promote a New Global Catalog
Replication Error Messages
REFERENCES
For additional information about related items, click the following article numbers to view the articles in the Microsoft Knowledge Base:
258310 Viewing Deleted Objects in Active Directory
248047 Phantoms, Tombstones and the Infrastructure Master
For additional information about related hotfixes, click the following article numbers to view the articles in the Microsoft Knowledge Base:
281485 Name Collision in Active Directory Causes Replication Errors
319622 Ntdsutil.exe Semantic Checker "Can't Fix Mangled NC" Error Message in Windows 2000
Keywords: kbbug kbfix kbwin2000presp4fix kbqfe kbhotfixserver KB810089