Active Directory Connector Generates Event 8182 (257250)

SYMPTOMS

Event 8182 may occur in the Application event log when Active Directory Connector replication is initiated. The following event is recorded with the default diagnostic logging levels:

Source: MSADC

Category: Replication

Event ID: 8182

Description: Could not import the entry 'cn=testuser,cn=Recipients,ou=OU1,o=Org' into the directory server 'DOMAINPDC' in the second attempt. (Connection Agreement 'TestADC')

No Data will be available.

The data within the description contains information specific to the Active Directory installation on which the error occurs.

If the diagnostic logging level for the Replication category is set to Medium or Maximum, the following event is also recorded:

Source: MSADC

Category: Replication

Event ID: 8109

Description: Could not import the entry 'cn=testuser,cn=Recipients,ou=OU1,o=Org' into the directory server 'DOMAINPDC' in the first attempt. (Connection Agreement 'TestADC')

No Data will be available.

The data within the description contains information specific to the Active Directory installation on which the error occurs.

If the diagnostic logging level for the LDAP Operations category is set to Minimum or higher, the following event is also recorded:

Source: MSADC

Category: Replication

Event ID: 8021

Description: LDAP Add on directory paigevpdc for entry 'cn=testuser,cn=incoming,cn=Recipients,ou=Site,o=Org' was unsuccessful with error:[0x32] Insufficient Rights. (Connection Agreement 'TestADC')

No Data will be available.

The data within the description contains information specific to the Active Directory installation on which the error occurs.

CAUSE

The user account that was used to configure the Active Directory connection agreement does not possess adequate user rights to perform replication within the connection agreement.

With two-way replication, the specified Microsoft Exchange and Windows authentication type and credentials must be able to write to and read from both the Exchange folder and Windows 2000 Server Active Directory.

With one-way replication, the authentication type and credentials must have Read access to the export folder from which the information is replicated, and Write access to the import folder to which the information is replicated.

RESOLUTION

If replication is not working from Active Directory to the Exchange server, configure the connection to use the Exchange Service Account. Or, configure the Active Directory connector to connect as a user account that has been assigned administrative permission to the recipients container on the Exchange server.

If replication is not working from the Exchange server to Active Directory, add the user to the Domain Administrators group in Active Directory.

MORE INFORMATION

Successful replication of the Active Directory connection logs the following events when the diagnostic logging configuration is set to Minimum for the LDAP category, and set to Medium or Maximum for the Replication category.

NOTE: Event 8033 indicates that the Active Directory connection is simply in need of synchronization and does not indicate a problem. Event 8033 is recorded regardless of whether or not replication is successful.

Source: MSADC

Category: LDAP Operations

Event ID: 8033

Description: LDAP search result on directory DOMAINPDC for entry 'cn=testuser,OU=OU1,DC=Domain' was unsuccessful with error:[0x20] No Such Object. (Connection Agreement 'TestADC')

No Data will be available.

The data within the description contains information specific to the Active Directory installation on which the event occurs. Immediately following event 8033, the following event is recorded:

Source: MSADC

Category: Replication

Event ID: 8038

Description: Successfully added new entry 'cn=testuser,OU=OU1,DC=domain' on directory 'DOMAINPDC'. (Connection Agreement 'TestADC')

No Data will be available.

The data within the description contains information specific to the Active Directory installation on which the event occurs.