"Access Denied" Error Message When You Use the Active Directory Sites and Services Tool (303305)
The information in this article applies to:
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Small Business Server 2003, Premium Edition
- Microsoft Windows Small Business Server 2003, Standard Edition
This article was previously published under Q303305 SYMPTOMS If you are in a domain in which a user or group has been
granted the Replication Synchronization permission on an entire naming context,
and you attempt to initiate replication with the Active Directory Sites and
Services tool (Dssite.msc) in the context of that user or group, you can
receive the following error message: The following error
occurred during the attempt to synchronize naming context
Your_naming_context from domain controller
Source_DC to domain controller
Destination_DC: Replication access has been
denied
The operation will not continue. Yet, when you
initiate replication of the specific naming context with either the Active
Directory Replication Monitor (Replmon.exe) or the Repadmin.exe tool, both of
these tools work as expected. CAUSE This behavior occurs because the Active Directory Sites and
Services tool initiates replication on all common naming contexts between the
replication partners. The container to which the user has the Replication
Synchronization permission has replicated successfully. The containers in which
the user does not have the right, however, do not replicate, and the user
receives an "Access Denied" error message. RESOLUTION To work around this behavior, use either the Repadmin.exe
or the Replmon.exe tool to initiate replication on specific naming contexts.
STATUSThis
behavior is by design.
| Modification Type: | Minor | Last Reviewed: | 1/20/2006 |
|---|
| Keywords: | kberrmsg kbprb KB303305 |
|---|
|