"MS DTC could not correctly process a DC Promotion/Demotion event.
in [Active Directory]
|
From: John Keating on 20 Jan 2006 11:59 After changing the FSMO rolls to another DC all my 2003 SP1 DCs recorded the following error: Error ID 53258 MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 1624 No Callstack, CmdLine: C:\WINNT\System32\msdtc.exe I fixed this by adding the "create subkey" and "set value" permission under HKLM\SW\MS\MSDTC to the network service account (the account that is used by DTC). Has anone else had this issue? Is this the proper fix? Does this open any additional attack vectors on the DCs? Any input would be greatly appreciated. Many thanks, John Keating
From: John Keating on 20 Jan 2006 12:30 That should read "roles"... not "rolls". Duh! "John Keating" wrote: > After changing the FSMO rolls to another DC all my 2003 SP1 DCs recorded the > following error: > > Error ID 53258 > > MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC > will continue to function and will use the existing security settings. Error > Specifics: d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 1624 > No Callstack, > CmdLine: C:\WINNT\System32\msdtc.exe > > I fixed this by adding the "create subkey" and "set value" permission under > HKLM\SW\MS\MSDTC to the network service account (the account that is used by > DTC). Has anone else had this issue? Is this the proper fix? Does this open > any additional attack vectors on the DCs? > > Any input would be greatly appreciated. > > Many thanks, > John Keating > > >
From: Chris McT <Chris on 1 Feb 2006 20:16 I recently built a new lab with a DC/GC running Win03 SP1. I then ran the Security Config Wizard with the defaults and yes I have the same error appearing in the logs. I have seen other posts with the same fix but nothing official from MS. "John Keating" wrote: > After changing the FSMO rolls to another DC all my 2003 SP1 DCs recorded the > following error: > > Error ID 53258 > > MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC > will continue to function and will use the existing security settings. Error > Specifics: d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 1624 > No Callstack, > CmdLine: C:\WINNT\System32\msdtc.exe > > I fixed this by adding the "create subkey" and "set value" permission under > HKLM\SW\MS\MSDTC to the network service account (the account that is used by > DTC). Has anone else had this issue? Is this the proper fix? Does this open > any additional attack vectors on the DCs? > > Any input would be greatly appreciated. > > Many thanks, > John Keating > > >
|
Pages: 1 Prev: Problem with replicating AD and DNS Next: Event id 16650 |