Hi,
When trying to replicate over SMTP to a remote site I receive the following error in the Event log:
Event Type: Warning
Event Source: NTDS Replication
Event Category: Replication[font="][/font]
Event ID: [font="]1082[/font]
Date: [font="]1/15/2007[/font]
Time: [font="]9:30:42[/font] AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DClocal
Description[font="][/font]:
Internal event: Active Directory could not send a message requesting changes in the following directory partition to the domain controller at the following network address[font="][/font].
Additional Data[font="][/font]
Error value[font="][/font]:
6000 The specified file could not be encrypted[font="][/font].
Also - When manually trying to replicate via REPLMON I get the following popup:
There was an error during queuing the synchronization. The error code was: ERROR_REPLICA_SYNC_FAILED_THE SPCIFIED FILE COULD NOT BE ENCRYPTED.
I've assumed that it was some problem with our PKI, so I've manually republished our PKI hirearchy all the DC's involved and into the AD (Certutil -dspublish RootCA/NTauthCA/SubCA) - using PKIVIEW.msc & observing the machines cert store, I saw that the certificates are properly installed & the DC (Domain Controller Email Replication) certificates are trusted as well.
Only now after I've done this (I'm not sure if BECAUSE of this) I receive the following error in the Event log as well:
Event Type: Error
Event Source: NTDS Replication
Event Category: Replication[font="][/font]
Event ID: [font="]1223[/font]
Date: [font="]1/15/2007[/font]
Time: [font="]5:45:15[/font] AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DCremote
Description[font="][/font]:
The certificate presented by the following domain controller for intersite replication was rejected because the certification authority is not trusted[font="][/font].
Domain controller[font="][/font]:
DCremote[font="] [/font]
Certification authority[font="][/font]:
Internal Enterprise CA[font="][/font]
Replication access has been denied to the domain controller listed above and the certificate has been discarded
(note – the delta in times is because of the different time zones)
Any ideas anyone?
Thanks
When trying to replicate over SMTP to a remote site I receive the following error in the Event log:
Event Type: Warning
Event Source: NTDS Replication
Event Category: Replication[font="][/font]
Event ID: [font="]1082[/font]
Date: [font="]1/15/2007[/font]
Time: [font="]9:30:42[/font] AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DClocal
Description[font="][/font]:
Internal event: Active Directory could not send a message requesting changes in the following directory partition to the domain controller at the following network address[font="][/font].
Additional Data[font="][/font]
Error value[font="][/font]:
6000 The specified file could not be encrypted[font="][/font].
Also - When manually trying to replicate via REPLMON I get the following popup:
There was an error during queuing the synchronization. The error code was: ERROR_REPLICA_SYNC_FAILED_THE SPCIFIED FILE COULD NOT BE ENCRYPTED.
I've assumed that it was some problem with our PKI, so I've manually republished our PKI hirearchy all the DC's involved and into the AD (Certutil -dspublish RootCA/NTauthCA/SubCA) - using PKIVIEW.msc & observing the machines cert store, I saw that the certificates are properly installed & the DC (Domain Controller Email Replication) certificates are trusted as well.
Only now after I've done this (I'm not sure if BECAUSE of this) I receive the following error in the Event log as well:
Event Type: Error
Event Source: NTDS Replication
Event Category: Replication[font="][/font]
Event ID: [font="]1223[/font]
Date: [font="]1/15/2007[/font]
Time: [font="]5:45:15[/font] AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DCremote
Description[font="][/font]:
The certificate presented by the following domain controller for intersite replication was rejected because the certification authority is not trusted[font="][/font].
Domain controller[font="][/font]:
DCremote[font="] [/font]
Certification authority[font="][/font]:
Internal Enterprise CA[font="][/font]
Replication access has been denied to the domain controller listed above and the certificate has been discarded
(note – the delta in times is because of the different time zones)
Any ideas anyone?
Thanks
