Description of NTDS replication warning IDs 1083 and 1061, and SAM error ID 12294 because of an Active Directory collision

Simultaneous changes against Active Directory object attributes on different domain controllers may cause an Active Directory collision for the update. When this occurs, NTDS replication warnings 1083 or 1061, or SAM error ID 12294 may be logged.

The following events may be logged if immediate replication is triggered (for example, by an urgent replication for a user lockout condition) and collides with the local Active Directory update: This indicates that the unsuccessful attempt of the remotely triggered update that will be retried later: If advanced NTDS logging is enabled, the following error ID may also be logged: If NTDS logging is set to 4 (Verbose) or higher in the Replication Events entry of the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Diagnostics\ subkey, the following error ID may also be logged: For more information, click the following article number to view the article in the Microsoft Knowledge Base: If the remotely triggered update wins against the local update, the following system event may be logged for a user account lockout: You must analyze the error data to receive the correct error condition. DWord data hexadecimal 0xc00002a5 = decimal -1073741147: STATUS_DS_BUSY, ntstatus.h).

After the warnings, an NTDS information event is logged that reports that the queued update has already been made (with the same version ID) and is be ignored as redundant: When this condition exists, no replication error has occurred. Active Directory is consistent and you can safely ignore the resulting event logs.

On a computer that is running Microsoft Windows Server 2003, you can also determine whether a replication error has occurred by exporting the replication meta-data of the object. To do this, run the following command at a command prompt: Note In this command, make the following replacements for the placeholders:

• Replace the domainController placeholder with the host name of a domain controller.
• Replace the objectDN placeholder with the distinguished name of the affected object.

In the output that this command generates, match the last update times of the attribute to the times that the events were logged. From this information, you can determine which attribute caused the replication error.

Generally, you experience this problem with the lockoutTime attribute or with one of the password attributes. In these cases, you can safely ignore the events. The events occur because the change that occurs on the primary domain controller (PDC) is also written to the local domain controller. At the same time, the change is replicated among the domain controllers. For lockoutTime, the change is replicated urgently in the site of the PDC.

A list of changes for which you may experience a replication collision is found in the following Knowledge Base article: Because of the short replication notification intervals that you can have in Microsoft Windows Server 2003, you may experience a replication collision in the same site of the PDC. Password changes are one example of a scenario in which you may experience a replication collision. This behavior occurs because a domain controller forwards new passwords to the PDC. Both the PDC and the local domain controller then replicate the changed password information. Therefore, a replication collision may occur on another domain controller in the same site. For more information about replication notification, click the following article number to view the article in the Microsoft Knowledge Base: To help reduce the generation of replication collision events, configure the PDC in a site that does not have other domain controllers or client computers. In this scenario, the PDC does not urgently replicate updates that it receives. Therefore, you may reduce the risk of replication collisions. In a large domain, you can use this method to help reduce the load on the PDC. For more information about "piling on" scenarios, click the following article number to view the article in the Microsoft Knowledge Base: