Active Directory cannot create the default security descriptor for an application directory partition Rule

Run As Profiles

Name
Default

Alert Details

Message Priority Severity
Active Directory cannot create the default security descriptor for an application directory partition Medium Warning

Rule Knowledgebase

Summary

The Active Directory® directory service was unable to correctly create the default security descriptor for a newly created application directory partition.

Sample Event:

Active Directory was unable to correctly create the default security descriptor for the following application directory partition. Application directory partition: %3

Additional Data

Error value: %1 %2
Causes
This rule does not contain any causes.
Resolutions

Review the access control list (ACL) on the newly created application directory partition. Ensure that the Replication Get Changes All access right is assigned to the Enterprise Domain Controllers group, and then remove that right from the Domain Controllers group for the domain.

External References

For more information, see:

See Also for Active Directory (AD) Monitoring Management Pack


Downloads for Active Directory (AD) Monitoring Management Pack

Back to top
AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED