修正複寫安全性問題Fixing Replication Security Problems

適用於:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

本節描述您可能會遇到當複寫 Active Directory 支援的安全性問題。This section provides a description of security problems that you might experience when Active Directory replication is enabled. 當安全性問題會導致︰ 複寫失敗時,各種事件登入訊息及 Repadmin 訊息包含錯誤碼找出問題。When security problems cause replication to fail, various event log messages and Repadmin messages contain error codes that identify the problems. 健康整體的複寫 Active Directory Domain Services (AD DS) 的報告 Dcdiag.exe 工具。The Dcdiag.exe tool reports on the overall health of replication with respect to Active Directory Domain Services (AD DS). Dcdiag 偵測到的事件 」 拒絕存取 」、 「 未知帳號 」,以及類似事件常見的原因。Dcdiag detects common causes of "Access denied" events, "Account unknown" events, and similar events. Windows Server 2003 含 Service Pack 1 (SP1) 中引進 Dcdiag 安全性測試。The Dcdiag security test was introduced in Windows Server 2003 with Service Pack 1 (SP1). 並無法使用較舊版本的 Windows Server 中。It is not available in earlier versions of Windows Server. 錯誤碼 Dcdiag 所偵測到的如下表所示。The error codes that Dcdiag detects are described in the following table. 錯誤碼標示星號 () 永遠不造成的安全性問題。 使用中的程序「 存取拒 」 或其他安全性錯誤造成複寫問題以診斷及修正複寫安全性問題。Use the procedures in An "Access denied" or other security error has caused replication problems to diagnose and fix replication security problems.
Error code Description
5 Access is denied.Error codes that are marked with an asterisk () are not always caused by a security problem.
Error code Description
5 Access is denied.
13141314 所需的權限來 client 不正確。A required privilege is not held by the client.
13261326 登入失敗: 不明的使用者名稱或錯誤密碼。Logon failure: unknown user name or bad password.
13961396 登入失敗: 目標帳號不正確。Logon failure: The target account name is incorrect.
19081908 找不到此網域網域控制站。Could not find the domain controller for this domain.
1397 互加好友的驗證失敗。伺服器的密碼不是最新的網域控制站在。1397 Mutual authentication failed. The server's password is out of date at the domain controller.
13981398 還有 client 之間伺服器的時間和/或日期人而有所不同。There is a time and/or date difference between the client and server.
1722* 遠端程序呼叫 (RPC) 伺服器是否已無法使用。1722 The remote procedure call (RPC) server is unavailable.
22022202 指定的使用者名稱無效。The specified username is invalid.
84538453 複寫被存取。Replication access was denied.