Verify the serverReference attribute is not missing or set to an incorrect value and update it to the correct value.įind the domain controller that is referenced in the event ID 1411. The server object is the parent object of the domain controller's NTDS Settings object. The serverReference attribute in this instance is the Server object viewable in the Active Directory Sites and Services MMC (adsiedit.msc). This can also happen when you rename a domain controller and the serverReference attribute is not updated. The event most commonly occurs on a DC after a replication partner has been forcefully demoted and repromoted prior to allowing end-to-end replication to complete. The attempt to establish a replication link for the following writable directory partition failed. The local domain controller was unable to replicate changes to the following remote domain controller for the following directory partition. NTDS Replication / ActiveDirectory_DomainService 1411Īctive Directory failed to construct a mutual authentication service principal name (SPN) for the following domain controller. Repadmin /showrepl returns the following error:Įvents in the Directory Services event log that cite the error status 8589Įvents, which commonly cite the 8589 status, include but are not limited to: Event Source and Event ID REPADMIN commands that commonly cite the 8589 status include but are not limited to: REPADMIN.EXE reports that the last replication attempt has failed with status 8589 Verify if the source domain controller is accessible or network connectivity is available. This domain controller will be unable to replicate with the source domain controller until this problem is corrected. EventID: 0x80000785Įvent String: The attempt to establish a replication link for the following writable directory partition failed.ĬN=NTDS Settings,CN=DCSRV01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=contosoDC=com The DS cannot derive a service principal name (SPN) with which to mutually authenticate the target server because the corresponding server object in the local DS database has no serverReference attribute.Īn Warning Event occurred. The replication generated an error (8589): Sample error text from DCDIAG is shown below: You will see any of the following errors/warning when troubleshooting Active Directory replication.ĭCDIAG reports that the Active Directory Replications test has failed with error status (8589): The DS cannot derive a service principal name (SPN) ith which to mutually authenticate the target server because the corresponding server object in the local DS database has no serverReference attribute. Symbolic error: ERROR_DS_CANT_DERIVE_SPN_WITHOUT_SERVER_REF If you're looking for help with a problem, please ask the Microsoft Community.Īpplies to: Windows Server 2019, Windows Server 2016, Windows Server 2012 R2 Original KB number: 2703028 SymptomsĮrror 8589: "The DS cannot derive a service principal name (SPN) with which to mutually authenticate the target server because the corresponding server object in the local DS database has no serverReference attribute. Home users: This article is only intended for technical support agents and IT professionals.
0 Comments
Leave a Reply. |