N
Nick
I am having issues when loading a policy in the GPMC with the security
filtering option turned on. It seems that SIDs take 20 seconds or so to be
translated into the computer name. SIDs get translated from the top down so
the first computer takes 20 seconds, then the next takes 20 seconds, etc...
Altogether it takes approximately 2 minutes to load the entire list of
computers which there are only 6 total. Other policies that use security
filtering that do not have computer objects listed open instantly. I turned
on debugging for the GMPC and here is what I get:
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] LdapConnectServer: ldap_connect
failed with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] CLDAPSearch::Open: failed to
connect to server DDI with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] CGPMTrustee::GetTrusteeLdapMsg:
Open for ldapSearch failed with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING]
CGPMTrustee:
istinguishUserAndMachType: GetTrusteeDSObject failed with
0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] CGPMTrustee::get_TrusteeType():
DistinguishUserAndMachType failed with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] ResolveTrustee(): Resolving
account <S-1-5-21-842925246-1085031214-682003330-3663> Domain Controller
<(null)>.
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] ResolveTrustee(): Resolving
account <S-1-5-21-842925246-1085031214-682003330-3663> Domain Controller
<(null)>.
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] ResolveTrustee(): Account name
is <DDIDEV2$>
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] CGPMTrustee::GetTrusteeLdapMsg:
Name is DDIDEV2$ baseDN
<SID=010500000000000515000000be043e322e43ac40828ba6284f0e0000>
I am not seeing any other issues with AD or LDAP with any internal or
external application. Does anyone know what can cause this and can it be
fixed?
filtering option turned on. It seems that SIDs take 20 seconds or so to be
translated into the computer name. SIDs get translated from the top down so
the first computer takes 20 seconds, then the next takes 20 seconds, etc...
Altogether it takes approximately 2 minutes to load the entire list of
computers which there are only 6 total. Other policies that use security
filtering that do not have computer objects listed open instantly. I turned
on debugging for the GMPC and here is what I get:
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] LdapConnectServer: ldap_connect
failed with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] CLDAPSearch::Open: failed to
connect to server DDI with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] CGPMTrustee::GetTrusteeLdapMsg:
Open for ldapSearch failed with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING]
CGPMTrustee:
istinguishUserAndMachType: GetTrusteeDSObject failed with0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [WARNING] CGPMTrustee::get_TrusteeType():
DistinguishUserAndMachType failed with 0x8007003a.
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] ResolveTrustee(): Resolving
account <S-1-5-21-842925246-1085031214-682003330-3663> Domain Controller
<(null)>.
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] ResolveTrustee(): Resolving
account <S-1-5-21-842925246-1085031214-682003330-3663> Domain Controller
<(null)>.
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] ResolveTrustee(): Account name
is <DDIDEV2$>
[13c.f14] 10/25/2008 16:00:36:111 [VERBOSE] CGPMTrustee::GetTrusteeLdapMsg:
Name is DDIDEV2$ baseDN
<SID=010500000000000515000000be043e322e43ac40828ba6284f0e0000>
I am not seeing any other issues with AD or LDAP with any internal or
external application. Does anyone know what can cause this and can it be
fixed?