recommended max objects is one OU?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

We recently created a new ou in our single w2k ads domain. The ou contains
roughly 30,000 objects. Anytime we make a change to an object on that OU or
delegate permissions or what not, we have to reboot all 5 of our domain
controllers due to the type of errors pasted below. I think the problem is
due to the large number of objects. Can anyone point me to or tell me what
the max number of objects is, not in theory, but in practical use? The
errors point to disk space, but that is not the problem. I am sure it must
be wanting to use more resources than are available, though.
Thanks
Event Type: Error
Event Source: NTDS ISAM
Event Category: General
Event ID: 427
Date: 11/19/2004
Time: 3:55:33 PM
User: N/A
Computer: DC2
Description:
NTDS (300) The database engine could not access the file called
C:\WINNT\NTDS\edb.log.

Event Type: Error
Event Source: NTDS ISAM
Event Category: Logging/Recovery
Event ID: 418
Date: 11/19/2004
Time: 3:55:33 PM
User: N/A
Computer: DC2
Description:
NTDS (300) Error -1032 occurred while opening a newly created log file.

Event Type: Error
Event Source: NTDS SDPROP
Event Category: (9)
Event ID: 1168
Date: 11/19/2004
Time: 3:55:43 PM
User: N/A
Computer: DC2
Description:
Error -510(fffffe02) has occurred (Internal ID d0007e8). Please contact
Microsoft Product Support Services for assistance.

Event Type: Error
Event Source: NTDS SDPROP
Event Category: (9)
Event ID: 1262
Date: 11/19/2004
Time: 3:55:43 PM
User: Everyone
Computer: DC2
Description:
The Security Descriptor Propagator has been abnormally terminated with error
code fffffe02 while processing object OU=Former Student Accounts,OU=User
Accounts,DC=usa,DC=miracosta,DC=cc,DC=ca,DC=us. Please fix this object. The
Security Descriptor Propagator will suspend processing for 1 hour or until a
Security Descriptor has changed.

Event Type: Error
Event Source: NTDS General
Event Category: (12)
Event ID: 1393
Date: 11/19/2004
Time: 3:55:54 PM
User: NT AUTHORITY\SYSTEM
Computer: DC2
Description:
Attempts to update the Directory Service database are failing with error
112. Since Windows will be unable to log on users while this condition
persists, the NetLogon service is being paused. Check to make sure that
adequate free disk space is available on the drives where the directory
database and log files reside.

Event Type: Error
Event Source: NTDS Replication
Event Category: (5)
Event ID: 1084
Date: 11/19/2004
Time: 3:57:17 PM
User: Everyone
Computer: DC2
Description:
Replication error: The directory replication agent (DRA) couldn't update
object CN=W7033906,OU=Student User Accounts,OU=User
Accounts,DC=usa,DC=miracosta,DC=cc,DC=ca,DC=us (GUID
3bda4008-b7f7-43a6-8dc8-240dc40f09db) on this system with changes which have
been received from source server
5d5a8a0c-5174-4301-8973-1d34da482a42._msdcs.usa.miracosta.cc.ca.us. An error
occurred during the application of the changes to the directory database on
this system.

The error message is:
The replication operation encountered a database error.

The directory will try to update the object later on the next replication
cycle. Synchronization of this server with the source is effectively blocked
until the update problem is corrected.
If this condition appears to be related to a resource shortage, please stop
and restart this Windows Domain Controller.
If this condition is an internal error, a database error, or an object
relationship or constraint error, manual intervention will be required to
correct the database and allow the update to proceed. It is valuable to note
that the problem is caused by the fact that the change on the remote system
cannot be applied locally. Manually updating the objects on the local system
in not recommended. Instead, on the source system (which has the changes
already), try to reverse or back out the change. Then, on the next
replication cycle, observe whether the change can now be applied locally.
 
Back
Top