From what I have found this deals with large numbers of ACL's applied or
inherited on this object.
Look at using the diagnostic tool ACLDiag.exe. The link to the tool usage
is below, the tool iteslf should be with the support tools on the
installation dvd.
http://technet.microsoft.com/en-us/l...88(WS.10).aspx
Run this tool against the offending user and see if there are an inordinate
amount of ALC's applied aginst this user.
--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"c_hr1s" <> wrote in message
news:3D0D374F-A0A8-4884-8CCA-...
>I have started receiving the following error since I upgraded my forest to
> 2008 R2 in preparation for a full domain upgrade. I receive this every
> half
> hour on a user object (which occurs twice) and on the DC the error occurs.
> All the googlign points to an Exchange 2003 SP1 issue but I have 2007 SP2
> installed so am baffled as to how to fix this. I have no other replication
> issues and this is only eventing on one DC.
>
> Internal error: The security descriptor propagation task encountered an
> error while processing the following object. The propagation of security
> descriptors may not be possible until the problem is corrected.
>
> Object:
> CN=user and DC,OU=,OU=,DC=domain,DC=co,DC=nz
>
> Additional Data
> Error value:
> -1026 JET_errRecordTooBig, Record larger than maximum size
> Internal ID:
> 20903d5
Similar Threads
Linear Mode
