Skip to content

Mohammed Wasay

  • Home
  • Posts
    • Azure
      • Azure Active Directory
    • Office365 | M365
    • Programming
      • PowerShell
      • Python
    • Platform
      • Windows
        • Active Directory
        • SCCM
      • Mac
      • Linux
    • VMware
    • Storage
  • Resources
  • Client
    • Make a payment
  • Résumé
  • Contact
  • About
  • Get NordVPN

How to Fix: Attribute userAccountControl of DC is: 0x82020

July 2, 2019 by mo wasay

When running a DCDiag at a customer site today I had the following error occur:

Warning: Attribute userAccountControl of is: 0x82020 = ( PASSWD_NOTREQD | SERVER_TRUST_ACCOUNT | TRUSTED_FOR_DELEGATION ) Typical setting for a DC is 0x82000 = ( SERVER_TRUST_ACCOUNT | TRUSTED_FOR_DELEGATION ) This may be affecting replication?

It is a bug when we pre-create a computer account in ADUC and then promote it as DC, the UserAccountControl is set to 532512 instead of the default 532480. You need to manually set the vaulue to 532480 in ADSIEDIT.MSC.

Fix:

  • Open ADSIEDIT.MSC
  • Goto Default Naming Context
  • Goto OU=Domain Controllers,DC=yourdomain,DC=com
  • Right click on “Name of the Problem Domain Controller”
  • Change the value for attribute for userAccountControl from 532512 to 532480 (Change it to represent 0x82000.)

UserAccountControl values for the certain objects:
Typical user : 0x200 (512)
Domain controller : 0x82000 (532480)
Workstation/server: 0x1000 (4096)

Categories Windows Tags 0x82000, 0x82020, affecting, Attribute, be, DC, dcdiag, Error, for, PASSWD_NOTREQD, replication, SERVER_TRUST_ACCOUNT, This may, TRUSTED_FOR_DELEGATION, Typical setting, userAccountControl, warning
Post navigation
Get All DCs in the Entire Forest
Fix Active Directory broken security inheritance problem

Categories

  • Azure
    • Azure Active Directory
  • Information Technology
  • Office365 | M365
    • SharePoint
  • Platform
    • Linux
    • Mac
    • Windows
      • Active Directory
      • SCCM
  • Programming
    • PowerShell
  • VMware

Archives

  • June 2021
  • April 2020
  • February 2020
  • August 2019
  • July 2019
  • March 2019
  • December 2018
  • October 2018
  • September 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • December 2017
  • November 2017
  • September 2017
  • August 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • January 2016
  • November 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • January 2013
  • June 2012
  • April 2012
  • March 2012
  • February 2012
  • April 2011

Tags

365 2008 2012 2016 access active AD Address bulk centos controller directory DNS domain Error Exchange file for group in ip Linux list mailbox microsoft multiple network office office365 On online password powershell r2 remove security server service site system to user users vmware windows

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
View Mo Wasay, MSCS, MCITP, MCSE, VCP, ISM, CIS's profile on LinkedIn
© 2021 Mohammed Wasay • Built with GeneratePress