Accounts cache refresh fails for a managed Windows 2003 domain. (NETIQKB45780)

  • 7745780
  • 02-Feb-2007
  • 19-Jun-2007


Directory and Resource Administrator 7.5

Accounts cache refresh fails for a managed Windows 2003 domain.

A domain is shown with a red question mark in the user interface.

Changes made in native tools are not reflected in DRA.

All agents show up as installed in the GUI, even if they are not.

The following type of event shows up in the logs:

Event Type: Error
Event Source: MCSAdminSvc
Event Category: AcctProvDomain
Event ID: 14081
Date: xx/xx/xxxx
Time: xx:xx:xx AM/PM

User: N/A
Computer: DRAserver\

Domain CNF:{GUID}(Domain_name) (Trusted,AD) (Scheduled accounts cache refresh) began at date time and ended at date time,  contents unsuccessfully loaded, hr=c004370b=(Because of the number of changes in the Active Directory, DRA will perform a full accounts cache refresh instead of the scheduled incremental accounts cache refresh.  After the full refresh, DRA will continue performing scheduled incremental cache refreshes for this domain) The Administration server did not successfully update the accounts cache. The cache may not contain all recent changes.

You have multiple groups with cross-domain memberships in your environment, and DRA is not able to refresh data properly.


To resolve the issue:

  1. Change the HKEY_LOCAL_MACHINE\SOFTWARE\Mission Critical Software\OnePoint\Administration\Modules\Accounts\Domains.Dns UseGcForSidLookup registry value to 1 on all DRA servers.
  2. Restart the NetIQ Administration Service on all DRA servers.
  3. Perform a manual Incremental Cache Refresh:
    a. In the left pane, expand Configuration Management.
    b. Click Managed Domains.
    c. In the right pane, select the domain for which you want to refresh the accounts cache.
    d. On the Tasks menu, click Refresh Accounts Cache> Incremental Refresh.

Additional Information

Formerly known as NETIQKB45780