Saturday, February 26, 2011
Replication access was denied - error code 8453
This is the error you will get when you are trying to import / Crawl / running user profile synchronization service in SharePoint 2010.
Application Event Log:
Log Name: Application
Date: 2/25/2011 7:54:03 AM
Event ID: 6050
Task Category: Management Agent Run Profile
The management agent "MOSSAD-DLR-AD" failed on run profile "DS_DELTAIMPORT" because of connectivity issues.
Discovery Errors : "0"
Synchronization Errors : "0"
Metaverse Retry Errors : "0"
Export Errors : "0"
Warnings : "0"
The error message coming only because of the issue "The Service account with which we are trying to connect to the Active Directory and try to pull information do not have security right Replication Directory Changes at domain level". This action is not needed on the accounts who are network/domain administrators as they have full access already.
To configure that please follow steps below:
- Login to the Active Directory Server or the User and Computers snap-in on your server if you have access to AD.
- From the View menu, select "Advanced Features".
- Now, from the list of folders you are seeing from the left side, select your domain and then right click and select Properties.
- Switch to Security tab, add the account which we are using to connect to AD to the list and from security rights select "Replication Directory Changes".
- Save changes.
That's it. Now, try to start the synchronization service and see the users imported to SharePoint environment. Let me know if you have any issues.