During an Active Directory Domain Services replication request, the local domain controller (DC) identified an untrusted ...

During an Active Directory Domain Services replication request, the local domain controller (DC) identified
an untrusted client which has received replication data from the local DC using already-acknowledged USN
tracking numbers. Read-only DCs and DirSync clients are examples of untrusted clients.



Because the client believes it is has a more up-to-date Active Directory Domain Services database than the
local DC, the client will not apply future changes to its copy of the Active Directory Domain Services
database or replicate them to its direct and transitive replication partners that originate from this
local DC.



If not resolved immediately, this scenario will result in inconsistencies in the Active Directory Domain Services databases
of this source DC and one or more direct and transitive replication partners. Specifically the
consistency of users, computers and trust relationships, their passwords, security groups,
security group memberships and other Active Directory Domain Services configuration data may vary, affecting the ability to log on,
find objects of interest and perform other critical operations.



To determine if this misconfiguration exists, query this event ID using http://support.microsoft.com
or contact your Microsoft product support.



The most probable cause of this situation is the improper restore of Active Directory Domain Services on the
local domain controller or the remote Read-Only domain controller.



User Actions:

If this situation occurred because of an improper or unintended restore, forcibly demote the affected DC.



Untrusted client:
%1

Partition:
%2

USN reported by non-DC client:
%3

USN reported by Local DC:
%4