Windows Security Log Event ID 4928

Operating Systems	Windows 2008 R2 and 7 Windows 2012 R2 and 8.1 Windows 2016 and 10 Windows Server 2019
Category • Subcategory	Directory Service • Directory Service Replication
Type	Success
Corresponding events in Windows 2003 and before

Discussions on Event ID 4928

Ask a question about this event

4928: An Active Directory replica source naming context was established

On this page

Description of this event
Field level details
Examples
Discuss this event
Mini-seminars on this event

Directory Service replication ~~has little to no security relevance. I recommend disabling these 2 subcategories:~~

~~Directory Service Replication~~
~~Detailed Directory Service Replication~~

Since DCSync and DCShadow have come out I've changed my mind about the above statement. Check out this webinar AD Attack Deep Dive: Gaining Persistence using DCSync and DCShadow with Mimikatz

Free Security Log Resources by Randy

Supercharger Enterprise

Load Balancing for Windows Event Collection

Examples of 4928

An Active Directory replica source naming context was established.

Destination DRA: CN=NTDS Settings,CN=WIN-R9H529RIO4Y,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=acme-fr,DC=local
Source DRA: CN=NTDS Settings,CN=WIN-857ZZX6RQHL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=acme-fr,DC=local
Source Address: 0b63afed-1e41-43a3-8bc2-f33dc33942ea._msdcs.acme-fr.local
Naming Context: DC=acme-fr,DC=local
Options: 352
Status Code: 0

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection

Discussions on Event ID 4928

Ask a question about this event

Upcoming Webinars

Additional Resources

Encyclopedia

•	All Event IDs
•	Audit Policy

Go To Event ID:

Security Log
Quick Reference
Chart
Download now!

User name:
Password:
	/ Forgot?
	Register

February 2021 Patch Monday	"Patch Monday: 2 CVE's Exploited in the Wild " - sponsored by LOGbinder

Follow @randyfsmith

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2021 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.