Windows Security Log Event ID 4928

Operating Systems Windows 2008 R2 and 7
Windows 2012 R2 and 8.1
Windows 2016 and 10
Category
 • Subcategory
Directory Service
 • Directory Service Replication
Type Success
Corresponding events
in Windows 2003
and before
 
Discussions on Event ID 4928
Ask a question about this event

4928: An Active Directory replica source naming context was established

On this page

Directory Service replication has little to no security relevance.  I recommend disabling these 2 subcategories: 

  • Directory Service Replication
  • Detailed Directory Service Replication

Free Security Log Resources by Randy

Supercharger Enterprise


 

Examples of 4928

An Active Directory replica source naming context was established.

Destination DRA: CN=NTDS Settings,CN=WIN-R9H529RIO4Y,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=acme-fr,DC=local
Source DRA: CN=NTDS Settings,CN=WIN-857ZZX6RQHL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=acme-fr,DC=local
Source Address: 0b63afed-1e41-43a3-8bc2-f33dc33942ea._msdcs.acme-fr.local
Naming Context: DC=acme-fr,DC=local
Options:  352
Status Code: 0

Keep me up-to-date on the Windows Security Log.
Email*:
*We will NOT share this

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection



 

Additional Resources