Hi, We are setting up a new Windows 2K3 AD server and attempting to syncronise the users from our LDAP server version 8.1.0. Performing the full sync fails after about 30 seconds with a message in the error log: [14/Jul/2010:07:46:10 -0400] - add value "^V" to attribute type "ARecord" in entry "DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=domain,DC=com" failed: duplicate new value [14/Jul/2010:07:46:10 -0400] - add value "null or non-ASCII" to attribute type "dnsproperty" in entry "DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=domain,DC=com" failed: duplicate new value and none of the users or groups are sent to AD. I am guessing it may be how our LDAP server schema is setup as we use something like: dc=domain,dc=com |_ o=Internal |___o=a0000 |____ou=Desktops |_____uid=fred We have set the Windows subtree to be dc=domain,dc=com and the replication subtree to be dc=domain,dc=com with a DS subtree of o=Internal,dc=domain,dc=com. Our understanding was that within AD Users & Groups GUI we should have seen a similar schema created. Though for some reason the replication is traversing the whole of the internal AD tree. Should we create a new Organisational Unit within AD called, for arguments sake, clients and set the Windows subtree to be ou=clients,dc=domain,dc=com so that it forces it to that branch ? -- Thanks, Phil
