12.11. Finding Conflict Objects

Problem

You want to find conflict objects that are a result of replication collisions.

Solution

Using a graphical user interface

  1. Open LDP.

  2. From the menu, select Connection Connect.

  3. For Server, enter the name of a domain controller (or leave blank to do a serverless bind).

  4. For Port, enter 389 or 3268 for the global catalog.

  5. Click OK.

  6. From the menu, select Connection Bind.

  7. Enter credentials (if necessary) of a user that can view the object.

  8. Click OK.

  9. From the menu, select Browse Search.

  10. For BaseDN, type the base DN from where you want to start the search.

  11. For Scope, select the appropriate scope.

  12. For Filter, enter (|(cn=*\0ACNF:*)(ou=*\0ACNF:*)).

  13. Click Run.

Using a command-line interface

The following command finds all conflict objects within the whole forest:

> dsquery * forestroot -gc -attr distinguishedName -scope subtree -filter[RETURN]
"(|(cn=*\0ACNF:*)(ou=*\0ACNF:*))"

Using VBScript

' This code finds any conflict objects in a forest.
' If the search times out, you may need to change strBase to
' a specific OU or container
' ------ SCRIPT CONFIGURATION ------
strBase   = "<GC://" & "<ForrestRootDN>" & ">;" ' ------ END CONFIGURATION --------- strFilter = "(|(cn=*\0ACNF:*)(ou=*\0ACNF:*));" strAttrs = "distinguishedName;" strScope = "Subtree" set objConn = CreateObject("ADODB.Connection") objConn.Provider = "ADsDSOObject" objConn.Open Set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope) WScript.Echo objRS.RecordCount & " conflict objects found" ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial