Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » "Schema update failed: Duplicate RDN"
"Schema update failed: Duplicate RDN" [message #325295] Mon, 23 November 2009 06:37 Go to next message
hume.spamfilter  is currently offline hume.spamfilter  United States
Messages: 25
Registered: November 2009
Junior Member
Can anyone point me at ANYTHING that can help me resolve this error? All
I can find online is endless copies of error code to error string tables.
The complete text from ldifde -i is:

-------------------------
dn: CN=dalPerson,CN=Schema,CN=Configuration,DC=Dal,DC=Ca
Attribute 0) objectClass:classSchema
Attribute 1) cn:dalPerson
Attribute 2) lDAPDisplayName:dalPerson
Attribute 3) adminDisplayName:dalPerson
Attribute 4) adminDescription:Consists of a set of data elements or attributes about individuals at Dalhousie
Attribute 5) governsID:1.3.6.1.4.1.13095.2.2.1
Attribute 6) objectClassCategory:3
Attribute 7) rdnAttId:dalUUID
Attribute 8) mayContain:dalBannerID dalChangePasswordCode dalLastSeen dalPasswordExpiresOn dalExpiresOn dalPublish dalBarCode dalOldUserPassword dalPersonExpiredAffiliation dalPersonInternationalNumber dalPersonEmergencySMSNumber dalPersonEmployeeTypeClass
Attribute 9) mustContain:dalUUID
Attribute 10) defaultObjectCategory:CN=dalPerson,cn=Schema,cn=Configuratio n,dc=DAL,dc=CA
Attribute 11) systemOnly:FALSE

Add error on entry starting on line 1: Unwilling To Perform
The server side error is: 0x20ba Schema update failed: duplicate RDN.
The extended server error is:
000020BA: SvcErr: DSID-03260339, problem 5003 (WILL_NOT_PERFORM), data 8378

An error has occurred in the program
-------------------------

I've made sure there isn't any other "cn=dalperson" objects in cn=schema.
What could it possibly be colliding with?

I'm very close to destroying the entire tree and rebuilding from scratch.
Which, obviously, is not going to fly in a production environment.

--
Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
Re: "Schema update failed: Duplicate RDN" [message #325318 is a reply to message #325295] Mon, 23 November 2009 07:15 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello hume.spamfilter@bofh.ca,

Which Windows version are you trying to prepare for the new schema and what
additional software is installed?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Can anyone point me at ANYTHING that can help me resolve this error?
> All I can find online is endless copies of error code to error string
> tables. The complete text from ldifde -i is:
>
> -------------------------
>
> dn: CN=dalPerson,CN=Schema,CN=Configuration,DC=Dal,DC=Ca
>
> Attribute 0) objectClass:classSchema
>
> Attribute 1) cn:dalPerson
>
> Attribute 2) lDAPDisplayName:dalPerson
>
> Attribute 3) adminDisplayName:dalPerson
>
> Attribute 4) adminDescription:Consists of a set of data elements or
> attributes about individuals at Dalhousie
>
> Attribute 5) governsID:1.3.6.1.4.1.13095.2.2.1
>
> Attribute 6) objectClassCategory:3
>
> Attribute 7) rdnAttId:dalUUID
>
> Attribute 8) mayContain:dalBannerID dalChangePasswordCode dalLastSeen
> dalPasswordExpiresOn dalExpiresOn dalPublish dalBarCode
> dalOldUserPassword dalPersonExpiredAffiliation
> dalPersonInternationalNumber dalPersonEmergencySMSNumber
> dalPersonEmployeeTypeClass
>
> Attribute 9) mustContain:dalUUID
>
> Attribute 10)
> defaultObjectCategory:CN=dalPerson,cn=Schema,cn=Configuratio n,dc=DAL,d
> c=CA
>
> Attribute 11) systemOnly:FALSE
>
> Add error on entry starting on line 1: Unwilling To Perform
> The server side error is: 0x20ba Schema update failed: duplicate RDN.
> The extended server error is:
> 000020BA: SvcErr: DSID-03260339, problem 5003 (WILL_NOT_PERFORM), data
> 8378
> An error has occurred in the program
> -------------------------
> I've made sure there isn't any other "cn=dalperson" objects in
> cn=schema. What could it possibly be colliding with?
>
> I'm very close to destroying the entire tree and rebuilding from
> scratch. Which, obviously, is not going to fly in a production
> environment.
>
Re: "Schema update failed: Duplicate RDN" [message #325341 is a reply to message #325318] Mon, 23 November 2009 07:42 Go to previous messageGo to next message
hume.spamfilter  is currently offline hume.spamfilter
Messages: 25
Registered: November 2009
Junior Member
Meinolf Weber [MVP-DS] <meiweb@(nospam)gmx.de> wrote:
> Which Windows version are you trying to prepare for the new schema and what
> additional software is installed?

This is Active Directory running in 2003 mode on a Windows 2008R2 server
(running inside a virtual machine). The only additional software installed
on the entire machine is the Virtual Box guest additions.

--
Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
Re: "Schema update failed: Duplicate RDN" [message #325343 is a reply to message #325341] Mon, 23 November 2009 07:45 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello hume.spamfilter@bofh.ca,

To understand you correct, one 2003 domain controller in it's own domain
and nothing else installed in the domain on other servers?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Meinolf Weber [MVP-DS] <meiweb@(nospam)gmx.de> wrote:
>
>> Which Windows version are you trying to prepare for the new schema
>> and what additional software is installed?
>>
> This is Active Directory running in 2003 mode on a Windows 2008R2
> server (running inside a virtual machine). The only additional
> software installed on the entire machine is the Virtual Box guest
> additions.
>
Re: "Schema update failed: Duplicate RDN" [message #325377 is a reply to message #325343] Mon, 23 November 2009 08:15 Go to previous messageGo to next message
hume.spamfilter  is currently offline hume.spamfilter
Messages: 25
Registered: November 2009
Junior Member
Meinolf Weber [MVP-DS] <meiweb@(nospam)gmx.de> wrote:
> To understand you correct, one 2003 domain controller in it's own domain
> and nothing else installed in the domain on other servers?

That's correct. It's also the only machine on the virtual network. It has
connectivity to the host machine via IP, where I do LDAP queries and updates
from, but nothing else. No DNS, no DHCP (statically configured IP).

Very, very simple setup.

--
Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
Re: "Schema update failed: Duplicate RDN" [message #326255 is a reply to message #325377] Tue, 24 November 2009 06:41 Go to previous messageGo to next message
hume.spamfilter  is currently offline hume.spamfilter
Messages: 25
Registered: November 2009
Junior Member
This is getting frustrating. I'm guessing I'm going to have to nuke the
entire AD and rebuild from scratch?

This really isn't going to fly in production.

--
Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
Re: "Schema update failed: Duplicate RDN" [message #326256 is a reply to message #326255] Tue, 24 November 2009 06:47 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello hume.spamfilter@bofh.ca,

Never seen on a fresh installed DC that there are errors like this. Normally
this occurs if some changes from other apps are done on the schema.

Which adprep version do you use, what OS version disk, RTM or RC/BETA?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> This is getting frustrating. I'm guessing I'm going to have to nuke
> the entire AD and rebuild from scratch?
>
> This really isn't going to fly in production.
>
Re: "Schema update failed: Duplicate RDN" [message #326275 is a reply to message #326256] Tue, 24 November 2009 07:05 Go to previous messageGo to next message
hume.spamfilter  is currently offline hume.spamfilter  United States
Messages: 25
Registered: November 2009
Junior Member
Meinolf Weber [MVP-DS] <meiweb@(nospam)gmx.de> wrote:
> Which adprep version do you use, what OS version disk, RTM or RC/BETA?

I have no idea. Literally, the entire process was this:

1) Install Windows Server 2008R2 (I'm ASSUMING RTM...)
2) Start -> Cmd -> dcpromo. Select "2003" operating mode.
3) Import schema attributes
4) regsvr schmmgmt.dll
5) Use mmc to create "dalPerson" object.
6) mmc used 'cn' as the rdnAttrId. I didn't like that.
7) Mark 'dalPerson' defunct.
8) Create dalPerson using LDIF file
9) Try to import dalperson.ldif using ldifde.
10) Fail.
11) Try renaming defunct dalPerson schema as "cn=dalPerson old"
12) Try to import dalperson.ldif.
13) Fail.
14) Try to import dalperson.ldif with the NEW object renamed
"cn=dalPerson new".
15) Try to import dalperson.ldif
16) Fail.

I think I might reformat and reinstall. It's an option in this case.
But I'm very concerned about the future, when this kind of setup is in
production. AD seems determined to paint me into corners and provide me
very little in the way of error explanations or repair ability.

Is there ANY way to convince AD on 2008 to let me delete schema objects?
Nothing uses these schemas at all. This is a development machine. I've
seen workarounds for 2000 and 2003, but they don't seem to be working with
2008. ("Schema Update Allowed" -> 1, etc)

--
Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
Re: "Schema update failed: Duplicate RDN" [message #326287 is a reply to message #326275] Tue, 24 November 2009 07:15 Go to previous messageGo to next message
hume.spamfilter  is currently offline hume.spamfilter
Messages: 25
Registered: November 2009
Junior Member
I've deleted the domain controller. I'll try rebuilding from scratch, and
see if the problem returns.

--
Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
Re: "Schema update failed: Duplicate RDN" [message #326288 is a reply to message #326275] Tue, 24 November 2009 07:16 Go to previous message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello hume.spamfilter@bofh.ca,

Sorry my mistake, i thought you were talking about the schema update with
adrpep command. I was totally wrong, now i realized you mean ldifde.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Meinolf Weber [MVP-DS] <meiweb@(nospam)gmx.de> wrote:
>
>> Which adprep version do you use, what OS version disk, RTM or
>> RC/BETA?
>>
> I have no idea. Literally, the entire process was this:
>
> 1) Install Windows Server 2008R2 (I'm ASSUMING RTM...)
> 2) Start -> Cmd -> dcpromo. Select "2003" operating mode.
> 3) Import schema attributes
> 4) regsvr schmmgmt.dll
> 5) Use mmc to create "dalPerson" object.
> 6) mmc used 'cn' as the rdnAttrId. I didn't like that.
> 7) Mark 'dalPerson' defunct.
> 8) Create dalPerson using LDIF file
> 9) Try to import dalperson.ldif using ldifde.
> 10) Fail.
> 11) Try renaming defunct dalPerson schema as "cn=dalPerson old"
> 12) Try to import dalperson.ldif.
> 13) Fail.
> 14) Try to import dalperson.ldif with the NEW object renamed
> "cn=dalPerson new".
> 15) Try to import dalperson.ldif
> 16) Fail.
> I think I might reformat and reinstall. It's an option in this case.
> But I'm very concerned about the future, when this kind of setup is in
> production. AD seems determined to paint me into corners and provide
> me very little in the way of error explanations or repair ability.
>
> Is there ANY way to convince AD on 2008 to let me delete schema
> objects? Nothing uses these schemas at all. This is a development
> machine. I've seen workarounds for 2000 and 2003, but they don't seem
> to be working with 2008. ("Schema Update Allowed" -> 1, etc)
>
Previous Topic:Trust Relationship error
Next Topic:after to try add DC win 2008 into AD server 2003, dns problems
Goto Forum:
  


Current Time: Tue Jan 23 16:42:00 MST 2018

Total time taken to generate the page: 0.07370 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software