CN length is greater than 64

-

our ad has few objects cn length of on 64 characters. since maximum length of cn defined 64, seems odd.    able find objects using following powershell script:

get-adobject -filter * -properties cn, objectcategory, objectclass |

where-object {$_.cn.length -gt 64 } |

fl name, cn, @{name='cn len';expression={($_.cn).length}}, objectclass, objectcategory

all of objects are cnf (conflict) objects.  here's example of 1 of objects

name           : srv-comp-factry-netoasis-change

                 cnf:aca8678f-25dc-47dd-b518-5aaaa9185e8a

cn             : srv-comp-factry-netoasis-change

                 cnf:aca8678f-25dc-47dd-b518-5aaaa9185e8a

cn len         : 72

objectclass    : group

objectcategory : cn=group,cn=schema,cn=configuration,dc=mycompany,dc=com

notice length 72.  can explain this?

i don't understand reply. cn defined schema single-valued unicode string minimum length of 1 , maximum length of 64.  in environment have 4 objects (all cnf objects) seem violating maximum length rule. i don't see relevance of article referred to. can me understand?

thanks

these conflict objects. if ask why created, have tell based on understanding these object created during failure in dc locator process. let's consider example:

an application wants write on active directory (creating group), tries find dc initiate writes, once found, tries write active directory using selected domain controller. reason operation fails , not completed, point active directory has received request , processing it, although applications encounters error , indicates write not successful. next try, application select domain controller time write done no error. have 1 real object , 1 cnf object indicates there collision during process. 

normally active directory capable of handling collisions since process can happen in half second, conflicted objects created. can safely remove these objects. have seen behavior in microsoft solutions sccm , vmware if dealing vdi , creating desktops.

mahdi tehrani   |     |   www.mahditehrani.ir
please click on propose answer or mark post , helpful other people.
posting provided as-is no warranties, , confers no rights.



Windows Server  >  Directory Services



Comments

Post a Comment

Popular posts from this blog

Group Policy Event ID 1058 Error Code 1326 (The user name or password is incorrect)

-
i seeing odd error on 1 of our domain controllers. have dealt event id 1058 errors whereby policy (or policies) not replicating, receiving error along error code 1326 on server, , apparently happening default domain policy: log name:      system source:        microsoft-windows-grouppolicy date:          8/10/2015 3:09:54 pm event id:      1058 task category: none level:         error keywords:      user:          s-1-5-21-1484152634-2550175353-3916092219-3287 computer:      <dc name>.<domainname> description: processing of group policy failed. windows attempted read file http://schemas.microsoft.com/win/2004/08/events/event ">   <system>     <provi...
Read more

Suspicious event log Event ID: 4905

-
hi thr, could please me understand causing such event logs generate ? as  i understand, vssvc.exe pertains volume shadow copy used backup purpose.  we have third party application used taking backup of servers. the event longs generated following messages: 1) attempt made unregister security event source. 2) attempt made register security event source. these events not regular generated on random days. standard fields: date:               2013/10/19 time:               02:32:19 importance:         critical rule name:          security event monitored machine:  <domain controller> log format:         windows log name:           security event id:           4905 in work hours:      yes dynamic fields: internal timestamp: 2013/10/19 ...
Read more

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more