Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
XADM: Active Directory Connector Does Not Match to SID History After a User Has Been Cloned
Article ID: 253887 - View products that this article applies to.
This article was previously published under Q253887
When you clone the user object associated with a Microsoft Exchange Server 5.5 mailbox into a domain, the user object is not upgraded. A duplicate object is created in Active Directory instead of matching the user object to the associated Microsoft Windows NT account.
This may happen when you set up a mirrored domain with Microsoft Windows 2000 and then clone a user to copy the old Windows NT 4.0 accounts into your new Windows 2000 forest.
In Exchange Server 5.5, mailboxes are linked to their Windows NT accounts by means of the Security Identifier (SID). When reading the sidHistory from a global catalogue, the ADC doesn't convert it to hexadecimal format so that it can be compared with the associated Windows NT account.
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/260910/EN-US/ )How to Obtain the Latest Windows 2000 Service Pack
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 1.Microsoft has confirmed that this is a problem in Microsoft Exchange Server version 5.5.
Article ID: 253887 - Last Review: October 27, 2006 - Revision: 3.2