When you use the Microsoft Exchange Server 2003 Deployment Tools component or the ADC Tools component in Active Directory Connector to prepare for an Exchange Server 2003 installation, you may receive an error message that is similar to the following:
Error: Multiple Active Directory objects found for %1, Distinguished Name (DN) of the Active Directory object: %2.
In the message, %1 is the distinguished name of a Microsoft Exchange Server 5.5 object. This is typically a mailbox, but it may also be a custom recipient or a distribution list. In the message, %2 is the distinguished name of an Active Directory object. This is typically a user account, but it may also be a contact or a distribution group.
This issue may occur if both of the following conditions are true:
You have two or more Connection Agreements that write to multiple domain controllers, and these domain controllers are not synchronized.
Both (or all) of these Connection Agreements use the same Exchange 5.5 container as their source for the replicated information.
The error message described in the "Symptoms" section of this article is generated when the Deployment Tools or ADC Tools search for inconsistencies from previous Active Directory Connector (ADC) replication. The utilities report objects in the %2 field of the error message by applying a Lightweight Directory Access Protocol (LDAP) filter against the Exchange Server 5.5 directory and Active Directory. These LDAP filters search for the following:
Multiple Active Directory objects that have the same Ex5:legacy 55 DN
msexchADCGlobalNames of the source Exchange 5.5 object that have more than one NT5:GUID, where each GUID corresponds to an object in Active Directory
Multiple Active Directory objects that have the same legacyExchangeDN=55 DN
Note the asterisk (*) character after the distinguished name.
Click Find Now.
View the list of returned objects that are linked with the Exchange 5.5 object. The list of found items displays all items as enabled whether they are enabled or disabled objects. To determine if an object is disabled, right-click it, and then click Properties.
Determine the item that you want to have matched with the Exchange 5.5 object. Consider this the master object, and consider all others mis-stamped objects.
Stop all ADC services that run Connection Agreements with containers where multiple Active Directory objects have the same Ex5:legacy 5.5 DN. If you do not know which ADC service to stop, temporarily stop all ADC services in the organization.
Delete or mail-disable all mis-stamped objects that are linked to the Exchange 5.5 object. This maintains a one-to-one relationship between the master Active Directory object that you noted in step 9 and the Exchange 5.5 object.
Note If you do not require users to log on to the mis-stamped object, delete it. Otherwise mail-disable the mis-stamped object. To do this, right-click the object, click Exchange Tasks, and then follow the steps of the Exchange Task Wizard to remove Exchange attributes.
Permit the ADC to re-create the global name links for correct object-matching. To do so:
Remove the Exchange attributes from the master object by using the Exchange Task Wizard in the Active Directory Users and Computers utility.
Start the Exchange 5.5 Administrator program in raw mode. To do this, type admin /raw from the Exchsrvr\bin folder at a command prompt.
Locate, and then click the object in the Microsoft Exchange Administrator utility. On the File menu, click Raw Properties.
In the Object attributes list, click ADC-Global-Names, and then click Remove. Repeatedly click Remove until the Attribute values list is empty.
Click Apply, and then click OK.
With the object still selected, click Properties on the File menu.
Make sure that the Primary Windows NT Account entry corresponds to the Active Directory object that you considered the master object in step 9.
Click OK, and then quit the Exchange Administrator utility.
Restart one of the ADC services that you stopped. The two-way Connection Agreement stamps Globalnames with single NT5 and Ex5 values on both the master Active Directory object and the Exchange Server 5.5 object, respectively.
Allow sufficient time for the domain controllers to replicate the changes before you use the Deployment Tools or ADC Tools step where you received the error described in the Symptoms section of this article.
Re-run the tool, and verify that no more entries containing the Exchange 5.5 (%1) object are listed.