Article ID: 969307 - Last Review: April 9, 2010 - Revision: 3.0
An error occurs when you run the ADPREP/FORESTPREP command on a Windows Server 2003-based computer: "An attribute with the same link identifier already exists"
System TipThis article applies to a different operating system than the one you are using. Article content that may not be relevant to you is disabled.
When you run the ADPREP /FORESTPREP command to extend the forest schema on a Windows Server
2003-based computer, the command fails, and you
receive the following error message:
Connecting to "<host name of schema master>"
Logging in as current user using SSPI
Importing directory from file "C:\WINDOWS\system32\sch44.ldf"
Loading entries........
Add error on line 43: Unwilling To Perform
The server side error is "Schema update failed: An attribute with the same link
identifier already exists."
7 entries modified successfully.
An error has occurred in the program
ERROR: Import from file C:\WINDOWS\system32\sch44.ldf failed. Error file is saved in ldif.err.44.
In this case, if you open the ldif.err.44 error file,
you see an error that resembles the following message:
Entry DN: CN=ms-DS-BridgeHead-Servers-Used,CN=Schema,CN=Configuration,DC=<forest root domain>
Add error on line 43: Unwilling To Perform
The server side error is "Schema update failed: An attribute with the same link identifier already exists."
An error has occurred in the program
Note The error also occurs on other attributes. For example, the error
occurs when a schema change assigns a link ID 2046 to the camDBSignonRef object.
This error is caused when the ADPREP /FORESTPREP command tries to add a new object to the schema partition by
using a linkID that has already been assigned to an existing object in the
schema partition.
Important Do not change the linkIDs for existing objects in the schema
partition because the behavior can cause Active Directory replication to fail
with a schema mismatch.
To resolve this issue, follow these steps:
Identify the conflicting linkID that is being added. The
conflicting linkID value can be identified by reviewing the schema definition
file in the LDIF.ERR.<Number> file. In this
case, you will find CN=ms-DS-BridgeHead-Servers-Used,CN=Schema,CN=Configuration,DC=<DC name>,DC=com in SCH44.LDF is being assigned a linkID of 2160.
Identify the object in the target schema partition that
currently owns the conflicting linkID. You can search the schema on the target
schema master to see what existing object was assigned the linkID that
conflicts with the object in the Sch<xx>.ldf file. To do this, use the
REPADMIN, LDIFDE, LDP.EXE or an equivalent tool. Here are some samples for the
tools:
For REPADMIN search
repadmin /showattr fsmo_schema: ncobj:schema: /filter:"(&(objectclass=*)(linkid=<link ID value>))" /subtree
For LDIFDE search:
LDIFDE -f <filename> -d "CN=Schema,CN=Configuration,DC=<forest root domain>" -r (linkID=<link ID value>)
For LDP search:
BaseDN: CN=Schema,CN=Configuration,DC=<DC>,DC=com
Scope : Subtree
Filter: (&(objectclass=*)(linkid=<link ID value>)
Copy the contents of the ADPREP folder from the Windows
Server 2008 source DVD to the hard disk of the computer from which you want to
perform the schema update.
Assign new linkIDs to forward link objects in the
Sch<xx>.ldf files that conflict with linkIDs of existing objects in the
schema partition. If the schema operations master (also known as flexible
single master operations or FSMO) roles host on Windows Server 2003 and the
domain controller functional level is DS_BEHAVIOR_WIN2003 or a higher level,
assign the well-known object identifier (also known as OID)
"1.2.840.113556.1.2.50" to the linkID field for all forward link attributes in
the SCH<xx>.LDF whose linkIDs conflict with existing objects in the
target forest. The "1.2.840.113556.1.2.50" object identifier will assign unique
auto-generated linkIDs in the target schema.
In this case, the linkID
2160 that was previously assigned to CN=ms-PKI-DPAPIMasterKey conflicts with
the linkID 2160 that is defined in Sch44.ldf for
CN=ms-DS-BridgeHead-Servers-Used. To resolve this issue, follow these steps:
Open the Sch44.ldf file. Then, you see the following
text for CN=ms-DS-BridgeHead-Servers-Used,CN=Schema,CN=Configuration,DC=<DC>:
dn: CN=ms-DS-BridgeHead-Servers-Used,CN=Schema,CN=Configuration,DC=X
changetype: ntdsSchemaAdd
adminDescription: List of bridge head servers used by KCC in the previous run.
adminDisplayName: ms-DS-BridgeHead-Servers-Used
attributeID: 1.2.840.113556.1.4.2049
attributeSyntax: 2.5.5.7
cn: ms-DS-BridgeHead-Servers-Used
instanceType: 4
isSingleValued: FALSE
lDAPDisplayName: msDS-BridgeHeadServersUsed
linkID: 2160
objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
objectClass: attributeSchema
oMObjectClass:: KoZIhvcUAQEBCw==
oMSyntax: 127
schemaFlagsEx: 1
schemaIDGUID:: ZRTtPHF7QSWHgB4epiQ6gg==
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemFlags: 25
Change the linkID field from "2160" to
"1.2.840.113556.1.2.50" to trigger auto-generation of unique linkIDs on Windows
Server schema operations masters.
After that, you see the following text in the Sch44.ldf
file for CN=ms-DS-BridgeHead-Servers-Used,CN=Schema,CN=Configuration,DC=<DC>:
dn: CN=ms-DS-BridgeHead-Servers-Used,CN=Schema,CN=Configuration,DC=X
changetype: ntdsSchemaAdd
adminDescription: List of bridge head servers used by KCC in the previous run.
adminDisplayName: ms-DS-BridgeHead-Servers-Used
attributeID: 1.2.840.113556.1.4.2049
attributeSyntax: 2.5.5.7
cn: ms-DS-BridgeHead-Servers-Used
instanceType: 4
isSingleValued: FALSE
lDAPDisplayName: msDS-BridgeHeadServersUsed
linkID: 1.2.840.113556.1.2.50
objectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,DC=X
objectClass: attributeSchema
oMObjectClass:: KoZIhvcUAQEBCw==
oMSyntax: 127
schemaFlagsEx: 1
schemaIDGUID:: ZRTtPHF7QSWHgB4epiQ6gg==
searchFlags: 0
showInAdvancedViewOnly: TRUE
systemFlags: 25
Update linkIDs for the back-link attributes when linkIDs
for forward link attributes are modified. Some objects in Active Directory have
back-link attributes, and other objects do not have back-link attributes, such
as the CN=ms-DS-BridgeHead-Servers-Used object that is used in this example.
You have to determine whether the object that is modified has a back-link
attribute with another object. If the object has a back-link object, modify the
back-link object too.
Note If the linkID definition of the back-link object uses a
hard-coded (numeric) ID, the definition should be modified to allow for the
object identifier of the back-link object to be generated automatically. In
this scenario, a back link for this forward link is created by setting the
linkID for the back-link object to the ldapDisplayName of the forward-link
object. The schema cache must be reloaded after the administrator creates the
forward link and before the administrator creates the back link.
Save and close the schema files that were
updated.
Rerun the Adprep/forestprep command from the folder where you made the schema file
amendments.
Note You can apply the steps in this resolution for the intended
schema update by using a /forestprep operation or for a third-party schema update.
If the domain controller functional level is
DS_BEHAVIOR_WIN2003 or a higher level on Windows Server 2003 or a later
version, it is no longer necessary to request a linkID value from Microsoft. A
process exists to automatically generate a linkID value. The system
automatically generates a linkID for a new linked attribute when the
attribute’s linkID attribute is set to 1.2.840.113556.1.2.50.
For more
information about how to obtain a linkID, visit the following Web site:
Windows Live
Facebook
Twitter
Linkedin
Digg it
Yahoo
Delicious
StumbleUpon
Yammer
Reddit
Technorati
FriendFeed
Email
Back to the top
