DirSync clients cannot do an incremental synchronize to a Windows Server 2008 R2 LDAP Server

Applies to: Windows Server 2008 R2 Standard


On a DirSync client, when you try to perform an incremental synchronize together with an existing cookie, the Lightweight Directory Access Protocol (LDAP) Server returns the following errors messages and events.

From the Directory Services Event Log:

LDAP client log:


This issue occurs because the filter that you are using for your DirSync request includes a linked value to be evaluated, and the replication update lands on a link value update. This exposes a known code defect in Windows Server 2008 R2, which was fixed in later versions of Windows.


When you encounter this issue, perform a Full Sync.

To fix this issue, upgrade the domain controllers to Windows Server 2012 R2 or a later version of Windows Server.