LDIFDE config file???

Posted on 2009-12-29
Last Modified: 2012-05-08
How do I ensure that strict replication consistency is enabled for newly promoted domain controllers?

I have attempted to use the documentation available from Microsoft here:

I created a file as mentioned in the documentation, however I continue to receive an error every time I try to run the command: ldifde -i -f <Path>\<FileName>

The error is in the code snippet below. I have tried variations of removing whitespace and just succeed in getting different error messages.

Any help would be much appreciated.

FYI - In addition to the link above, I also used the following link to attempt to solve the issue myself prior to posting:

Connecting to "<PDC>"

Logging in as current user using SSPI

Importing directory from file "x:\strict_repl.txt"

Loading entries.

There is a syntax error in the input file

Failed on line 3.  The last token starts with 'd'.

0 entries modified successfully.

An error has occurred in the program

No log files were written.  In order to generate a log file, please

specify the log file path via the -j option.

Open in new window

Question by:tamco
    LVL 1

    Accepted Solution

    I think I just found a workaround.
    I used ADSI Edit and performed the following steps:
    1. Action -> Connect to:
    2. Connection Point -> for Select or type a Distinguished Name or Naming Context: type CN=Operations,CN=ForestUpdates,CN=Configuration,DC=DOMAIN,DC=COM
    3. Click OK
    4. Right-click the attached CN -> New -> Object...
    5. Choose container, click Next
    6. Type 94fdebc6-8eeb-4640-80de-ec52b9ca17fa, click Next
    7. Click More Attributes
    8. Click drop down next to Select a property to view and choose showInAdvancedViewOnly
    9. Next to Edit Attribute type TRUE
    10. Click Set, then click OK, then click Finish
    That's it.  Hopefully it works, I won't know for certain until I add another domain controller.
    I'm still interested in the proper way to use LDIFDE to accomplish this task.
    LVL 19

    Expert Comment

    I was about to say, at the end of the first article you posted, someone else has the same problem and suggests the exact ADSIedit work around you just mentioned!

    Was going to ask if you'd tried that yet... :) lol


    LVL 19

    Expert Comment

    Would be interesting to see the content of the log file though?

    "specify the log file path via the -j option."
    LVL 24

    Expert Comment

    LVL 1

    Author Comment

    I was the one to post that solution actually. :-)
    I have tried the -j option a few times, every time I receive the error "Unable to open log file."  It doesn't seem to matter what path I use for the log file or if the file already exists or not.
    The links listed show me how to turn it on on a case by case basis.  I already completed that, I want to enable this for the domain so any new DC's automatically have it enabled.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Are end users causing IT problems again?

    You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

    Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
    If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
    This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
    This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now