Windows Server 2012R2 Actiry Directory problem
Sinds today we can not edit a few soecific user objects in 2 specific OU's within our AD.
We get the error "the requested object has a non-unique identifier and cannot be retrieved" when editing for example group membership of that user, but also when logging the user in to the Remote Desktop server.
We already did a check with ntdsutil, no result, no conflicting duplicate SID's found (log is 0 bytes).
Problem started after creating a new user object.
We are still able to add new other objects and changing other existing objects except the few mentioned above.
What to do?
ALready read about changing the thombstone value to 2 days so automatic cleanup of deleted objects will be done after 2 days, But will this solve the problem? And besides that, ofcourse the affected users should be able to login today or at least tomorrow so waiting 2 days with maybe still a negative result is not a real option.