Category:Troubleshooting
Last Updated:2009-08-05
These errors occur when an LDAP ADD attempts to set a duplicate value on an indexed (unique) attribute. The underlying error returned by LDAP is LDAP_ALREADY_EXISTS (68).
Search the log file for "Duplicate LDAP Index" to identify the record(s) that are throwing this error. Unfortunately, the error returned by LDAP does not identify the attribute for which a duplicate has occurred. Common attributes that throw this error are UID, userid, proxyaddresses, samaccountname, mail, alias etc. Any attribute that is required to be unique will throw this error if an LDAP Add attempts to set a duplicate value.
To identify exactly which attribute is throwing the error, use a custom map file to comment out suspect attributes one at a time. A mapping can be commented out by placing a # as the first character in the line. After commenting out a mapping, run the Sync. If the error disappears, you have identified the problem attribute. The duplicate attribute must be modified at the source.