-
Title
Adding AD LDS instance is failing -
Description
When attempting to add an AD LDS instance in ARS 6.9, the following message is displayed:
Registration failed due to duplicate AD LDS domain partition.
There are no other managed AD LDS instances so it is not possible to have duplicates. Restarting the ARS service did not fix the issue.
-
Cause
The root DN of the Active Directory domain is the same as the root DN of the AD LDS instance.
Both are dc=XXX,dc=YYYY,dc=ZZZZ
-
Resolution
This configuration is not supported.
It is not possible to add an AD LDS instance with the same DN as the AD instance because ARS detects objects origin by its DN.
The DN of a user in ARS should be able to find the name of the domain where the user resides. If you had both AD and AD LDS instances with the same base DN, you would have 2 objects with the same DN and ARS cannot resolve the ambiguity.
WORKAROUND:
- Use seperate ARS services for AD and AD LDS management
OR - Change the AD LDS instance to another name
- Use seperate ARS services for AD and AD LDS management