After performing a new installation of AR you may encounter difficulties starting the AR service if your AD schema holds attributes with duplicated names. The following warning will be logged in the AR events:
Warning
Non-critical error occurred upon starting Active Roles Administration Service.
Details: Administration service failed to save schema objects in Administration Database.
Violation of UNIQUE KEY constraint ‘UQ_tblSchema_distinguishedName’. Cannot insert duplicate key in object ‘dbo.tblSchema’. The duplicate key value is…
This is by design, SQL does not support the storing of duplicate values in a database table.
WORKAROUND
1) Rename the duplicate attribute using ADSIEdit:
https://docs.microsoft.com/en-us/windows/desktop/ad/naming-attributes-and-classes
2) Or, deny read permissions to the service/domain management account for the duplicate attribute.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback 使用条款 隐私 Cookie Preference Center