Resolution
Directory and Resource Administrator 6.x
fact
Directory and Resource Administrator 7.x
symptom
Application log event ID 14081 occurs when trying to run an Account Cache Refresh.
symptom
Error: '...contents unsuccessfully loaded, hr=80072032=(An invalid dn syntax has been specified).'
symptom
The following event is written to the application log on the Directory and Resource Administrator server when trying to run an Account Cache Refresh.
Event Type: Error
Event Source: MCSAdminSvc
Event Category: AcctProvDomain
Event ID: 14081
Date: xx/xx/xxxx
Time: xx:xx:xx AM/PMUser: N/A
Computer: DRAserver\Description:
Domain Domain.com CNF:{GUID}(Domain_name) (Trusted,AD) (Scheduled accounts cache refresh) began at 2003-11-20 11:22:36 and ended at 2003-11-20 11:22:41, contents unsuccessfully loaded, hr=80072032=(An invalid dn syntax has been specified)
cause
This can be caused by an Active Directory replication collision on a domain object.
Directory and Resource Administrator (DRA) looks at the Active Directory System Container for the object type Trusted Domain when determining trusted domains. If there are replication collisions for the domain trusts, which are signified by objects with a CNF {GUID} name, then DRA enumerates these objects as an additional domain.
For example, you can have a trusted domain object in the System container called DomainA.com and a second object called DomainA.com CNF:fbab5550-f560-4a6e-bd72-056b2bfdac39(DomainA). DRA will try to bind to the domains with the CNF GUID in the path and hence return an invalid syntax error.
If there is a DNS domain in the System container suffixed with the CNF GUID, this is indicative of a replication collision in Active Directory for the domain object. The following article details name collisions in Active Directory:
http://support.microsoft.com/default.aspx?kbid=281485
fix
To resolve the issue, the replication collisions must be cleaned up.