Microsoft KB Archive/910935

= Some of the Lotus Notes contacts in Active Directory are removed when the DirSync process is interrupted in Exchange Server 2003 =

Article ID: 910935

Article Last Modified on 10/25/2007

-

APPLIES TO


 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition

-





SYMPTOMS
Consider the following scenario. You use Microsoft Exchange Connector for Lotus Notes to connect a Lotus Notes organization and a Microsoft Exchange Server 2003 organization. You use Directory Synchronization (DirSync) services to fully reload a Notes-to-Exchange DirSync process. You experience a network failure that causes the DirSync process to be interrupted. In this scenario, some of the Lotus Notes contacts in Active Directory are removed. In some cases, most of the Lotus Notes contacts are removed.

Additionally, if the Lotus Notes contacts that are removed from Active Directory also belong to distribution lists, the Lotus Notes contacts are also removed from the distribution lists.



CAUSE
This problem occurs because a temporary file that contains partial data is imported into Active Directory when the DirSync process is interrupted.



WORKAROUND
To work around this problem, you must force a full reload of the Notes Name and Address book to Active Directory. To do this, right-click the Connector for Lotus Notes. On the DirSync tab, click to select the Full Reload from Notes to Exchange check box.

Before you try to recover the distribution group membership, you must back up the distribution group by using one of the following methods:
 * programmatically
 * using the Idifde.exe utility

The Idifde.exe utility is included with Microsoft Windows Server 2000. You can use the ldifde.exe utility to export the member attribute of a distribution group. The member attribute contains the distinguished names of all the members of the group.

The following is an example of using the ldifde.exe utility to back up a distribution group.

The export mode in the ldifde.exe utility is in the following form:

ldifde –f fileName.ldf –d “distinguishedNameOfDistributionList”

To see the complete syntax of the ldifde.exe utility, type ldifde.exe at a command prompt.

C:\>ldifde -f dgMember.ldf -d &quot;CN=DG1,OU=Exchange Users,Dc=microsoft,dc=com&quot; Connecting to &quot;XO2.microsoft.com&quot; Logging in as current user using SSPI Exporting directory to file dgMember.ldf Searching for entries... Writing out entries. 1 entries exported The command has completed successfully Then, type filename.ldf at a command prompt. Now, the attributes of the distribution group that were entered in the ldifde.exe utility query appear as in the following example. The attribute of interest is a member. Note that the member is listed multiple times. This is typical behavior for multivalued attributes that are exported with the ldifde.exe utility.

C:\>type dgMember.ldf dn: CN=DG1,OU=Exchange Users,Dc=microsoft,dc=com changetype: add objectClass: top objectClass: group cn: DG1 member: CN=Third User,OU=Exchange Users,Dc=microsoft,dc=com member: CN=Second User,OU=Exchange Users,Dc=microsoft,dc=com member: CN=Exchange Administrator,OU=Exchange Users,Dc=microsoft,dc=com distinguishedName: CN=DG1,OU=Exchange Users,Dc=microsoft,dc=com instanceType: 4 whenCreated: 20060717222030.0Z whenChanged: 20060718144415.0Z displayName: DG1 uSNCreated: 106518 uSNChanged: 106573 reportToOriginator: TRUE mailNickname: DG1 name: DG1 objectGUID:: MDsuDnbj6kCFUSriivl6ig== objectSid:: AQUAAAAAAAUVAAAAGsgXcsQT/V0GKS0XVwQAAA== sAMAccountName: DG1 sAMAccountType: 268435457 legacyExchangeDN: /o=Viz/ou=First Administrative Group/cn=Recipients/cn=DG1 groupType: 2 objectCategory: CN=Group,CN=Schema,CN=Configuration,Dc=microsoft,dc=com To convert the output file of the ldifde.exe utility to an import format, follow these steps:   First, use the Find.exe file to filter out the member attribute of the export file. To do this, type the following at a command prompt:

C:\>find /i &quot;member&quot; dgMember.ldf >dgImport.ldf

After you enter the previous command, you receive a filtered file. The following is an example of the contents of a filtered file: i.     Type dgImport.ldf - DGMEMBER.LDF member: CN=Third User,OU=Exchange Users,Dc=microsoft,dc=com member: CN=Second User,OU=Exchange Users,Dc=microsoft,dc=com member: CN=Exchange Administrator,OU=Exchange Users,Dc=microsoft,dc=com A valid ldifde.exe import file has the following form:

dn: distinguished name of the object changetype: modify add: member member: distinguished name of user to be added to distribution group -

  Make the dbImport.ldf valid, by editing the file as follows:  Delete the line that contains &quot;-- DGMEMBER.LDF.&quot; Type dn:distinguished name of the object as the first line. Type changetype: modify as the second line. Type add: member as the third line.</li> Skip all the member: lines.</li> Type a hyphen (-) followed by a carriage return line feed as the last line in the file.</li></ol>

In the following example, the DbImport.ldf file contains the following string: dn: CN=DG1,OU=Exchange Users,Dc=microsoft,dc=com changetype: modify add: member member: CN=Third User,OU=Exchange Users,Dc=microsoft,dc=com member: CN=Second User,OU=Exchange Users,Dc=microsoft,dc=com member: CN=Exchange Administrator,OU=Exchange Users,Dc=microsoft,dc=com - </li>  Use the ldifde.exe utility to import the modified file to Active Directory. After you perform this action, the distribution group membership is restored. The administrator who is running the ldifde.exe utility must have write permissions to the group object to restore the member list.

To do this, type the following command at a command prompt:

Ldifde –I importFileName.ldf

The following code is an example of the results that you receive after you use the ldifde.exe utility to import the modified file to Active Directory: Connecting to &quot;XO2.microsoft.com&quot; Logging in as current user using SSPI Importing directory from file &quot;dgMember.ldf&quot; Loading entries.. 1 entry modified successfully.

The command has completed successfully In this example, the distribution group membership restoration is completed. </li></ol>

<div class="status_section">

STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

Additional query words: XADM XCCC

Keywords: kbtshoot KB910935

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.