none
Duplicate Name on Network

    Question

  • In December of 2012 we migrated from two Windows 2003 AD servers to two Windows 2012 AD servers.   With the two new servers one is a VM on a VMWare 5.1 host and the other is a physical server.  At the same time we also migrated from Exchange 2003 to Exchange 2010.  The new Exchange 2010 server is also a VM.

    Over the last month we have started to see the message “A duplicate name exists on the network” when users are logging onto their computer.  They can click ok on the message and still logon without issues.  About 95% of our windows PC are still XP SP3 and the other 5% are windows 7.  Either os gets the message at logon.

    So far the articles I’ve review on the Duplicate name message either don’t apply or have not helped with the issue.  We do not use a WINS server and dns was also moved to the two new AD’s.  Looking for idea’s to troubleshoot and resolve this issue.
    Wednesday, April 24, 2013 1:40 PM

Answers

  • Duplicates are difficult to produce, but it can happen. If an object with a duplicate distinguished name is created (duplicate RDN in the same parent container), the system mangles the duplicate almost immediately so it is no longer a duplicate. To check for all instances of duplicates that have been mangled, use this dsquery command on a DC:

    dsquery * -Filter "(cn=*CNF:*)" -Attr distinguishedName sAMAccountName

    If two objects have the same sAMAccountName (pre-Windows 2000 logon name) it can take an hour for the system to mangle one of the names. In this case, you cannot immediately tell what the original sAMAccountName was. Find all such mangled names using the following:

    dsquery * -Filter "(sAMAccountName=$duplicate*)" distinguishedName sAMAccountName

    I'm sure one of the duplicates will be mangled, but you could also search for users with the same value for cn or sAMAccountName. You may find more than one object with the same cn, but they should be in different parent OU/containers. You should not find duplicate sAMAccountNames.

    Or, is it possible the local workstation name is a duplicate?

    Documentation on duplicate object names here:

    http://social.technet.microsoft.com/wiki/contents/articles/15435.active-directory-duplicate-object-name-resolution.aspx


    Richard Mueller - MVP Directory Services

    Wednesday, April 24, 2013 5:53 PM

All replies

  • Duplicates are difficult to produce, but it can happen. If an object with a duplicate distinguished name is created (duplicate RDN in the same parent container), the system mangles the duplicate almost immediately so it is no longer a duplicate. To check for all instances of duplicates that have been mangled, use this dsquery command on a DC:

    dsquery * -Filter "(cn=*CNF:*)" -Attr distinguishedName sAMAccountName

    If two objects have the same sAMAccountName (pre-Windows 2000 logon name) it can take an hour for the system to mangle one of the names. In this case, you cannot immediately tell what the original sAMAccountName was. Find all such mangled names using the following:

    dsquery * -Filter "(sAMAccountName=$duplicate*)" distinguishedName sAMAccountName

    I'm sure one of the duplicates will be mangled, but you could also search for users with the same value for cn or sAMAccountName. You may find more than one object with the same cn, but they should be in different parent OU/containers. You should not find duplicate sAMAccountNames.

    Or, is it possible the local workstation name is a duplicate?

    Documentation on duplicate object names here:

    http://social.technet.microsoft.com/wiki/contents/articles/15435.active-directory-duplicate-object-name-resolution.aspx


    Richard Mueller - MVP Directory Services

    Wednesday, April 24, 2013 5:53 PM
  • Richard,

    Thank you for your resonse.  I didn't find any duplicates using either of these query's.  I'm confident the workstation name has not been duplicated on the network because we have not been adding any new equipment and this is randomly occuring on machines that have beed inplace for years. 

    Both servers are DHCP setup as DHCP servers and configured for failover.  I found that they were not communicating so I removed the failover partnership and recreated the relationship but this didn't fix the issue.  I didn't think this was the problem because I've had a few machine's with static ip's also have the duplicate name message pop-up but I thought is was worth a try

    Still looking.

    Thursday, May 02, 2013 7:26 PM