Tuesday, February 21, 2017

Find CNF objects in Active Directory

When two or more objects with the same name are created in the same container on different domain controllers before replication occurs the conflict is resolved by renaming the object with the older timestamp.  The object will be renamed so that it includes "\0ACNF:[GUID]" in its DN.  These objects are referred to as conflict or CNF objects.  A domain controller will generate Event ID 12292 whenever a CNF object is created.

To find CNF objects and open the created file, run the following commands: 
dsquery * forestroot -gc -attr distinguishedName -scope subtree -filter "(|(cn=*\0ACNF:*)(ou=*OACNF:*))"  >   cnfobjects.txt
start cnfobjects.txt

No comments:

Post a Comment