In this example, a naming conflict was encountered when the replica attempted to replay an ADD of uid=user.200,ou=people,dc=example,dc=com. Because of this conflict, the server returns a replication conflict message. See the following example message.
[18/Feb/2010:14:53:12 -0600] category=EXTENSIONS severity=SEVERE_ERROR 
msgID=1880359005 msg="Administrative alert type=replication-unresolved-conflict 
msg='An unresolved conflict was detected for DN uid=user.200,ou=People,dc=example,dc=com. 
The conflicting entry has been renamed to 

The server prepends the entryUUID to the DN of the conflicting attribute and adds a ds-sync-conflict-entry auxiliary object class to the entry to aid in search.

To resolve the conflict:

  1. Search for any entry that has the ds-sync-conflict-entry objectclass and returns only the DNs that match the filter.
    $ bin/ldapsearch --baseDN dc=example,dc=com --searchScope sub \
      "(objectclass=ds-sync-conflict-entry)" "1.1"
    The search results display the conflicting entry for uid=user.200.
    dn: entryuuid=69807e3d-ab27-43a3-8759-ec0d8d6b3107+uid=user.200,ou=People,dc=example,dc=com
    dn: entryuuid=523c430e-a870-4ebe-90f8-9cd811946420+uid=user.200,ou=People,dc=example,dc=com

    Conflict entries are not returned unless the objectclass=ds-sync-conflict-entry is present in the search filter.

  2. Compare the conflict entry with the target entry.
  3. Apply the difference in two ways:
    • Use the ldapmodify tool with the Replication Repair Control.

      You can also delete the conflict entry using this command.

    • Run bin/ldapmodify with the Replication Repair Control to make the fix.

    When making changes using the Replication Repair Control, the updates are not propagated through replication. Examine each replica individually, and apply the necessary modifications using the request control.

    $ bin/ldapmodify -J "" \
      --filename difference.ldif