1. In this example, a naming conflict was encountered when the replica attempted to replay an ADD of uid=user.200,ou=people,dc=example,dc=com. In other words, two clients added the entry at the same time as an entry of the same name was added on another replica.
    [18/Feb/2010:14:53:12 -0600] category=EXTENSIONS severity=SEVERE_ERROR 
    msgID=1880359005 msg="Administrative alert type=replication-unresolved-conflict 
    msg='An unresolved conflict was detected for DN uid=user.200,ou=People,dc=example,dc=com. 
    The conflicting entry has been renamed to 
  2. The Directory Server prepends the entryUUID to the DN of the conflicting attribute and adds a ds-sync-conflict-entry auxiliary object class to the entry to aid in search. For example, the following command searches for any entry that has the ds-sync-conflict-entry objectclass and returns only the DNs that match the filter. You should see the conflicting entry for uid=user.200.
    $ bin/ldapsearch --baseDN dc=example,dc=com --searchScope sub \
      "(objectclass=ds-sync-conflict-entry)" "1.1"
    dn: entryuuid=69807e3d-ab27-43a3-8759-ec0d8d6b3107+uid=user.200,ou=People,dc=example,dc=com
    dn: entryuuid=523c430e-a870-4ebe-90f8-9cd811946420+uid=user.200,ou=People,dc=example,dc=com
    Note: Conflict entries are not returned unless the objectclass=ds-sync-conflict-entry is present in the search filter.
  3. After comparing the conflict entry with the target entry, the difference can be applied in a manner similar to the previous example using ldapmodify with the Replication Repair Control. The conflict entry can also be deleted using this command. Run bin/ldapmodify with the Replication Repair Control to make the fix. When making changes using the Replication Repair Control, the updates will not be propagated via replication. You should examine each and every replica one by one, and apply the necessary modifications using the request control.
    $ bin/ldapmodify -J "" \
      --filename difference.ldif