On a multi DC (Windows 2003 – 2008) Active Directory, you may encounter the following NTDS event :
Active Directory failed to create an index for the following attribute.
A schema cache update will occur 5 minutes after the logging of this event and will attempt to create an index for the attribute.
-1403 JET_errIndexDuplicate, Index is already defined
This is probably caused by a recently added DC running Windows Server 2008, attempting to do a scheme update on the forest to add BitLocker Drive Encryption.
Unfortunately, this feature is not supported by Windows Server 2003.
Here is a workaround to solve this problem – First, find out which DC is propagating this policy (type the following in the command prompt) :
netdom query fsmo
Then, logon in the domain controller causing this and do the following :
– Start / Run; adsiedit.msc
– Open the Schema container and copy the container that contain the schema objects
– Then, click searchFlags and then Edit
– In the Integer Attribute Editor, change the value 27 to 25
– Repeat again step the three latest steps for msFVE-VolumeGuid objects.